The Importance of Software Architectural Constraints and their Automatic Check
In the development of high-integrity software, all interactions between components must satisfy design constraints. Hierarchical levels must not be bypassed: if the design prescribes that software layer A cannot interact directly with layer C without the intermediation of layer B, this is something that must be verified.
Say "No" to MISRA Debts
The notion of technical debt was introduced by Howard G. Cunningham in 1992. It refers to the phenomenon whereby technical decisions are taken to obtain a short-term advantage at the cost of longer-term disadvantage. It is a powerful metaphor because technical debt and financial debt are indeed very similar.
5 Reasons Why You Should Do MISRA Compliance
MISRA compliance, if done properly, will:
Reduce development costs and times by reducing the incidence of reworking and simplifying the testing efforts.
Increase software quality and customer satisfaction.
Reduce the costs of maintenance.
The C Standard Library Cannot Be Trusted Blindly
In safety-related development, nothing can be trusted blindly. And the C Standard Library makes no exception. For a small selection, be aware that there are implementations in widespread use where:
A New Way of Implementing Shift-left
Shift-left is not a new idea. In an article dated September 1st 2001 appeared on the Dr. Dobb's Journal, Larry Smith wrote
Hurry is Hazardous: We Need Both Safety AND Efficiency
We live in a world where our safety increasingly depends on software. It has now become so deeply ingrained in many aspects of modern life that, quite literally at times, we can’t live without it. This reflects three broad, converging industry trends: increased software complexity, greater software dependency, and growing demand for fast, accurate, safety critical performance from software.
MISRA C: What About Coding Style?
Style, while being essential to ensure program readability, is highly subjective. Everyone in software development knows that matters apparently as futile as the positioning of opening and closing braces can cause friction within the development team. Nonetheless, as observed in BARR-C-2018,
Chip Shortage Calls for Flexible Static Analysis Tools
Analysts say that the global shortage of computer chips may last until the end of 2022. In the words of Simon Segars, Arm Holdings chief executive
"This isn't a short-term problem with a short-term solution."
Trojan Source Code Vulnerabilities: No More with ECLAIR
A very recent paper presents a new type of attack: source code can be maliciously encoded so that compared to a compiler human readers will interpret it differently.
Compiler Warnings: Use Them, Don't Trust Them
Compiler warnings are useful, but they are highly unreliable. In addition, they are no substitute for language subsetting, as mandated by most functional safety standards and typically achieved by complying to the MISRA coding standards.
MISRA Compliance for Project Managers
MISRA Training Requirements
MISRA compliance is becoming a more stringent requirement in all industry sectors where critical systems are being developed. Developers and QA people need to receive appropriate MISRA training: this is well known and mandated by MISRA.
Requirement Traceability with All Substance and No Fuss
There is a popular quote in the software verification and validation community:
"Without a specification, a system cannot be right or wrong, it can only be surprising!"
(Paraphrased from W. D. Young, W. E. Boebert, and R. Y. Kain; "Proving a Computer System Secure", The Scientific Honeyweller 6(2), pp. 18-27, 1985.)
MISRA C/C++ and adopted code: 5 ingredients for success
Help! Are compiler defects bugging my code?
MISRA C in the medical sector: are you ready?
Last update: May 2022
Static analysis: On-Prem or as SaaS?
MISRA compliance troubleshooting for project success
Celebrating 10 years of BUGSENG
Game-changing qualification services and tool features
This month, the BUGSENG team is launching a raft of new services and support for developers, QA and safety teams. We’ve designed them in response to feedback from our customers about the continual challenges you face balancing safety with available resources, budgets and project deadlines. Our new ECLAIR 3.9.0 release has three valuable new features to help you.
Driving smarter ECU consolidation
Engineers must provide evidence of how their software ensures freedom of interference, independence, and absence of interference.
New Webinar: Language subsetting and compiler qualification
Developing critical systems software in C saves time and money if you have proper language subsetting and compiler qualification.
BUGSENG’s ECLAIR static analyzer could save you its license fee in just one project
You probably know the expression ‘prevention is better than cure’. Nowhere is this truer than in developing safety critical software. We have seen enough accident investigations to know there are no upper limits to the potential costs that errors can incur
The ECLAIR static analysis tool boosts productivity and ROI
Managing software development projects is a tough job. You’re constantly juggling resources, deadlines, budgets and risk. It’s like running a small city.
What are the costs of false positives and false negatives?
False positives and false negatives are as dangerous in static analysis tools as they are in Covid-19 testing. False positives say you have a problem when you don’t. False negatives tell you everything is fine when it isn’t.
ECLAIR 3.7 launches with 3 new code analysis benefits
We initially created ECLAIR, our static code analysis tool, back in 2008. Our aim was, and still is, to help developers build better, more reliable systems. At the same time, we want to help managers ensure code safety, portability and reliability.
Register for our new FREE MISRA C/C++ and BARR-C webinars
BUGSENG have been running MISRA C/C++ workshops, seminars and presentations across Europe and India in recent years. As a result, we’ve had several requests for some of this learning and expertise to be translated to a webinar format. We’re delighted to announce we’ve done just that and will be running the first five webinars from March to June.
What does MISRA C/C++ compliance really involve?
Some organizations believe they can claim MISRA compliance for their software simply by buying any one of the many MISRA-checking tools on the market. That’s not the case. In fact, this approach is extremely risky.
Meet BUGSENG at Embedded World 2020
BUGSENG’s 2019 review and 2020 vision
Launching new products, speaking at international conferences, running training courses and publishing papers. It’s been an incredibly busy and successful year for BUGSENG. We asked CTO, Roberto Bagnara, to give us a brief round up of what’s been happening in 2019 and reveal some of BUGSENG’s plans for next year.
BUGSENG’s joint paper with Michael Barr
Roberto Bagnara and Dr Patricia Hill of BUGSENG are currently working on a joint paper with Michael Barr, a leading embedded systems software engineer and consultant. The paper discusses the relationship between BARR-C: 2018 and MISRA C: 2012. These are the two most widely used C coding standards and the paper details their parallel and serial adoption.
Three big BUGSENG announcements
We’ve been busy at BUGSENG recently and are now delighted to be able to share three exciting news stories.
Launch: ECLAIR Qualification Kits
Competition time: Test your C programming skills
When Lonely Planet asked travelers for their ‘lost in translation’ photos of signs and menus from around the world, they had over 1,000, often hilarious, responses. Even when communicating in natural languages and dialects, the potential for confusion is immense. We see a similar but more serious issue of confusion around the C programming language.
Meet one of the inspirations for BUGSENG’s success
Dr Patricia Hill (or Pat as she’s known around here) makes an unassuming hero. However, she’s been part of the BUGSENG journey since the start and her experience contributes to our success every day. Her career story is inspiring and exhausting in equal measure, so we persuaded her to pause and reflect on what she’s learnt so far.
Three safety critical software trends shaping industry
Why is MISRA C/C++ compliance great for business?
[Please read to the end for details of our free MISRA C workshop in Italy.]