[SystemSafety] Koopman replies to concerns over Toyota UA case
Andrew Banks
andrew at andrewbanks.com
Wed Jan 3 08:21:17 CET 2018
On 30 December 2017 21:25, Paul Bennett wrote
Specifying a McCabe Code Complexity limit for individual software
components is, in my eyes,
more of a trigger to begin asking the questions that need to be
asked. If the development policy
set the MCC at say 9, then any component submitted for review with a
number above that should
begin to get questions asked.
In theory this is a sound idea... similarly with Source Lines of Code
(another broadly useless/arbitrary metric) - however...
As we in the MISRA C Working Group know from painful experience, too many QA
Peeps put aside common sense, and apply blind adherence and a tick-box
mentality to rules - eg the frequent requirement for 100% MISRA C
compliance, with no deviations (which is, generally, infeasible for
non-trivial projects) which can potentially in some cases result in more
complex conforming code, than the non-conforming code - especially when the
Advisory Rules are followed blindly.
So in the suggested case, the QA Clipboard Monitors will simply
"non-compliant" any module with a MCC above X (without permitting
debate/concession)
Kind regards
Andrew Banks
Embedded Software Manager
Frazer-Nash Research Ltd
http://www.frazer-nash.com
and Chairman
MISRA C Working Group
http://www.misra.org.uk
More information about the systemsafety
mailing list