Standards Compliance

Standards Compliance

The MISRA Guidelines – what they are, where they came from, and how they help

The MISRA consortium has been in existence for 25 years, initially as a collaboration between the Ford and Rover motor companies who decided to combine their efforts to create a create a C language subset – or coding standard, as they are known colloquially. MISRA C and MISRA C++ have since gone on to become reference standards for developments using the two programming languages in many industries whether safety is the primary consideration, or not. They are equally useful for code that has a requirement to be secure.

LDRA have been active contributors to the MISRA working groups since shortly after their inception. Support for MISRA coding guidelines in LDRA’s tools has always reflected that commitment, and continues to do so today.

What is MISRA?

The MISRA consortium consists of a group of likeminded individuals. As a collective, they provide guidelines for developing software associated with safety- and security-related electronic systems, and standalone software. Compliance with MISRA Guidelines helps developers to produce code that is robust, maintainable, and more portable.

Working group members are now drawn from industries and consultants across the safety-related embedded systems world, including the automotive sector. LDRA have active representatives on several of those working groups, including the chairpersons of MISRA C and MISRA C++ working groups.

What does MISRA stand for? What is the MISRA full form?

The MISRA full form was originally the “Motor Industry Software Reliability Association”. That expansion is no longer used because “MISRA” no longer implies “automotive industry”. MISRA Guidelines are used in many other sectors too, and so the “Motor Industry” part of the acronym has become misleading over time.

What is LDRA’s MISRA expertise?

The thread that runs through all LDRA tool, service, and consultancy offerings is the firm belief that well-written software is safer, more secure, and more reliable. That simple premise aligns perfectly with MISRA’s stated aim of “providing best practice guidelines for the safe and secure application of both embedded control systems and standalone software.”

It is that commonality of purpose that has driven LDRA to be part of MISRA for almost 25 years. The mutual benefit is that MISRA gains from LDRA’s long-standing expertise in the field, and LDRA can deliver up-to-the-minute support for MISRA that is second to none.

That tradition continues up until today. Andrew Banks and Chris Tapp are both Technical Specialists with LDRA, and both are also long standing members of the MISRA working groups.

• Andrew has been involved with MISRA since 2007 and has been Chairman of the MISRA C Working Group since early 2013.
• Chris has been involved with MISRA since 2001 and is currently chairman of the MISRA C++ working group and an active member of the MISRA C working group.

Their ongoing efforts continue a proud LDRA tradition of not only supporting the industry but leading it, too.

Andrew Banks

Chris Tapp

What are MISRA Standards?

The answer to this question is very clear. There is no such thing! MISRA themselves never call their documents “Standards”, and only ever refer to them as “Guidelines” or “Coding guidelines”. That said, many people do refer to them as standards, perhaps because they are part of a group of documents that are generally referred to as coding standards.

What are MISRA Guidelines?

  • The MISRA C and MISRA C++ documents consist of several rules and directives, collectively known as guidelines. Every rule is a guideline, and every directive is a guideline.
  • The MISRA C++ and MISRA C documents use the term “The Guidelines” as a collective term for the rules and directives within the document.
  • The MISRA Compliance document states “The MISRA language documents (“The Guidelines”) are compilations of guidelines for coding in the C and C++ languages”.

The terms “Guidelines” or “Coding guidelines” can therefore refer to both MISRA C and C++ documents, one of those documents, or two or more of the rules and/or directives contained within those documents.

Although this may seem confusing, the context of the use of the word usually makes the meaning clear.

How do MISRA Guidelines help?

Compliance with MISRA Guidelines helps to:

  • improve portability through the avoidance of compiler- or platform-specific constructs
  • avoid unexpected application behaviour
  • avoid unspecified and undefined behaviour
  • identify unreachable or infeasible code which often suggests a defect and a potential security vulnerability
  • reduce unsafe and insecure coding practices by prohibiting certain language constructs
  • measurably reduce program complexity
  • improve program testability
  • ease compliance with functional safety and security standards

Who uses MISRA Guidelines?

Historically, most embedded developers leveraging these coding guidelines have done so as part of a safety critical development process, but they are equally applicable to other critical work – particularly where security is important.

MISRA’s name no longer includes reference to the automotive industry, reflecting the fact that MISRA has gained acceptance in many other sectors including aerospace, medical devices, financial, IoT, and industrial control systems (IIoT).

For example, companies from the industrial & energy, medical device, and automotive sectors have all used  LDRA MISRA checkers to ensure that the Guidelines are complied with.

What are MISRA rules?

  • Each MISRA C guideline is classed as either a “rule” or a “directive”. A rule is a guideline for which a complete description of the requirement has been provided. It should be possible to check that source code complies with a rule without needing more information, and for static analysis tools to check those rules (subject to some provisos).
  • Every MISRA C++ guideline is classified as a “rule”. The distinction between “rules” and “directives” does not exist in MISRA C++.

What are MISRA directives?

  • Each MISRA C guideline is classed as either a “rule” or a “directive”. A directive is a guideline for which it is not possible to provide the full description necessary to perform a check for compliance.
  • Every MISRA C++ guideline is classified as a “rule”. The distinction between “rules” and “directives” does not exist in MISRA C++.

How many rules and directives are there in the MISRA Guidelines?

The number of rules and directives for each language varies in each edition. As an example, MISRA C:2012 (Third Edition, First Revision) includes 175 rules of which 16 are classified as Mandatory, 120 are Required, and 39 are Advisory.

Complete compliance matrices are available for MISRA C and MISRA C++.They detail all the coding rules, and which ones are supported by LDRA’s MISRA C tools and MISRA C++ tools respectively.

What is MISRA AC?

The MISRA AC documents deal with the application of MISRA Guidelines to Automatically generated Code.

MISRA AC AGC “Guidelines for the application of MISRA-C:2004 in the context of automatic code generation” was the core document in a set of five and was complementary to MISRA‑C:2004. Its guidance was integrated into the MISRA C Guidelines from MISRA C:2012 onwards.

The remaining four documents are therefore complementary to MISRA C:2012. They are not language specific because they are focused on the model rather than the code generated from it:

  • MISRA AC INT Introduction
  • MISRA AC GMG Generic modelling design and style guidelines
  • MISRA AC SLSF Modelling design and style guidelines for the application of Simulink and Stateflow
  • MISRA AC TL Modelling style guidelines for the application of TargetLink in the context of automatic code generation

The MISRA C and MISRA C++ timeline

This timeline illustrates how the MISRA guidelines have evolved to meet the changing needs of developers.

April 1988MISRA C:1998 “Guidelines for the use of the C language in vehicle based software” is released to target the C90 version of the C language.
October 2004MISRA-C:2004 “Guidelines for the use of the C language in critical systems” is released to address the feedback from engineers using the original version. The new title reflects the widespread uses of the document across various sectors.
June 2008MISRA C++:2008 “Guidelines for the use of the C++ language in critical systems” is released, recognizing the growing use of C++ in critical applications.
February 2013MISRA C:2012 “Guidelines for the use of the C language in critical systems” is released to address the later C99 version of the C language, while retaining backward compatibility with C90
April 2016MISRA C:2012 – Amendment 1 “Additional Security Guidelines” is released as a free download. It details fourteen new security guidelines to be used in conjunction with the main document.
June 2017MISRA C:2012 –Technical Corrigendum 1 “Technical clarification of MISRA C:2012” is released. It addresses issues raised since the publication of the main document and is supplemental to it.
February 2019MISRA C:2012 “Guidelines for the use of the C language in critical systems” is released in updated form to collate the contents of the original MISRA C:2012 document, Amendment 1, and Technical Corrigendum 1.
February 2020MISRA C:2012 – Amendment 2 “Updates for ISO/IEC 9899:2011/18 Core functionality” is released. It deals with the undefined, unspecified and implementation defined behaviours within C11 & C18.
March 2022MISRA C:2012 – Technical Corrigendum 2 “Technical clarification of MISRA C:2012” is released. It addresses issues raised since the publication of the third edition, first revision and is supplemental to it.
November 2022MISRA C:2012 – Amendment 3 “Updates for ISO/IEC 9899:2011/2018 Phase 2 — New C11/C18 features” is released. It deals with the new C11 & C18 features.
March 2023MISRA C:2012 – Amendment 4 “Updates for ISO/IEC 9899:2011/2018 Phase 3 — Multi-threading and Atomics” is released. It specifies rules and directives for multithreading and atomic types and acts on feedback to clarify some existing guidance.
April 2023MISRA C:2023 “Guidelines for the use of the C language in critical systems” is released. It collates the contents of MISRA C:2012 along with its subsequent amendments and technical corrigenda.

What is new from MISRA?

March 2023 sees the introduction of MISRA C:2012 Amendment 4 (AMD4). It specifies rules and directives for multithreading and atomic types as well as clarifications on existing guidance to better align with how developers use the C language today.

It also sees the announcement of MISRA C:2023. This consolidates the previous versions of the guidelines, amendments (including AMD4), and addenda into a single, comprehensive edition to facilitate compliance.

LDRA continues its tradition of up-to-date support for MISRA guidelines with the addition of MISRA C:2023 to the static code analysis and reporting capabilities of its LDRA tool suite.

What is next from MISRA?

Following an announcement in January 2019, work is ongoing to merge the MISRA and AUTOSAR C++ guidelines to develop a single “go to” language subset for use with safety-related C++ development processes. The resulting integrated MISRA–AUTOSAR C++ rule set published by MISRA will deliver a unified document with a common set of rules. It will remain applicable to the automotive sectors and other sectors alike, and will be fully supported by LDRA.

How can LDRA help with MISRA compliance?

The ability to statically analyse software efficiently with reference to MISRA Guidelines delivers tangible benefits to development teams in terms of code quality, consistency, and reduced time-to-deployment. Help is available from LDRA in the form of consultancy, training, and the MISRA tools (sometimes called “MISRA checkers”) found in the LDRA tool suite and LDRArules.

What is a MISRA checker?

There are many rules in the MISRA Guidelines. In theory it might be possible to check by inspection that they have all been implemented, but that would be a highly skilled, labour-intensive, and error-prone job. MISRA checkers such as those provided by LDRA automate that process by means of static analysis.

What can LDRA static analysis find?

Static analysis can be used to ensure MISRA compliance as code is developed, and automatically applied during unit, system, or integration test to ensure that compliance achieved at the outset is not compromised throughout the development processes associated with the software development life cycle. All versions of the MISRA rules are completely integrated into LDRA tools for efficient MISRA checking within a familiar development environment.

LDRA static analysis tools locate and highlight areas of non-conformant code to aid documentation and modification. Extensive reports and graphical displays enhance understanding of the source code, facilitating improvements in testability, understandability, and maintainability in line with MISRA rules. LDRA static analysis tools also facilitates structural coverage analysis to ensure that software “testedness” is measured and maintained, as recommended by the MISRA Guidelines.

MISRA rules compliance tools from LDRA

  • The LDRA tool suite automates source code checking for conformance to any version of the MISRA language subsets.
  • The TBvision component of the LDRA tool suite automates source code checking. It includes checks for conformance to most of the rules specified by MISRA language subsets.
  • LDRArules is a cost-effective, stand-alone rules checker independent from the LDRA tool suite. It includes checks for conformance to most of the rules specified by MISRA language subsets.
  • The TBmisra module supplements TBvision or LDRArules to provide checking and reporting against a full set of MISRA rules as detailed in the LDRA compliance matrices.
  • The TBexclude supplementary module provides for the efficient management of justified rule violations.

LDRA MISRA C training courses

The pool of expertise that has developed LDRA’s tools for over 45 years and helps guide MISRA and other standards committees around the globe is now accessible to delegates from across the critical embedded application sectors.

LDRA has been a leader in software verification and requirements traceability tools for safety- and security-critical application development since 1975. LDRA’s experience and expertise helps guide standards committees across the world, and that same depth of knowledge provides outstanding learning opportunities for delegates across the critical embedded application sectors.

With training courses in MISRA C up to and including MISRA C:2023, LDRA’s tutors can help forge a path to help delegates to develop safe, secure, compliant application code.

Further reading

MISRA free PDF downloads

MISRA further information

MISRA compliance matrices

FREE 30 Day

Email Us

Email: info@ldra.com

Call Us

EMEA: +44 (0)151 649 9300

USA: +1 (855) 855 5372

INDIA: +91 80 4080 8707

Connect with LDRA