[SystemSafety] New paper on MISRA C

Paul Sherwood paul.sherwood at codethink.co.uk
Thu Sep 13 07:54:41 CEST 2018


On 2018-09-12 14:34, Andrew Banks wrote:
>> Why is MISRA C still considered relevant to system safety in 2018?
> 
> Perhaps because it provides extensive guidance that help the community
> prevent the cause of issues rather than try and fix them later.  This
> makes such systems inherently more reliable, or offers higher integrity 
> if
> you prefer: this makes them safer and more secure.

I agree it provides guidance on how to create C programs which avoid a 
range of potential issues. However, that's still component-level 
reliability.

Based on my (admittedly new/fresh) understanding of the MIT work, it 
seems to me that if we need to rest our assertion of system safety on 
the reliability of a specific software component, maybe we've got the 
architecture wrong?

> I appreciate you have an issue with something that you have to pay for 
> -
> other than someone paying for your time...

While that's true, it's slightly off-topic :) I'm ok to pay in general 
for something that's clearly of value, and I appreciate that MISRA C has 
value for people seeking deterministic behaviour of C programs in 
microcontroller-scale environments (which I believe is the main value of 
MISRA C).

br
Paul


More information about the systemsafety mailing list