5 Reasons Why You Should Do MISRA Compliance
MISRA compliance, if done properly, will:
Reduce development costs and times by reducing the incidence of reworking and simplifying the testing efforts.
Increase software quality and customer satisfaction.
Reduce the costs of maintenance.
Satisfy crucial requirements of the major functional-safety standards, such as IEC 61508, ISO 26262, EN 50128, ISO 25119.
Help significantly if the worst happens and the defective product is brought in front of a Court of Law (remember the case of Toyota unintended acceleration issues?)
Point 5 requires some explanation.
Even independently from whether product development has requirements to comply with any standard, there are general laws about the liability of producers that require adopting all generally recognized state-of-the-art that may prevent defects in product that may harm the public.
The application of the MISRA standards is generally recognized as being part of the state-of-the-art of software verification. Among the general laws of reference for producers of software and software-controlled systems are directives 90/385/EEC and 93/42/EEC.
These European product liability directives are live and kicking: the Commission published a draft proposal for a revised Directive in September 2022 and the revision process is currently ongoing, with the objective of giving consumers even more protection against the damage caused by defective products.
In the medical sector, the European Medical Device Regulation (MDR), which is now in full force, goes beyond the mentioned liability directives:
- MDR Clause 17.2 states that, for devices that incorporate software, or for software that is itself a device, the software must be developed and manufactured in accordance with the state-of-the-art standards. These standards must take into account the principles of development life cycle and risk management, including information security, verification and validation.
- MDR Annex ll, Clause 6 gives more detail on software verification and validation. In particular, it prescribes the provision of information concerning all aspects of software design, development process and evidence of verification and validation addressing all hardware configurations and operating systems.
National legislations are adapting to the European directives. For instance, Italy enforced L.D. No. 231/2001 introducing a new kind of liability based on “organisational fault”.
Summarizing, manufacturers and component suppliers must ensure the code safety, security and reliability of embedded systems. Courts are not lenient with manufacturers who fail to ensure such software compliance and consumer protection.
How BUGSENG can help
While MISRA compliance alone cannot ensure software correctness, safety and security, it is generally recognized as essential in order to code in C or C++. Critical C/C++ code that does not comply is legitimately regarded as suspicious: it may be affected by undefined or unspecified behavior, it may have defeated proper peer review.
Book a free MISRA strategy call
No strings attached, no expenses, no commitments: 30-60' of friendly discussion where you explain what you do and one of our experts gives you a candid opinion on how you could introduce the MISRA standards in your organization or how you can implement them more effectively. Can be done under an NDA of your choice if that helps.
In addition, BUGSENG offers advanced MISRA trainings online and on-site. Proper training for developers and QA people is mandated by MISRA. Planning these activities on a regular basis is crucial to strengthen the confidence of your development team and improve the quality of the day-to-day work.
Useful webinars
We regularly offer webinar/training opportunities where we cover the latest developments in MISRA C/C++ and BARR-C coding standards, static analysis tools, tool qualification, and compliance to industrial functional safety standards. Each webinar will last around 45-50 minutes plus 10-15 minutes for questions, and all are completely free.
Our YouTube channel is a mine of MISRA-related video resources. For instance, you can watch A Rationale-Based Classification of MISRA C Guidelines to learn how to prioritize subsets of MISRA Guidelines.
In next webinar you will learn what are the key factors to be taken into account when embracing static application of safety/security testing into an organization, with a particular emphasis on the development and maintenance of critical embedded systems.
Once a month we also do a 90 min presentation of ECLAIR Software Verification Platform which is particularly useful if you are looking into evaluating the tool or, even if you are an existing user, to get a nice overview of the latest features.
Don't forget to join our LinkedIn community to keep up to date with all our news.