[SystemSafety] Koopman replies to concerns over Toyota UA case

Andrew Banks andrew at andrewbanks.com
Wed Jan 3 08:21:17 CET 2018


On 30 December 2017 21:25, Paul Bennett wrote

	Specifying a McCabe Code Complexity limit for individual software
components is, in my eyes, 
	more of a trigger to begin asking the questions that need to be
asked. If the development policy
	set the MCC at say 9, then any component submitted for review with a
number above that should
	begin to get questions asked.

In theory this is a sound idea... similarly with Source Lines of Code
(another broadly useless/arbitrary metric) - however...

As we in the MISRA C Working Group know from painful experience, too many QA
Peeps put aside common sense, and apply blind adherence and a tick-box
mentality to rules - eg the frequent requirement for 100% MISRA C
compliance, with no deviations (which is, generally, infeasible for
non-trivial projects) which can potentially in some cases result in more
complex conforming code, than the non-conforming code - especially when the
Advisory Rules are followed blindly.

So in the suggested case, the QA Clipboard Monitors will simply
"non-compliant" any module with a MCC above X (without permitting
debate/concession)


Kind regards
Andrew Banks 

Embedded Software Manager
Frazer-Nash Research Ltd
http://www.frazer-nash.com

and Chairman
MISRA C Working Group
http://www.misra.org.uk






More information about the systemsafety mailing list