Coding Guides

With safety and reliability in mind the MISRA 1998 standard for C advocated a safe subset of C. In 2004 a revised version was published with a view to making it easier to write tools that would automatically detect unsafe usage. This is not a trivial point, applying the rules manually is extremely tedious and without tools that enforce the rules reliably there would be little enthusiasm for it. In 2008 a standard for C++ was published. Another widely used standard for C++ is the JSF AV C++ coding standard. It was developed as a set of rules for developers writing code for the Joint Strike Force Air Vehicle (or F-35 for short).

Where security is important there is the CERT C standard (the C++ version is under development). The standard is applicable to embedded software on a product which may be connected to the internet, or it may have a wireless connection or a debug port which an “attacker” could connect to. Imagine a burglar alarm for a building connected to the internet so that it might e-mail a central office if a break-in occurs. Could some-one hack into the system over the internet and deactivate the alarm?

Software tools to help check source code have been available for a long time. One of the best known is the static analysis tool “Lint” from Gimpel. These tools are a complement to testing not a substitute. The criticism most often levelled at these tools is that they generate too error or warning messages and if it is used near the end of the development after thousands of lines of code have been written, that should not be a surprise. Use the tool from day one, integrate it into the build process so that it runs every time and warns you early on. That way, you will not encounter a huge list of messages and you will change your coding style such that your code quality is improved.