[SystemSafety] New paper on MISRA C

Paul Sherwood paul.sherwood at codethink.co.uk
Wed Sep 12 14:54:37 CEST 2018


On 2018-09-12 13:17, Derek M Jones wrote:
> I read this (and subsequent material) as saying that the correlation
> is not 100% (and some people think it is).
> 
> I would certainly agree that it is not 100%.  But is it 50%, 25%?
> I don't think it is 0%.
> 
> Does anybody have suggested numbers for the correlation?

I don't see how the numbers for correlation matter, really, once we have 
established that reliability != safety, component safety != system 
safety. If we are aiming for system safety, focusing on reliability of 
components is simply the wrong thing to do. As I understand it we need 
to engineer a system-level safety architecture that deals with 
**expected failure** of (combinations of) any and all components.

And hence I'm wondering why are folks still interested in MISRA C for 
system safety, when it seems to be mainly about removing potential 
causes of non-deterministic behabviour in small-scale software 
components.

br
Paul




More information about the systemsafety mailing list