With recent advances in automation, software is no longer a small part of electro-mechanical systems, but instead forms the underlying technology providing functional safety for many products. By Shrikant Satyanarayan, Technical Consultant with LDRA, in India, specialising in the development, integration and certification of mission- and safety-critical systems in avionics, nuclear, industrial safety and automotive domains.
Software analysis tool company, LDRA have announced that they will be giving away a copy of the MISRA C:2012 guidelines at each of their ½ day technical workshops during the UK Device Developers’ Conference.
The Device Developers' Conference is a one-day event for developers of intelligent systems and devices, taking place in Bristol, Cambridge and Manchester during 14th – 22nd May.
The security of networked embedded devices is becoming a major concern. The adoption of networking in embedded systems is widespread and includes everything from domestic audio/video systems to supervisory control and data acquisition (SCADA) systems. Users are generally aware that viruses, worms and malware are attempting to infiltrate their personal computers, but many are oblivious to the fact that the devices and infrastructure they have come to rely on in their everyday lives are also coming under similar attack. Systems need to be hardened so that they are impervious to attack without relying on the user “doing the right thing” to protect them.
C is a very malleable language that allows developers a high degree of flexibility. The downside is that many allowed practices can result in unstructured, hard- to-maintain or faulty code that permits memory overwrites, mismatched types and so forth.
MISRA C consists of a list of rules that help developers adhere only to safe coding practices for the C language. For example, it prevents practices that are easy to get wrong or for which the resulting behaviour is undefined. In theory, checking for MISRA compliance can be done manually, but it is more practical to automate the process using a software tool.
When it comes to medical applications, high-quality software is a must. For C programmers working on safety-critical applications, however, restrictions and guidelines to ensure safe coding practices can be painful. Features of the language that are designed to make work easier or more efficient, or that provide work-arounds for obstacles, often are the very features that the guidelines disallow.
If your product doesn’t need to meet a specific industry or international process standard—such as those for safety-critical software in avionics, defense, or medical applications—why would you consider a coding standard? After all, coding standards such as MISRA, CERT C, CWE, and the Embedded C Coding Standard may prevent you from using C or C++ features that are designed to make your work easier or more efficient, or that provide work-arounds for obstacles.
In the good old days, before writing software became “software engineering,” code development was a black art practiced by weird nerdy kids straight out of college. For them, coding was by no means a structured discipline. If you managed to get them to communicate, they might tell you that they were hacking code together and using ad hoc test data to see whether it did what it was supposed to do when they executed it.
MISRA C:2012: Plenty Of Good Reasons To Change. For C programmers working on safety-critical applications, restrictions and guidelines to ensure safe coding practices can be painful. Features of the language that are designed to make your work easier or more efficient, or that provide work-arounds for obstacles, are often just the features that the guidelines disallow.
MISRA C was first published in 1998 (MISRA C:1998) to provide a "restricted subset of a standardised structured language" for automotive systems. The adoption of MISRA C in an unexpectedly wide range of industrial sectors far exceeded the original expectations, and after extensive feedback, a revision (MISRA-C:2004) was published that addressed a number of issues highlighted in use.
Software plays an increasingly important role in the development of many critical projects, whether in avionics, nuclear power stations, cars, trains, or medical devices. When the cost of a software failure is great, it becomes more important to ensure that the software functions as expected and is safe.