Perspectives

Three safety critical software trends shaping industry

 

We live in a world where our safety increasingly depends on software. It has now become so deeply ingrained in many aspects of modern life that, quite literally at times, we can’t live without it. This reflects three broad, converging industry trends: increased software complexity, greater software dependency, and growing demand for fast, accurate, safety critical performance from software.

The question for organizations that produce goods that depend on software is how do you manage these trends in a cost-effective yet responsible way?

Why is MISRA C/C++ compliance great for business?

 

[Please read to the end for details of our free MISRA C workshop in Italy.]

Most clients initially ask us for help because they need to comply with MISRA C/C++ guidelines. They are the de facto standards for safety critical sectors as diverse as automotive, aerospace and medical devices. These are industries where the quality of the software can literally mean the difference between life and death.

Our philosophy: No shortcuts, no compromises, no excuses

Our philosophy: No shortcuts, no compromises, no excuses

 

The story of how BUGSENG came to be has taken many twists and turns over the years. From a teenage boy playing with his friend’s programmable calculator, through stints with the military and CERN and on to a glittering academic career spanning both Italy and Yorkshire, England. We wanted to find out more about this story, and who better to tell it than BUGSENG’s co-founder and CTO, Roberto Bagnara.

Q: What inspired you to set up BUGSENG?

Why can’t I use a Bug Finder tool for MISRA compliance?

Why can’t I use a Bug Finder tool for MISRA compliance?

 

With a generic programmer audience in mind, Bug Finders are engineered to produce as few false positives as possible. This avoids the frustration of expensive and time consuming investigations. However, in safety critical software development, this approach is potentially life threatening. You may also have a contractual obligation to use MISRA C/C++ for safety critical software.

 

MISRA C/C++ is about error prevention, not bug finding

Feeling overwhelmed by MISRA C compliance?

 

In our previous blogs, we looked at the complexities of MISRA C compliance and the need for both robust verification tools and adequate personnel training. Organizations that start new projects having fulfilled these requirements will typically be able to claim MISRA compliance at the end of the project.

But there are exceptions, especially connected to the use of existing code. In this blog we’ll look at four situations, which can occur at the same time. The first two are rather common and all four can be the source of significant extra complications.

How can you avoid the C/C++ traps and pitfalls

 

In our previous blog, we looked at the complexities of MISRA C compliance and the necessity of robust verification tools. However, simply installing a tool is not sufficient. The MISRA compliance documents specifically state that, in order to describe a project as "MISRA Compliant", staff must be competent and fully understand the issues underlined by each guideline. This is especially important for personnel involved in the approval of deviations from the guidelines.

Three headaches with MISRA compliance

 

Software bugs are frustrating, inconvenient and expensive in any industry. But, in safety-critical, mission-critical or security-critical sectors, the consequences are not only disruptive to business. A single, subtle bug can be catastrophic to people’s lives.

In the car industry, for example, the number of safety recalls linked to software failures has risen by 30% a year since 2012. Toyota recently recalled more than 2.4 million hybrid vehicles worldwide because of a fault in their systems that could cause them to lose power.

Compiler Warnings: Use Them, Don't Trust Them

Turning On All Warnings Is Definitely a Good Thing

Most compilers provide useful warning messages that inform about circumstances that may not correspond to the intentions of the programmer. In most environments where code quality and low defect rates are important, a rule requiring the code to compile without warnings when all the compiler warnings are enabled is increasingly being enforced.

Making sure what you see is really what you have

Background

Software bugs have a long and frightening history. In just the past few years automobile manufacturers have recalled more than 1.3 million vehicles due to software problems leading to unexpected acceleration, stalling, braking issues, airbag deployment problems and vehicle stability issues. Similar cases have been found in other safety-critical industries such as medical devices.

We are a passionate team of experts. Do not hesitate to let us have your feedback:
You may be surprised to discover just how much your suggestions matter to us.