[SystemSafety] New paper on MISRA C

Paul Sherwood paul.sherwood at codethink.co.uk
Thu Sep 13 10:26:21 CEST 2018


On 2018-09-13 08:49, Andrew Banks wrote:
>> AFAIK MISRA C is all about improving determinism of software, i.e.
>> increasing software component reliability. As of 2018 are ws still at 
>> the
>> point where we can't deliver designed-in safety without heavy reliance 
>> on
>> deterministic behaviour of microcontroller-scale components?
>> 
> 
> The real problem we have in the software world is that, frankly, most 
> are
> just enthusiastic amateurs - something that Professor Martin Thomas of 
> the
> Royal Academy of Engineering has written about in Tuesday's Financial
> Times.

I agree - terrifying but true.

> We have little (often no) engineering discipline, and we have become
> accustomed to regular bug-fixes as being perfectly normal... FFS,
> Microsoft now have a WEEKLY bug-fix for Windows.
> 
> That in 2018 "Just write the code" is deemed an acceptable life-cycle 
> is a
> blight on our profession.  Any suggestion that we should relax any of 
> the
> few controls, or best-practices, we have is, IMHO little more than
> crazy-talk!

People have called me crazy before :-)

But to be clear, I'm trying to figure out what works, not proposing to 
relax anything at this point.

> I'm not suggesting MISRA C is perfect... but IMHO it is the best we 
> have -
> and I'd rather make it even better, than entertain ideas of scrapping 
> it.

I believe it may be the best we have for microcontroller-scale C 
software. I can't be sure, because it remains a minority sport and I am 
aware of many expert C programmers who deliver extremely reliable 
microcontroller solutions without ever having read it.

I don't think I've ever said I would like to scrap it. I'm mainly hoping 
to see it become a public domain or CC document, so that it can be more 
widely referenced, understood, critiqued, improved and used.

br
Paul


More information about the systemsafety mailing list