Abstract
The MISRA project started in 1990 with the mission of providing world-leading best practice guidelines for the safe and secure application of both embedded control systems and standalone software. MISRA C is a coding standard defining a subset of the C language, initially targeted at the automotive sector, but now adopted across all industry sectors that develop C software in safety- and/or security-critical contexts. In this paper, we introduce MISRA C, its role in the development of critical software, especially in embedded systems, its relevance to industry safety standards, as well as the challenges of working with a general-purpose programming language standard that is written in natural language with a slow evolution over the last 40+ years. We also outline the role of static analysis in the automatic checking of compliance with respect to MISRA C, and the role of the MISRA C language subset in enabling a wider application of formal methods to industrial software written in C.
While Roberto Bagnara is a member of the MISRA C Working Group and of ISO/IEC JTC1/SC22/WG14, a.k.a. the C Standardization Working Group, the views expressed in this paper are his and his coauthors’ and should not be taken to represent the views of either working group.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Originally, an acronym for Motor Industry Software Reliability Association.
- 2.
The authors of this paper are not an exception to this statement, at least not until 2010.
- 3.
Source: TIOBE Index for June 2018, see https://www.tiobe.com/tiobe-index/.
- 4.
This is still true for implementations running on simple processors, with a limited degree of caching and internal parallelism. Prediction of maximum running time without tools becomes outright impossible for current multi-core designs such as Kalray MPPA, Freescale P4080, or ARM Cortex-A57 equivalents (see, e.g., [35,36,37]).
- 5.
WG21 is a common shorthand for ISO/IEC JTC1/SC22/WG21, a.k.a. the Standardization Working Group. The cited meeting tool place in Jacksonville, FL, USA, March 12–17, 2018.
- 6.
In this paper, we refer to the C99 language standard [19] because this is the most recent version of the language that is targeted by the current version of MISRA C [28]. All what is said about the C language itself applies equally, with only minor variations, to all the published versions of the C standard.
- 7.
Short for ISO/IEC JTC1/SC22/WG14, a.k.a. the C Standardization Working Group.
- 8.
Such as the standard library, device drivers supplied by the compiler vendor or the hardware manufacturer, middleware components, third party libraries, automatically generated code, legacy code, ....
- 9.
This technical specification has been slightly amended in 2016 [23].
- 10.
We are indebted to Clayton Weimer for this observation.
- 11.
https://clang-analyzer.llvm.org/, last accessed on July 5th, 2018.
- 12.
There are many ways to do that.
References
VV., AA.: JSF Air vehicle C++ coding standards for the system development and demonstration program. Document 2RDU00001, Rev C, Lockheed Martin Corporation, December 2005
VV., AA.: JPL institutional coding standard for the C programming language. Technical report JPL DOCID D-60411, Jet Propulsion Laboratory, California Institute of Technology, March 2009
The Motor Industry Software Reliability Association: Development Guidelines For Vehicle Based Software. The Motor Industry Research Association, Nuneaton, Warwickshire CV10 0TU, UK, November 1994
Bagnara, R.: MISRA C, for security’s sake! In: Lami, G. (ed.) Informal proceedings of the 14th Workshop on Automotive Software & Systems, Milan, Italy (2016). http://www.automotive-spin.it/. Also published as Report arXiv:1705.03517 [cs.SE], available at http://arxiv.org/
Banks, A.: MISRA C – recent developments and a road map to the future. Presentation slides available at http://www.his-2018.co.uk/session/misra-c-updates-2016, presented at the High Integrity Software Conference 2016, Bristol, UK, 1 November 2016 (2016)
Barr, M.: Embedded C Coding Standard. Barr Group, Germantown, MD, USA (2013)
Barr Group, Germantown, MD, USA: Embedded Systems Safety & Security Survey, February 2018. http://www.barrgroup.com/
Baudin, P., Cuoq, P., Filliâtre, J.C., Marché, C., Monate, B., Moy, Y., Prevosto, V.: ACSL: ANSI/ISO C Specification Language, version 1.13 edn. (2018)
CERT: SEI CERT C Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems. Software Engineering, Carnegie Mellon University, 2016 edn. (2016)
Cousot, P., Cousot, R., Feret, J., Miné, A., Mauborgne, L., Monniaux, D., Rival, X.: Varieties of static analyzers: a comparison with ASTREE. In: First Joint IEEE/IFIP Symposium on Theoretical Aspects of Software Engineering (TASE 2007), pp. 3–20. IEEE Computer Society, Shanghai, June 2007
Crocker, D., Carlton, J.: Verification of C programs using automated reasoning. In: Proceedings of the Fifth IEEE International Conference on Software Engineering and Formal Methods (SEFM 2007), pp. 7–14. IEEE Computer Society, London (2007)
Dahlweid, M., Moskal, M., Santen, T., Tobies, S., Schulte, W.: VCC: contract-based modular verification of concurrent C. In: 31st International Conference on Software Engineering (ICSE 2009), Companion Volume, pp. 429–430. IEEE Computer Society, Vancouver (2009)
Gosling, J., Joy, B., Steele, G.L., Bracha, G., Buckley, A.: The Java Language Specification: Java SE 8 Edition, 5th edn. Java Ser. Addison-Wesley, Upper Saddle River (2014)
Hatton, L.: Safer C: Developing Software for High-Integrity and Safety-Critical Systems. McGraw-Hill Inc., New York (1995)
Intel Corporation: Intel 64 and IA-32 Architectures Software Developer’s Manual – Volume 2 (2A, 2B, 2C & 2D): Instruction Set Reference, A-Z (2018)
ISO: ISO 26262:2011: Road Vehicles – Functional Safety. ISO, Geneva, Switzerland, November 2011
ISO/IEC: ISO/IEC 9899:1990: Programming Languages – C. ISO/IEC, Geneva, Switzerland (1990)
ISO/IEC: ISO/IEC 9899:1990/AMD 1:1995: Programming Languages – C. ISO/IEC, Geneva, Switzerland (1995)
ISO/IEC: ISO/IEC 9899:1999: Programming Languages – C. ISO/IEC, Geneva, Switzerland (1999)
ISO/IEC: ISO/IEC 9899:1999/Cor 3:2007: Programming Languages – C. ISO/IEC, Geneva, Switzerland, Technical Corrigendum 3 edn. (2007)
ISO/IEC: ISO/IEC 9899:2011: Programming Languages – C. ISO/IEC, Geneva, Switzerland (2011)
ISO/IEC: ISO/IEC TS 17961:2013, Information technology – Programming languages, their environments & system software interfaces – C Secure Coding Rules. ISO/IEC, Geneva, Switzerland, November 2013
ISO/IEC: ISO/IEC TS 17961:2016, Information technology – Programming languages, their environments & system software interfaces – C Secure Coding Rules. ISO/IEC, Geneva, Switzerland, August 2016
Jacobs, B., Smans, J., Philippaerts, P., Vogels, F., Penninckx, W., Piessens, F.: VeriFast: a powerful, sound, predictable, fast verifier for C and java. In: Bobaru, M., Havelund, K., Holzmann, G.J., Joshi, R. (eds.) NFM 2011. LNCS, vol. 6617, pp. 41–55. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20398-5_4
Le Charlier, B. (ed.): SAS 1994. LNCS, vol. 864. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-58485-4
Motor Industry Software Reliability Association: MISRA-C:1998 – Guidelines for the use of the C language in vehicle based sofware. MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, July 1998
Motor Industry Software Reliability Association: MISRA-C:2004 – Guidelines for the use of the C language in critical systems. MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, October 2004
MISRA: MISRA C:2012 – Guidelines for the use of the C language in critical systems. MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, March 2013
MISRA: MISRA C:2012 Amendment 1 – Additional security guidelines for MISRA C:2012. HORIBA MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, April 2016
MISRA: MISRA Compliance:2016 – Achieving compliance with MISRA Coding Guidelines. HORIBA MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, April 2016
MISRA: MISRA C:2012 Technical Corrigendum 1 – Technical clarification of MISRA C:2012. HORIBA MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, June 2017
MISRA: MISRA C:2012 Addendum 2 – Coverage of MISRA C:2012 (including Amendment 1) against ISO/IEC TS 17961:2013 "C Secure". HORIBA MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, 2nd edn. January 2018
MISRA: MISRA C:2012 Addendum 3 – Coverage of MISRA C:2012 (including Amendment 1) against CERT C 2016 Edition. HORIBA MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, January 2018
Motor Industry Software Reliability Association: MISRA C++:2008 – Guidelines for the use of the C++ language in critical systems. MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, June 2008
Nélis, V., Yomsi, P.M., Pinho, L.M.: The variability of application execution times on a multi-core platform. In: Schoeberl, M. (ed.) Proceedings of the 16th International Workshop on Worst-Case Execution Time Analysis (WCET 2016), OASICS, vol. 55, pp. 6:1–6:11. Schloss Dagstuhl – Leibniz-Zentrum für Informatik, Toulouse (2016)
Nowotsch, J., Paulitsch, M.: Leveraging multi-core computing architectures in avionics. In: Constantinescu, C., Correia, M.P. (eds.) Proceedings of the Ninth European Dependable Computing Conference (EDCC 2012), pp. 132–143. IEEE Computer Society, Sibiu (2012)
Nowotsch, J., Paulitsch, M., Buhler, D., Theiling, H., Wegener, S., Schmidt, M.: Multi-core interference-sensitive WCET analysis leveraging runtime resource capacity enforcement. In: Proceedings of the 26th Euromicro Conference on Real-Time Systems (ECRTS 2014), pp. 109–118. IEEE Computer Society, Madrid (2014)
Philippaerts, P., Mühlberg, J.T., Penninckx, W., Smans, J., Jacobs, B., Piessens, F.: Software verification with VeriFast: industrial case studies. Sci. Comput. Program. 82, 77–97 (2014)
Rainer-Harbach, M.: Methods and Tools for the Formal Verification of Software: An Analysis and Comparison. Master’s thesis, Fakultät für Informatik der Technischen Universität Wien, Wien, Austria, November 2011
Ritchie, D.M.: The development of the C language. SIGPLAN Not. 28(3), 201–208 (1993)
Signoles, J.: EACSL: Executable ANSI/ISO C Specification Language, version 1.12 edn. (2018)
Software Engineering Center: Embedded System Development Coding Reference: C Language Edition. Information-Technology Promotion Agency, Japan, version 2.0, July 2014
U.S. Department Of Health and Human Services; Food and Drug Administration; Center for Devices and Radiological Health; Center for Biologics Evaluation and Research: General Principles of Software Validation; Final Guidance for Industry and FDA Staff, version 2.0 edn. January 2002. http://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/ucm085281.htm
VDC Research, Natick, MA, USA: 2011 Embedded Engineer Survey, August 2011
Winkler, J.F.H.: The Frege Program Prover. In: 42. Internationales Wissenschaftliches Kolloquium, pp. 116–121. Technische Universität Ilmenau (1997)
Winters, T.: C++ stability, velocity, and deployment plans [R2]. Doc. no. P0684R2, ISO/IEC JTC1/SC22/WG21, February 2018. http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2018/p0684r2.pdf
Acknowledgments
For the notes on the history of MISRA and MISRA C we are indebted to Andrew Banks (LDRA, current Chairman of the MISRA C Working Group) and David Ward (HORIBA MIRA, current Chairman of the MISRA Project). For the information on the ongoing work on annotations, we thank Chris Tapp (LDRA, Keylevel Consultants, MISRA C Working Group, current Chairman of the MISRA Working Group). We are grateful to the following people who helped in proofreading the paper and provided useful comments and advice: Fulvio Baccaglini (PRQA — a Perforce Company, MISRA C Working Group), Dave Banham (Rolls-Royce plc, MISRA C Working Group), Daniel Kästner (AbsInt, MISRA C Working Group), Thomas Schunior Plum (Plum Hall, WG14), Chris Tapp (ditto), David Ward (ditto). We are also grateful to the following BUGSENG collaborators: Paolo Bolzoni, for some example ideas; Anna Camerini for the composition of Fig. 1.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Bagnara, R., Bagnara, A., Hill, P.M. (2018). The MISRA C Coding Standard and its Role in the Development and Analysis of Safety- and Security-Critical Embedded Software. In: Podelski, A. (eds) Static Analysis. SAS 2018. Lecture Notes in Computer Science(), vol 11002. Springer, Cham. https://doi.org/10.1007/978-3-319-99725-4_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-99725-4_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-99724-7
Online ISBN: 978-3-319-99725-4
eBook Packages: Computer ScienceComputer Science (R0)