MISRA C: Difference between revisions

MISRA C is a software development standard for the C programming language developed by MISRA (Motor Industry Software Reliability Association). Its aims are to facilitate code safety, portability and reliability in the context of embedded systems, specifically those systems programmed in ISO C. There is also a set of guidelines for MISRA C++.

However, there are now more MISRA users outside of the automotive industry than in it: "MISRA has evolved as a widely accepted model for best practices by leading developers in sectors including aerospace, telecom, medical devices, defense, railway, and others." ^[1][2][3]

The first edition of the MISRA C standard, "Guidelines for the use of the C language in vehicle based software", was produced in 1998, and is officially known as MISRA-C:1998.^[4]

In 2004, a second edition "Guidelines for the use of the C language in critical systems", or MISRA-C:2004 was produced, with many substantial changes to the guidelines, including a complete renumbering of the rules.

As of May 2012, work is nearing completion on the next revision of the guidelines (MISRA-C:2012), which are intended to address use of C99.

As with many standards (for example, ISO, BSI Group, RTCA, Incorporated), the MISRA C guideline documents are not free to users or implementers.^[5]

Rules

MISRAC stands for "Motor Industry Software Reliability Association" C standards

MISRA-C:1998 had 127 rules, of which 93 were required and 34 were advisory; the rules were numbered in sequence from 1 to 127.

The MISRA-C:2004 document contains 141 rules, of which 121 are "required" and 20 are "advisory"; they are divided into 21 topical categories, from "Environment" to "Run-time failures".

The rules can be divided logically into a number of categories:

• Avoiding possible compiler differences, e.g. the size of a C integer may vary but an INT16 is always 16 bits.
• Avoiding using functions and constructs that are prone to failure, e.g. malloc() may fail.
• Produce Maintainable and Debuggable Code, e.g. naming conventions and commenting.
• Best Practice Rules.
• Complexity limits.

Tools

While there exist many software tools that claim to check code for "MISRA conformance", there is no MISRA certification process.^[6]

An exemplar suite for MISRA-C:2004 is available from the MISRA Forum, which allows tool users to evaluate and compare the checking support provided by the various MISRA tools. Additionally, it gives tool implementors some guidance as to the intent of the Rules within MISRA-C:2004.

Most of the guidelines can be checked using tools that perform static code analysis. The remaining guidelines require the use of dynamic code analysis.

Tools that check code for MISRA conformance are

• Checkmarx
• Coverity Static Analysis
• ECLAIR^[7] by BUGSENG
• GrammaTech CodeSonar
• Klocwork Insight & Inspect
• LDRA Testbed
• Parasoft Tools
• PC-Lint by Gimpel Software
• Polyspace by MathWorks
• QA-C by Programming Research
• Understand by SciTools
• Sonar (software quality) by SonarSource (Open Source with some commercial plug-in components).

C compilers that support MISRA conformance are

• Green Hills Software
• IAR Systems

See also

• Programming style

References

1. http://www.programmingresearch.com/QAMISRA.html^{[dead link]}
2. http://www.cosmicsoftware.com/misra.php
3. http://www.ldra.com/misrac.asp
4. A brief history of MISRA C
5. "Buying MISRA C"
6. "MISRA C FAQ list." MISRA Consortium
7. "ECLAIR official web site". BUGSENG. Retrieved 16 May 2006.

External links

• Official website
• "Introduction to MISRA C". embedded.com.
• "MISRA C: Safer Is Better". electronicdesign.com.
• "MISRA C — Some key rules to make embedded systems safer". iar.com.
• "Commentary on the first edition of the MISRA C guidelines". knosof.co.uk.
• "Automating Compliance to MISRA C/C++ Standards". johndayautomotivelectronics.com.