MISRA C: Gaining Importance With the Rise of Virtualization

?MISRA C is a set of software development guidelines for the C programming language developed by the MISRA (Motor Industry Software Reliability Association) Consortium.

The objective of MISRA C is to facilitate code safety, security, portability and reliability in the context of embedded systems, specifically those systems programmed in ISO C / C90 / C99.?

In the guidance, Rule 1.3 ("There shall be no occurrence of undefined or critical unspecified behavior.") and Directive 4.1 ("Run-time failures shall be minimized.") are of particular importance. Many of the most serious bugs in C arise from undefined behavior, such as:

• Buffer overruns and underruns
• Invalid pointer direction
• Double close
• Data races
• Division by zero
• Use of uninitialized memory

Consequently, MISRA C recommends the use of an automated static analysis tool to find violations of the standard. But keep in mind that all tools are not created equal, however, and some can only reason about superficial syntactic properties of the code. More advanced tools have deep semantic knowledge of the entire program.

To this end, experts in this are avoid lightweight static analysis tools, which can find syntactic violations but are generally not capable of finding the deeper defects. A clean report from a lightweight tool can give you a false sense of security because it will miss serious defects.

While MISRA was originally specific to the C programming language, MISRA has added a coding standard for C++.

Complying with MISRA is important for many development teams today, especially as virtualization rises.?

Experts say it’s important to understand the steps that lead to MISRA compliance. This includes knowing the rules and checking your code constantly. Another step involves setting baselines.

Setting baselines is crucial because embedded systems come with legacy codebases. By setting baselines, you can focus on making sure your new code is compliant.

It’s also necessary to prioritize violations based on risk. In actuality you could have hundreds or even thousands of violations in your code. Therefore it’s important to prioritize rule violations based on risk severity. Some static code analysis tools can do this for you.

Want to learn more? Tonex offers MISRA-C Training, a two-day course designed for C programmers, engineers and managers working on safety-critical applications?for automotive, medical, military, aerospace, avionics, or other life-critical applications.

Additionally, MISRA-C training covers the MISRA C:2012 guidelines to ensure safe coding practices can be achieved efficiently.?

For more information, questions, comments, contact us.