Feeling overwhelmed by MISRA C compliance?
In our previous blogs, we looked at the complexities of MISRA C compliance and the need for both robust verification tools and adequate personnel training. Organizations that start new projects having fulfilled these requirements will typically be able to claim MISRA compliance at the end of the project.
But there are exceptions, especially connected to the use of existing code. In this blog we’ll look at four situations, which can occur at the same time. The first two are rather common and all four can be the source of significant extra complications.
1. The project has already started
The project started before MISRA compliance was a requirement, so compliance was never considered. This situation is common and happens in several industry sectors. This is likely because businesses are increasingly aware of the criticality of devices and the potential consequences of malfunctions and because the normative and supply chain constraints are becoming ever more stringent. Redoing the project from scratch is not an option: in some cases the core of the project is software that has been developed over decades and represents a main asset of the company.
2. The project makes extensive use of "foreign" code
Device drivers, third-party libraries, middleware, automatically-generated code, legacy code: all this code might have been written without the requirement of MISRA compliance. Some might have been developed to be compliant to a different version of the guidelines, or with respect to a different language implementation. It may also meet different compliance criteria (the MISRA guidelines can be re-categorized on a per-project basis).
3. The project is multi-language
For instance, part of the code is written in C and part in C++. This is increasingly common due to the use of computer vision and machine-learning libraries in C++. How can you define compliance and check for sources that are common, such as C header files included in C and C++ translation units?
4. Multi-version software
Some projects are inherently multi-version: there is a core of common code and several modules containing version-specific code. The common part makes extensive use of preprocessing directives (#if, #ifdef, ...) to adapt to the different versions, which often involve the use of different tool chains. This is the case with middleware, such as operating systems, and is also quite frequent in the household electrical appliances’ sector.
These four situations can all cause significant extra difficulties. In such cases, using a qualified consulting service may make the difference between success and failure. This is why we have set up a consulting division, which helps our customers address quality, security and compliance requirements.
We have strong experience in the application of the MISRA coding standards even in the most challenging situations. BUGSENG engineers regularly conduct software audit reviews and coding standards compliance verification. They also provide support in the definition of refactory plans to gradually bring the source code base into compliance. BUGSENG's ECLAIR software verification platform has specially developed features to facilitate the enforcement of MISRA C guidelines on existing code; in particular automatically flagging when a source code change will cause a change in the compiled code.
BUGSENG and Evidence: a successful partnership for MISRA compliance
Evidence Srl is an Italian SME specializing in the design and development of firmware and software for embedded real-time devices. Among many other activities, the company leads the development of Erika Enterprise, an open-source RTOS used by several renowned companies operating in the automotive, HVAC and household markets. “Thanks to the ECLAIR tool and BUGSENG consulting services we have been able to bring MISRA compliance of Erika Enterprise to the next level,” says Paolo Gai, CEO of Evidence Srl.
“Before, we were using a tool that could only check a subset of the guidelines, and with a significant number of false negatives beyond the many false positives. So we had thousands of MISRA C violations we were unaware of. Our partnership with BUGSENG allowed us to quickly reach true compliance for the main core of Erika Enterprise.
“Erika Enterprise is naturally highly configurable. Some of our customers require MISRA compliance of hundreds to thousands of different configurations, possibly using different tool chains. BUGSENG’s highly-qualified consultants are playing a crucial role in helping us factorizing the work required to ensure MISRA compliance of all such configurations.”
For more information about BUGSENG’s consulting services please see https://www.bugseng.com/services/consulting
Roberto Bagnara, Ph.D is CTO of BUGSENG, a leading provider of solutions and services for static code analysis. He is also a member of the ISO/IEC JTC1/SC22/WG14 - C Standardization Working Group and the MISRA C Working Group.
Meet us at the Embedded World Conference in Nuremberg, 26-28 February 2019. Free tickets are available.
The BUGSENG and Evidence teams will be co-exhibiting at the Embedded World Conference in Nuremberg. We’d love to meet you and answer any questions you may have about our verification services, training as well as consulting services. You’ll find us on stand 4-545.
If you would like to arrange a meeting in advance, please email us at info@bugseng.com
Our CTO, Roberto Bagnara, will also be speaking at the conference. His presentation: "The MISRA C Coding Standard: A Key Enabler for the Development of Safety and Security Critical Embedded Software" is at 10:30AM on Tuesday 26 February 2019.
You can use the admission voucher E-code B415892 to reserve your free ticket to Embedded World 2019. To register online in advance, go to www.embedded-world.de/voucher
Know someone else who may be interested?
Feel free to share the voucher code above. It can be redeemed more than once.
For more details of the event visit https://www.embedded-world.eu/home.html