[SystemSafety] New paper on MISRA C
Paul Sherwood
paul.sherwood at codethink.co.uk
Thu Sep 13 10:26:21 CEST 2018
On 2018-09-13 08:49, Andrew Banks wrote:
>> AFAIK MISRA C is all about improving determinism of software, i.e.
>> increasing software component reliability. As of 2018 are ws still at
>> the
>> point where we can't deliver designed-in safety without heavy reliance
>> on
>> deterministic behaviour of microcontroller-scale components?
>>
>
> The real problem we have in the software world is that, frankly, most
> are
> just enthusiastic amateurs - something that Professor Martin Thomas of
> the
> Royal Academy of Engineering has written about in Tuesday's Financial
> Times.
I agree - terrifying but true.
> We have little (often no) engineering discipline, and we have become
> accustomed to regular bug-fixes as being perfectly normal... FFS,
> Microsoft now have a WEEKLY bug-fix for Windows.
>
> That in 2018 "Just write the code" is deemed an acceptable life-cycle
> is a
> blight on our profession. Any suggestion that we should relax any of
> the
> few controls, or best-practices, we have is, IMHO little more than
> crazy-talk!
People have called me crazy before :-)
But to be clear, I'm trying to figure out what works, not proposing to
relax anything at this point.
> I'm not suggesting MISRA C is perfect... but IMHO it is the best we
> have -
> and I'd rather make it even better, than entertain ideas of scrapping
> it.
I believe it may be the best we have for microcontroller-scale C
software. I can't be sure, because it remains a minority sport and I am
aware of many expert C programmers who deliver extremely reliable
microcontroller solutions without ever having read it.
I don't think I've ever said I would like to scrap it. I'm mainly hoping
to see it become a public domain or CC document, so that it can be more
widely referenced, understood, critiqued, improved and used.
br
Paul
More information about the systemsafety
mailing list