Advertisement

The MISRA C Coding Standard and its Role in the Development and Analysis of Safety- and Security-Critical Embedded Software

  • Roberto BagnaraEmail author
  • Abramo Bagnara
  • Patricia M. Hill
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11002)

Abstract

The MISRA project started in 1990 with the mission of providing world-leading best practice guidelines for the safe and secure application of both embedded control systems and standalone software. MISRA C is a coding standard defining a subset of the C language, initially targeted at the automotive sector, but now adopted across all industry sectors that develop C software in safety- and/or security-critical contexts. In this paper, we introduce MISRA C, its role in the development of critical software, especially in embedded systems, its relevance to industry safety standards, as well as the challenges of working with a general-purpose programming language standard that is written in natural language with a slow evolution over the last 40+ years. We also outline the role of static analysis in the automatic checking of compliance with respect to MISRA C, and the role of the MISRA C language subset in enabling a wider application of formal methods to industrial software written in C.

Notes

Acknowledgments

For the notes on the history of MISRA and MISRA C we are indebted to Andrew Banks (LDRA, current Chairman of the MISRA C Working Group) and David Ward (HORIBA MIRA, current Chairman of the MISRA Project). For the information on the ongoing work on annotations, we thank Chris Tapp (LDRA, Keylevel Consultants, MISRA C Working Group, current Chairman of the MISRA Open image in new window Working Group). We are grateful to the following people who helped in proofreading the paper and provided useful comments and advice: Fulvio Baccaglini (PRQA — a Perforce Company, MISRA C Working Group), Dave Banham (Rolls-Royce plc, MISRA C Working Group), Daniel Kästner (AbsInt, MISRA C Working Group), Thomas Schunior Plum (Plum Hall, WG14), Chris Tapp (ditto), David Ward (ditto). We are also grateful to the following BUGSENG collaborators: Paolo Bolzoni, for some example ideas; Anna Camerini for the composition of Fig. 1.

References

  1. 1.
    VV., AA.: JSF Air vehicle C++ coding standards for the system development and demonstration program. Document 2RDU00001, Rev C, Lockheed Martin Corporation, December 2005Google Scholar
  2. 2.
    VV., AA.: JPL institutional coding standard for the C programming language. Technical report JPL DOCID D-60411, Jet Propulsion Laboratory, California Institute of Technology, March 2009Google Scholar
  3. 3.
    The Motor Industry Software Reliability Association: Development Guidelines For Vehicle Based Software. The Motor Industry Research Association, Nuneaton, Warwickshire CV10 0TU, UK, November 1994Google Scholar
  4. 4.
    Bagnara, R.: MISRA C, for security’s sake! In: Lami, G. (ed.) Informal proceedings of the 14th Workshop on Automotive Software & Systems, Milan, Italy (2016). http://www.automotive-spin.it/. Also published as Report arXiv:1705.03517 [cs.SE], available at http://arxiv.org/
  5. 5.
    Banks, A.: MISRA C – recent developments and a road map to the future. Presentation slides available at http://www.his-2018.co.uk/session/misra-c-updates-2016, presented at the High Integrity Software Conference 2016, Bristol, UK, 1 November 2016 (2016)
  6. 6.
    Barr, M.: Embedded C Coding Standard. Barr Group, Germantown, MD, USA (2013)Google Scholar
  7. 7.
    Barr Group, Germantown, MD, USA: Embedded Systems Safety & Security Survey, February 2018. http://www.barrgroup.com/
  8. 8.
    Baudin, P., Cuoq, P., Filliâtre, J.C., Marché, C., Monate, B., Moy, Y., Prevosto, V.: ACSL: ANSI/ISO C Specification Language, version 1.13 edn. (2018)Google Scholar
  9. 9.
    CERT: SEI CERT C Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems. Software Engineering, Carnegie Mellon University, 2016 edn. (2016)Google Scholar
  10. 10.
    Cousot, P., Cousot, R., Feret, J., Miné, A., Mauborgne, L., Monniaux, D., Rival, X.: Varieties of static analyzers: a comparison with ASTREE. In: First Joint IEEE/IFIP Symposium on Theoretical Aspects of Software Engineering (TASE 2007), pp. 3–20. IEEE Computer Society, Shanghai, June 2007Google Scholar
  11. 11.
    Crocker, D., Carlton, J.: Verification of C programs using automated reasoning. In: Proceedings of the Fifth IEEE International Conference on Software Engineering and Formal Methods (SEFM 2007), pp. 7–14. IEEE Computer Society, London (2007)Google Scholar
  12. 12.
    Dahlweid, M., Moskal, M., Santen, T., Tobies, S., Schulte, W.: VCC: contract-based modular verification of concurrent C. In: 31st International Conference on Software Engineering (ICSE 2009), Companion Volume, pp. 429–430. IEEE Computer Society, Vancouver (2009)Google Scholar
  13. 13.
    Gosling, J., Joy, B., Steele, G.L., Bracha, G., Buckley, A.: The Java Language Specification: Java SE 8 Edition, 5th edn. Java Ser. Addison-Wesley, Upper Saddle River (2014)Google Scholar
  14. 14.
    Hatton, L.: Safer C: Developing Software for High-Integrity and Safety-Critical Systems. McGraw-Hill Inc., New York (1995)Google Scholar
  15. 15.
    Intel Corporation: Intel 64 and IA-32 Architectures Software Developer’s Manual – Volume 2 (2A, 2B, 2C & 2D): Instruction Set Reference, A-Z (2018)Google Scholar
  16. 16.
    ISO: ISO 26262:2011: Road Vehicles – Functional Safety. ISO, Geneva, Switzerland, November 2011Google Scholar
  17. 17.
    ISO/IEC: ISO/IEC 9899:1990: Programming Languages – C. ISO/IEC, Geneva, Switzerland (1990)Google Scholar
  18. 18.
    ISO/IEC: ISO/IEC 9899:1990/AMD 1:1995: Programming Languages – C. ISO/IEC, Geneva, Switzerland (1995)Google Scholar
  19. 19.
    ISO/IEC: ISO/IEC 9899:1999: Programming Languages – C. ISO/IEC, Geneva, Switzerland (1999)Google Scholar
  20. 20.
    ISO/IEC: ISO/IEC 9899:1999/Cor 3:2007: Programming Languages – C. ISO/IEC, Geneva, Switzerland, Technical Corrigendum 3 edn. (2007)Google Scholar
  21. 21.
    ISO/IEC: ISO/IEC 9899:2011: Programming Languages – C. ISO/IEC, Geneva, Switzerland (2011)Google Scholar
  22. 22.
    ISO/IEC: ISO/IEC TS 17961:2013, Information technology – Programming languages, their environments & system software interfaces – C Secure Coding Rules. ISO/IEC, Geneva, Switzerland, November 2013Google Scholar
  23. 23.
    ISO/IEC: ISO/IEC TS 17961:2016, Information technology – Programming languages, their environments & system software interfaces – C Secure Coding Rules. ISO/IEC, Geneva, Switzerland, August 2016Google Scholar
  24. 24.
    Jacobs, B., Smans, J., Philippaerts, P., Vogels, F., Penninckx, W., Piessens, F.: VeriFast: a powerful, sound, predictable, fast verifier for C and java. In: Bobaru, M., Havelund, K., Holzmann, G.J., Joshi, R. (eds.) NFM 2011. LNCS, vol. 6617, pp. 41–55. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-20398-5_4CrossRefGoogle Scholar
  25. 25.
    Le Charlier, B. (ed.): SAS 1994. LNCS, vol. 864. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-58485-4CrossRefGoogle Scholar
  26. 26.
    Motor Industry Software Reliability Association: MISRA-C:1998 – Guidelines for the use of the C language in vehicle based sofware. MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, July 1998Google Scholar
  27. 27.
    Motor Industry Software Reliability Association: MISRA-C:2004 – Guidelines for the use of the C language in critical systems. MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, October 2004Google Scholar
  28. 28.
    MISRA: MISRA C:2012 – Guidelines for the use of the C language in critical systems. MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, March 2013Google Scholar
  29. 29.
    MISRA: MISRA C:2012 Amendment 1 – Additional security guidelines for MISRA C:2012. HORIBA MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, April 2016Google Scholar
  30. 30.
    MISRA: MISRA Compliance:2016 – Achieving compliance with MISRA Coding Guidelines. HORIBA MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, April 2016Google Scholar
  31. 31.
    MISRA: MISRA C:2012 Technical Corrigendum 1 – Technical clarification of MISRA C:2012. HORIBA MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, June 2017Google Scholar
  32. 32.
    MISRA: MISRA C:2012 Addendum 2 – Coverage of MISRA C:2012 (including Amendment 1) against ISO/IEC TS 17961:2013 "C Secure". HORIBA MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, 2nd edn. January 2018Google Scholar
  33. 33.
    MISRA: MISRA C:2012 Addendum 3 – Coverage of MISRA C:2012 (including Amendment 1) against CERT C 2016 Edition. HORIBA MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, January 2018Google Scholar
  34. 34.
    Motor Industry Software Reliability Association: MISRA C++:2008 – Guidelines for the use of the C++ language in critical systems. MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, June 2008Google Scholar
  35. 35.
    Nélis, V., Yomsi, P.M., Pinho, L.M.: The variability of application execution times on a multi-core platform. In: Schoeberl, M. (ed.) Proceedings of the 16th International Workshop on Worst-Case Execution Time Analysis (WCET 2016), OASICS, vol. 55, pp. 6:1–6:11. Schloss Dagstuhl – Leibniz-Zentrum für Informatik, Toulouse (2016)Google Scholar
  36. 36.
    Nowotsch, J., Paulitsch, M.: Leveraging multi-core computing architectures in avionics. In: Constantinescu, C., Correia, M.P. (eds.) Proceedings of the Ninth European Dependable Computing Conference (EDCC 2012), pp. 132–143. IEEE Computer Society, Sibiu (2012)Google Scholar
  37. 37.
    Nowotsch, J., Paulitsch, M., Buhler, D., Theiling, H., Wegener, S., Schmidt, M.: Multi-core interference-sensitive WCET analysis leveraging runtime resource capacity enforcement. In: Proceedings of the 26th Euromicro Conference on Real-Time Systems (ECRTS 2014), pp. 109–118. IEEE Computer Society, Madrid (2014)Google Scholar
  38. 38.
    Philippaerts, P., Mühlberg, J.T., Penninckx, W., Smans, J., Jacobs, B., Piessens, F.: Software verification with VeriFast: industrial case studies. Sci. Comput. Program. 82, 77–97 (2014)CrossRefGoogle Scholar
  39. 39.
    Rainer-Harbach, M.: Methods and Tools for the Formal Verification of Software: An Analysis and Comparison. Master’s thesis, Fakultät für Informatik der Technischen Universität Wien, Wien, Austria, November 2011Google Scholar
  40. 40.
    Ritchie, D.M.: The development of the C language. SIGPLAN Not. 28(3), 201–208 (1993)CrossRefGoogle Scholar
  41. 41.
    Signoles, J.: EACSL: Executable ANSI/ISO C Specification Language, version 1.12 edn. (2018)Google Scholar
  42. 42.
    Software Engineering Center: Embedded System Development Coding Reference: C Language Edition. Information-Technology Promotion Agency, Japan, version 2.0, July 2014Google Scholar
  43. 43.
    U.S. Department Of Health and Human Services; Food and Drug Administration; Center for Devices and Radiological Health; Center for Biologics Evaluation and Research: General Principles of Software Validation; Final Guidance for Industry and FDA Staff, version 2.0 edn. January 2002. http://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/ucm085281.htm
  44. 44.
    VDC Research, Natick, MA, USA: 2011 Embedded Engineer Survey, August 2011Google Scholar
  45. 45.
    Winkler, J.F.H.: The Frege Program Prover. In: 42. Internationales Wissenschaftliches Kolloquium, pp. 116–121. Technische Universität Ilmenau (1997)Google Scholar
  46. 46.
    Winters, T.: C++ stability, velocity, and deployment plans [R2]. Doc. no. P0684R2, ISO/IEC JTC1/SC22/WG21, February 2018. http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2018/p0684r2.pdf

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Roberto Bagnara
    • 1
    • 2
    Email author
  • Abramo Bagnara
    • 1
  • Patricia M. Hill
    • 1
  1. 1.BUGSENG srlParmaItaly
  2. 2.Department of Mathematical, Physical and Computer SciencesUniversity of ParmaParmaItaly

Personalised recommendations