Top

Published in:

2018 | OriginalPaper | Chapter

The MISRA C Coding Standard and its Role in the Development and Analysis of Safety- and Security-Critical Embedded Software

Authors : Roberto Bagnara, Abramo Bagnara, Patricia M. Hill

Published in: Static Analysis

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The MISRA project started in 1990 with the mission of providing world-leading best practice guidelines for the safe and secure application of both embedded control systems and standalone software. MISRA C is a coding standard defining a subset of the C language, initially targeted at the automotive sector, but now adopted across all industry sectors that develop C software in safety- and/or security-critical contexts. In this paper, we introduce MISRA C, its role in the development of critical software, especially in embedded systems, its relevance to industry safety standards, as well as the challenges of working with a general-purpose programming language standard that is written in natural language with a slow evolution over the last 40+ years. We also outline the role of static analysis in the automatic checking of compliance with respect to MISRA C, and the role of the MISRA C language subset in enabling a wider application of formal methods to industrial software written in C.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Fairness: A Formal-Methods Perspective

next chapter Numerical Invariants via Abstract Machines

Originally, an acronym for Motor Industry Software Reliability Association.

The authors of this paper are not an exception to this statement, at least not until 2010.

Source: TIOBE Index for June 2018, see https://www.tiobe.com/tiobe-index/.

This is still true for implementations running on simple processors, with a limited degree of caching and internal parallelism. Prediction of maximum running time without tools becomes outright impossible for current multi-core designs such as Kalray MPPA, Freescale P4080, or ARM Cortex-A57 equivalents (see, e.g., [35‐37]).

WG21 is a common shorthand for ISO/IEC JTC1/SC22/WG21, a.k.a. the

https://static-content.springer.com/image/chp%3A10.1007%2F978-3-319-99725-4_2/465241_1_En_2_IEq4_HTML.gif

Standardization Working Group. The cited meeting tool place in Jacksonville, FL, USA, March 12–17, 2018.

In this paper, we refer to the C99 language standard [19] because this is the most recent version of the language that is targeted by the current version of MISRA C [28]. All what is said about the C language itself applies equally, with only minor variations, to all the published versions of the C standard.

Short for ISO/IEC JTC1/SC22/WG14, a.k.a. the C Standardization Working Group.

Such as the standard library, device drivers supplied by the compiler vendor or the hardware manufacturer, middleware components, third party libraries, automatically generated code, legacy code, ....

This technical specification has been slightly amended in 2016 [23].

We are indebted to Clayton Weimer for this observation.

https://clang-analyzer.llvm.org/, last accessed on July 5th, 2018.

There are many ways to do that.

VV., AA.: JSF Air vehicle C++ coding standards for the system development and demonstration program. Document 2RDU00001, Rev C, Lockheed Martin Corporation, December 2005

VV., AA.: JPL institutional coding standard for the C programming language. Technical report JPL DOCID D-60411, Jet Propulsion Laboratory, California Institute of Technology, March 2009

The Motor Industry Software Reliability Association: Development Guidelines For Vehicle Based Software. The Motor Industry Research Association, Nuneaton, Warwickshire CV10 0TU, UK, November 1994

Bagnara, R.: MISRA C, for security’s sake! In: Lami, G. (ed.) Informal proceedings of the 14th Workshop on Automotive Software & Systems, Milan, Italy (2016). http://www.automotive-spin.it/. Also published as Report arXiv:1705.03517 [cs.SE], available at http://arxiv.org/

Banks, A.: MISRA C – recent developments and a road map to the future. Presentation slides available at http://www.his-2018.co.uk/session/misra-c-updates-2016, presented at the High Integrity Software Conference 2016, Bristol, UK, 1 November 2016 (2016)

Barr, M.: Embedded C Coding Standard. Barr Group, Germantown, MD, USA (2013)

Barr Group, Germantown, MD, USA: Embedded Systems Safety & Security Survey, February 2018. http://www.barrgroup.com/

Baudin, P., Cuoq, P., Filliâtre, J.C., Marché, C., Monate, B., Moy, Y., Prevosto, V.: ACSL: ANSI/ISO C Specification Language, version 1.13 edn. (2018)

CERT: SEI CERT C Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems. Software Engineering, Carnegie Mellon University, 2016 edn. (2016)

10.

Cousot, P., Cousot, R., Feret, J., Miné, A., Mauborgne, L., Monniaux, D., Rival, X.: Varieties of static analyzers: a comparison with ASTREE. In: First Joint IEEE/IFIP Symposium on Theoretical Aspects of Software Engineering (TASE 2007), pp. 3–20. IEEE Computer Society, Shanghai, June 2007

11.

Crocker, D., Carlton, J.: Verification of C programs using automated reasoning. In: Proceedings of the Fifth IEEE International Conference on Software Engineering and Formal Methods (SEFM 2007), pp. 7–14. IEEE Computer Society, London (2007)

12.

Dahlweid, M., Moskal, M., Santen, T., Tobies, S., Schulte, W.: VCC: contract-based modular verification of concurrent C. In: 31st International Conference on Software Engineering (ICSE 2009), Companion Volume, pp. 429–430. IEEE Computer Society, Vancouver (2009)

13.

Gosling, J., Joy, B., Steele, G.L., Bracha, G., Buckley, A.: The Java Language Specification: Java SE 8 Edition, 5th edn. Java Ser. Addison-Wesley, Upper Saddle River (2014)

14.

Hatton, L.: Safer C: Developing Software for High-Integrity and Safety-Critical Systems. McGraw-Hill Inc., New York (1995)

15.

Intel Corporation: Intel 64 and IA-32 Architectures Software Developer’s Manual – Volume 2 (2A, 2B, 2C & 2D): Instruction Set Reference, A-Z (2018)

16.

ISO: ISO 26262:2011: Road Vehicles – Functional Safety. ISO, Geneva, Switzerland, November 2011

17.

ISO/IEC: ISO/IEC 9899:1990: Programming Languages – C. ISO/IEC, Geneva, Switzerland (1990)

18.

ISO/IEC: ISO/IEC 9899:1990/AMD 1:1995: Programming Languages – C. ISO/IEC, Geneva, Switzerland (1995)

19.

ISO/IEC: ISO/IEC 9899:1999: Programming Languages – C. ISO/IEC, Geneva, Switzerland (1999)

20.

ISO/IEC: ISO/IEC 9899:1999/Cor 3:2007: Programming Languages – C. ISO/IEC, Geneva, Switzerland, Technical Corrigendum 3 edn. (2007)

21.

ISO/IEC: ISO/IEC 9899:2011: Programming Languages – C. ISO/IEC, Geneva, Switzerland (2011)

22.

ISO/IEC: ISO/IEC TS 17961:2013, Information technology – Programming languages, their environments & system software interfaces – C Secure Coding Rules. ISO/IEC, Geneva, Switzerland, November 2013

23.

ISO/IEC: ISO/IEC TS 17961:2016, Information technology – Programming languages, their environments & system software interfaces – C Secure Coding Rules. ISO/IEC, Geneva, Switzerland, August 2016

24.

Jacobs, B., Smans, J., Philippaerts, P., Vogels, F., Penninckx, W., Piessens, F.: VeriFast: a powerful, sound, predictable, fast verifier for C and java. In: Bobaru, M., Havelund, K., Holzmann, G.J., Joshi, R. (eds.) NFM 2011. LNCS, vol. 6617, pp. 41–55. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20398-5_4CrossRef

25.

Le Charlier, B. (ed.): SAS 1994. LNCS, vol. 864. Springer, Heidelberg (1994). https://doi.org/10.1007/3-540-58485-4CrossRef

26.

Motor Industry Software Reliability Association: MISRA-C:1998 – Guidelines for the use of the C language in vehicle based sofware. MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, July 1998

27.

Motor Industry Software Reliability Association: MISRA-C:2004 – Guidelines for the use of the C language in critical systems. MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, October 2004

28.

MISRA: MISRA C:2012 – Guidelines for the use of the C language in critical systems. MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, March 2013

29.

MISRA: MISRA C:2012 Amendment 1 – Additional security guidelines for MISRA C:2012. HORIBA MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, April 2016

30.

MISRA: MISRA Compliance:2016 – Achieving compliance with MISRA Coding Guidelines. HORIBA MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, April 2016

31.

MISRA: MISRA C:2012 Technical Corrigendum 1 – Technical clarification of MISRA C:2012. HORIBA MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, June 2017

32.

MISRA: MISRA C:2012 Addendum 2 – Coverage of MISRA C:2012 (including Amendment 1) against ISO/IEC TS 17961:2013 "C Secure". HORIBA MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, 2nd edn. January 2018

33.

MISRA: MISRA C:2012 Addendum 3 – Coverage of MISRA C:2012 (including Amendment 1) against CERT C 2016 Edition. HORIBA MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, January 2018

34.

Motor Industry Software Reliability Association: MISRA C++:2008 – Guidelines for the use of the C++ language in critical systems. MIRA Ltd, Nuneaton, Warwickshire CV10 0TU, UK, June 2008

35.

Nélis, V., Yomsi, P.M., Pinho, L.M.: The variability of application execution times on a multi-core platform. In: Schoeberl, M. (ed.) Proceedings of the 16th International Workshop on Worst-Case Execution Time Analysis (WCET 2016), OASICS, vol. 55, pp. 6:1–6:11. Schloss Dagstuhl – Leibniz-Zentrum für Informatik, Toulouse (2016)

36.

Nowotsch, J., Paulitsch, M.: Leveraging multi-core computing architectures in avionics. In: Constantinescu, C., Correia, M.P. (eds.) Proceedings of the Ninth European Dependable Computing Conference (EDCC 2012), pp. 132–143. IEEE Computer Society, Sibiu (2012)

37.

Nowotsch, J., Paulitsch, M., Buhler, D., Theiling, H., Wegener, S., Schmidt, M.: Multi-core interference-sensitive WCET analysis leveraging runtime resource capacity enforcement. In: Proceedings of the 26th Euromicro Conference on Real-Time Systems (ECRTS 2014), pp. 109–118. IEEE Computer Society, Madrid (2014)

38.

Philippaerts, P., Mühlberg, J.T., Penninckx, W., Smans, J., Jacobs, B., Piessens, F.: Software verification with VeriFast: industrial case studies. Sci. Comput. Program. 82, 77–97 (2014)CrossRef

39.

Rainer-Harbach, M.: Methods and Tools for the Formal Verification of Software: An Analysis and Comparison. Master’s thesis, Fakultät für Informatik der Technischen Universität Wien, Wien, Austria, November 2011

40.

Ritchie, D.M.: The development of the C language. SIGPLAN Not. 28(3), 201–208 (1993)CrossRef

41.

Signoles, J.: EACSL: Executable ANSI/ISO C Specification Language, version 1.12 edn. (2018)

42.

Software Engineering Center: Embedded System Development Coding Reference: C Language Edition. Information-Technology Promotion Agency, Japan, version 2.0, July 2014

43.

U.S. Department Of Health and Human Services; Food and Drug Administration; Center for Devices and Radiological Health; Center for Biologics Evaluation and Research: General Principles of Software Validation; Final Guidance for Industry and FDA Staff, version 2.0 edn. January 2002. http://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/ucm085281.htm

44.

VDC Research, Natick, MA, USA: 2011 Embedded Engineer Survey, August 2011

45.

Winkler, J.F.H.: The Frege Program Prover. In: 42. Internationales Wissenschaftliches Kolloquium, pp. 116–121. Technische Universität Ilmenau (1997)

46.

Winters, T.: C++ stability, velocity, and deployment plans [R2]. Doc. no. P0684R2, ISO/IEC JTC1/SC22/WG21, February 2018. http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2018/p0684r2.pdf

Title: The MISRA C Coding Standard and its Role in the Development and Analysis of Safety- and Security-Critical Embedded Software
Authors: Roberto Bagnara
Abramo Bagnara
Patricia M. Hill
Publisher: Springer International Publishing
Book: Static Analysis
Print ISBN: 978-3-319-99724-7

Electronic ISBN: 978-3-319-99725-4

Copyright Year: 2018
DOI: https://doi.org/10.1007/978-3-319-99725-4_2

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner