^

Capabilities

Capabilities

Coding standards compliance for embedded systems

In any high-level language, there are hundreds of instructions and constructs. Some of them are very easy to get wrong (especially in C and C++) and their incorrect use can lead to problems. Coding standards (also known as language subsets) were introduced to disallow the use of those error-prone functions and hence make the resulting code more likely to be error free. In short, they help developers write better, more reliable code.

What are the benefits of enforcing coding standards in embedded software?

All coding standards consist of rules and guidelines each of which supports an underlying set of guiding principles. Different coding standards have different primary aims, and so the benefits can differ between them. However, because they are all focused on embedded programming best practices, there is more commonality than difference.

In general, they promote:

  • improved maintainability and portability of embedded software
  • safe code (where an appropriate standard is used, such as those developed by MISRA or Barr)
  • secure code (where an appropriate standard is used, such as those developed by MISRA or Cert)
  • code that is uniform in appearance, aiding readability and maintainability
  • code that is reliable, that can be tested to demonstrate its reliability
  • code that is no more complex than it needs to be
  • code that is portable and easy to reuse
  • the use of sound programming practices, helping to develop programmer skills

Irrespective of programming language, most standards focus on practical rules relating to all aspects of the software developers’ work – syntax, semantics, data types, header file use, and so on.

These benefits are reflected in the fact that most safety-critical embedded system developers are required to use them, including practitioners in military and aerospace applications.

What does it mean to be coding standard compliant?

Being coding standard compliant means that the source code of a software project adheres to a specific set of rules, guidelines, and conventions outlined in a coding standard. Some coding standards and guidelines have documented processes that dictate precisely what constitutes compliance, as exemplified by the MISRA Compliance:2020 document.

Test standards for embedded systems: coding standards versus process standards

The world of critical embedded software systems is a maze of standards with their confusing names and numbers. Even more confusingly, several of these groups of standards are called different things by different people.

To clarify where coding standards fit, it is useful to consider their relationship with “process standards”. Process standards are lengthy documents full of guidelines and rules that dictate how to go about writing embedded software so that errors are minimized. The more critical the application, the more demanding the rules to be followed.

Most of those process standards are concerned with functional safety (including DO178C, IEC 61508, ISO 26262, IEC 62304, EN 50128…)  Increasingly these standards are being complemented by cybersecurity standards, so that (for example) ISO/SAE 21434 complements the automotive functional safety standard ISO 26262.

Most process standards require that coding standards are to be used.

What are coding rules, guidelines, directives, recommendations…?

Coding standards consist of a collection of rules that developers are intended to follow – or to justify why they are not doing so. For example, consider C coding standards for embedded systems. MISRA C consists of a set of “guidelines” that are classified as being either “rules” or “directives”. CERT C includes “rules” and “recommendations”, and BARR group Embedded C Coding Standard consists of different “rule” groupings…

Although this differing terminology can be confusing, the principles they encompass are similar in that rules are classified to help guide their use with respect to matters such as

  • whether they can be checked automatically,
  • whether they are advisory or essential,
  • how non-adherence is to be justified and documented.

Popular C and C++ coding standards (or “programming standards”)

The C and C++ languages are popular amongst embedded system developers because they are flexible, high performance, and allow easy access to the hardware.

However, these same attributes also make the use of these languages susceptible to error for the unwary. And both languages are known for their “gotchas” in the form of undefined, unspecified, and implementation-defined behaviour that can introduce errors or vulnerabilities – especially when portability is important.

There are several established standards which vary in popularity according to both geography and industrial sector. There is also ample opportunity to tune any one or a combination of them to in-house requirements.

Some standards are focused on either security, or safety. Others, like MISRA, cover both perspectives.

Popular C coding standards and coding guidelines for C

  • MISRA C
    The MISRA C Guidelines define a subset of the C language in which the opportunity to make mistakes is either removed or reduced. The MISRA C Guidelines document is often colloquially known as the MISRA C coding standard.
  • CERT C
    SEI CERT C, often simply referred to as CERT C, is a set of secure coding standards for the C programming language.
  • BARR-C
    In its latest version, BARR-C it is a style guide specifically designed to reduce the number of bugs in embedded software, while improving its maintainability and portability. It is now designed to complement and supplement the MISRA C language subset.
  • JPL Institutional Coding Standard for the C Programming Language
    A coding standard once used by the Jet Propulsion Laboratory (JPL), which is a federally funded research and development center and NASA field center. Also known as the JPL C coding standard.

Popular C++ coding standards and coding guidelines for C++

  • MISRA C++
    The MISRA C++ Guidelines define a subset of the C++ language in which the opportunity to make mistakes is either removed or reduced. The MISRA C++ Guidelines document is often colloquially known as the MISRA C++ coding standard.
  • CERT C++
    SEI CERT C++, often simply referred to as CERT C++, is a set of secure coding standards for the C++ programming language.
  • AUTOSAR C++
    The AUTOSAR document, “Guidelines for the use of the C++14 language in critical and safety-related systems” (AUTOSAR C++14) was designed as an addendum to MISRA C++:2008. Both documents have now been superseded by MISRA C++:2023
  • Joint Strike Fighter Air Vehicle C++
    A specific coding standard that is used in the context of the Joint Strike Fighter (JSF) Air Vehicle project. Also known as JSF AV C++, JSF++, and the JSF C++ coding standard.

Coding standard compliance analysis tools for embedded systems from LDRA

A common way to improve the consistency and overall quality of code is to assess it against industry- or company-defined standards. Such an approach makes it easy to maintain code because deficiencies can be quickly identified and corrected. Although compliance could be achieved through manual peer reviews, such a process is time-consuming and prone to error.

For many companies, coding standards compliance usually starts either with guidelines and rules developed in-house or with widely accepted rules from standards such as MISRA or CERT. Often in-house rules are combined with industry-standard rules to form a corporate standard that is appropriate for the needs of the organization.
LDRA have provided class-leading solutions for security and safety coding standards compliance for almost half a century. Our current offerings include: 

  • The TBvision component of the LDRA tool suite simplifies the enforcement of coding standards improving the overall consistency and quality of the code. TBvision helps development teams develop and enforce the coding standard that is right for them – whether it consists of in-house best practices, industry coding standards, or a combination of both. Examples of supported standards include MISRA C, MISRA C++, CERT C, CERT C++, CERT Java, BARR-C, and JSF++ AV.
  • LDRArules provides a cost-effective, stand-alone rules checker that offers a similar level of analysis but lacks the flexibility of an interface to the complete tool chain.

LDRA’s code visualization identifies exactly where the source code deviates from the standard so it can be rapidly addressed. While many rules checking tools are created equally (because they’re based on the same commercial third-party parsing engine), LDRA’s in-house parsing technology enables rapid response to variations in languages and language constructs. And a long involvement in standards organisations such as MISRA allows LDRA to be ready for new coding standards upon their release.

LDRA’s coding standards compliance tools allow developers to combine standards and define appropriate rule subsets, select individual rules, and add their own. Within the tool, it is easy to check for coding standards compliance to any single standard or combination of standards or subsets. When working with a legacy code base, it is even possible to check the compliance of a single code base with multiple standards to compare how the code fulfils each of them, and see how code might best be adapted to conform to one of them.

Additional information and training materials

Coding standard pdf free downloads

Coding standard further information

FREE 30 Day
TRIAL

Email Us

Email: info@ldra.com

Call Us

EMEA: +44 (0)151 649 9300

USA: +1 (855) 855 5372

INDIA: +91 80 4080 8707

Connect with LDRA