MISRA C 2012 takes on automotive and safety-critical software apps - Embedded.com

MISRA C 2012 takes on automotive and safety-critical software apps

As software increasingly takes safety-critical decisions in vehicles guidelines for software safety are becoming essential. The MISRA C standard is one of them. The 2012 update of MISRA C has just been made available and this article provides an update and summary of what has changed.

First published in 1998, MISRA C provided some much-needed guidance to engineers, who often had limited experience in software engineering, at a time when software reliability was becoming a critical issue. In the beginning, it was a modest initiative within the UK motor industry, but it rapidly developed into a de facto standard in software quality.

Today, MISRA C:2004 is in use in nearly every area of the automotive industry where software is being developed. It is also present in safety critical applications in almost every industry throughout the world; defense, aerospace, railways, nuclear and process industries as well as commercial applications. In fact everywhere robust code is a critical necessity.

So, with MISRA C now the most widely used coding standard for the C language, why did MISRA decide to develop a new version? There were several reasons: support for C99, responding to user feedback and an acknowledgement that improvements could be made.

So what are the key differences compared to the previous version?

1.     The language: C has continued to evolve and support is now provided for C99 as well as the C90 standard.
2.     Rule classification: The addition of a new mandatory rule class
3.     Rule compliance and enforceability: enhancements to ensure, that wherever possible, rules are amenable to automatic enforcement.
4.    Improved rule definition: More rigorous definitions with comprehensive explanations and rationales.

Support for C99

The C language shows no signs of relinquishing its popularity and continues to be heavily used in safety critical software development where reliability is a prime concern.

Back in 2004, there were few compilers and tools that supported C99 and therefore a decision was made to retain a commitment to C90, albeit a conservative approach.

Today, the world has moved on, and despite reservations about the wisdom of certain developments in C99, it was decided at the outset of the project, that MISRA C:2012 should no longer stipulate conformance to C90.

The C99 language standard added some useful new features to the language, such as inline functions and type _Bool, but unfortunately it also introduced a range of new hazards. So 11 new rules have been introduced to curtail the usage of some potentially dangerous C99 language features.

To read more, go to Rule classification.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.