Why is MISRA C/C++ compliance great for business?
[Please read to the end for details of our free MISRA C workshop in Italy.]
Most clients initially ask us for help because they need to comply with MISRA C/C++ guidelines. They are the de facto standards for safety critical sectors as diverse as automotive, aerospace and medical devices. These are industries where the quality of the software can literally mean the difference between life and death.
Even where there is no explicit requirement to comply with MISRA C/C++, the regulators still hold manufacturers responsible for product safety. Therefore, manufacturers will often insist their component suppliers comply with the rules. That means, everyone in the supply chain must be able to provide evidence that they have implemented current, state-of-the-art static analysis.
However, we’re happy to say that many clients tell us their business also benefits from better software development testing in other, perhaps unexpected, ways.
1. They see a significant boost in their productivity, efficiency and cost effectiveness
Incorporating MISRA C/C++ guidelines speeds-up software development because fewer errors means less re-coding. Even if your developer and quality assurance teams are already doing a great job, there is always room for improvement in coding efficiency. It is much more cost effective to discover and fix defects before the testing stages are reached.
2. They protect their brand reputation
The cost of fixing coding errors increases significantly (perhaps 10x or even 100x) at every stage. But, those costs are nothing compared with the cost to your business and brand if the end product has to be recalled. For example, we frequently see cars being recalled for maintenance due to persistent software defects. Many of these could have been prevented if the manufacturer had taken a comparatively small amount of extra time, and used a good verification tool, to fix errors in the coding phase.
3. Their teams are more engaged and motivated
Low levels of employee engagement carry huge risks in this sector. We have seen many cases where, because they are using low quality tools and lack proper training, developers perceive the entire verification exercise as pointless and a waste of time. They start to take short cuts that reduce the quality of the software and, in the longer term, increase development costs.
In a worst-case scenario, they can unintentionally sabotage the safety testing process. It is even possible for developers to ‘fake’ adherence to safety standards by, for example, not showing certain parts of the code to the tool. This is a risk when teams don’t take the guidelines seriously or when they are frustrated by poor quality tools.
This can result in genuine life or death situations with the products that rely on the code, such as braking mechanisms in cars. If the case ends up in court, it is very easy to discover that the safety standards were, in fact, not followed.
What’s the answer?
In our experience, training people effectively to use a reliable verification tool increases efficiency and productivity. BUGSENG’s ECLAIR tool automates the most complex part of the configuration. That is, the one that adapts the software to the particular tool chain (which frequently has hundreds of user-selectable options).
ECLAIR is also probably the best-in-class tool for providing high quality, detailed evidence of strict adherence to the safety standards. One of our main objectives when designing ECLAIR was to ensure the analysis results clearly link to the code that is actually embedded in the device. That means, in any audit or litigation case, the ECLAIR analysis provides a thorough explanation and robust evidence that you did everything you could to ensure the safety and compliance of your software.
When developers and quality testers work with a reliable tool, their expertise in the C/C++ programming language improves dramatically. When they also understand the wider context and implications of the MISRA C/C++ coding standards, their motivation for complying with the guidelines soars. We have witnessed many instances of people coming on our courses and returning to their organizations determined to actively promote a culture of quality.
Perception is key here. All personnel need to be convinced that it is a worthwhile investment to select and effectively implement the right tool to properly meet the requirements of the prescribed safety standards. It’s not just about complying with the letter of the law. Every team member has a role to play in preventing potential disasters.
You can find more details of the products we have designed specifically to improve software development testing in safety critical industries here.
MISRA C workshop: Pisa, 25 June 2019
We're running a free workshop on MISRA C and its relevance for the functional safety standards. You can find full details, including how to register, here.
Roberto Bagnara, Ph.D is CTO of BUGSENG, a leading provider of solutions and services for static code analysis. He is also a member of the ISO/IEC JTC1/SC22/WG14 - C Standardization Working Group and the MISRA C Working Group.