[SystemSafety] New paper on MISRA C
Paul Sherwood
paul.sherwood at codethink.co.uk
Thu Sep 13 07:54:41 CEST 2018
On 2018-09-12 14:34, Andrew Banks wrote:
>> Why is MISRA C still considered relevant to system safety in 2018?
>
> Perhaps because it provides extensive guidance that help the community
> prevent the cause of issues rather than try and fix them later. This
> makes such systems inherently more reliable, or offers higher integrity
> if
> you prefer: this makes them safer and more secure.
I agree it provides guidance on how to create C programs which avoid a
range of potential issues. However, that's still component-level
reliability.
Based on my (admittedly new/fresh) understanding of the MIT work, it
seems to me that if we need to rest our assertion of system safety on
the reliability of a specific software component, maybe we've got the
architecture wrong?
> I appreciate you have an issue with something that you have to pay for
> -
> other than someone paying for your time...
While that's true, it's slightly off-topic :) I'm ok to pay in general
for something that's clearly of value, and I appreciate that MISRA C has
value for people seeking deterministic behaviour of C programs in
microcontroller-scale environments (which I believe is the main value of
MISRA C).
br
Paul
More information about the systemsafety
mailing list