1 / 9

Objectives of Coding Standards & MISRA C++

Objectives of Coding Standards & MISRA C++. Clive Pygott, Systems Assurance Group, QinetiQ Chris Tapp, Keylevel Consultants & MISRA C++ chair. DARP Workshop April 2006 Conclusions. Participants at the last Defence Aerospace Research Partnership C++ workshop were asked:

keira
Download Presentation

Objectives of Coding Standards & MISRA C++

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Objectives of Coding Standards & MISRA C++ Clive Pygott, Systems Assurance Group, QinetiQ Chris Tapp, Keylevel Consultants & MISRA C++ chair

  2. DARP Workshop April 2006 Conclusions Participants at the last Defence Aerospace Research Partnership C++ workshop were asked: ‘what do you want to see in a generic software vulnerabilities standard’ • Predictability: behaviour, time, memory usage • A requirement for more precise definition of the language/subset to be used in a high integrity environment • A requirement for a more structured and capable means of recording ‘intent’ and invariants in source code Verification • A requirement for a means of collecting data on the effectiveness of any high-integrity guidelines

  3. Reasons for coding standards • To avoid undefined behaviour • To avoid implementation defined behaviour • To improve clarity for review and maintenance • To provide a consistent style across a program or set of programs • To avoid common programmer errors • To incorporate good practice, particularly with regard to ‘future proofing’

  4. Who are MISRA? • Motor Industry Software Reliability Association • Started in 1990 • Mission: “to provide assistance to the automotive industry in the creation and application of safe and reliable software in vehicle systems” • The original project was part of the UK Government’s “SafeIT” programme • Now self-supported – and used far outside the automotive industry

  5. MISRA C++ • Extension of MISRA-C • No language feature totally barred (except goto – for a better reason than in MISRA-C) • Target date for draft for peer review – January 2007 • Being developed by a working group including • Software safety consultants/researchers • Tool vendors • Users

  6. MISRA C++ sources • Identification of Issues • QinetiQ Vulnerabilities Report • Evaluation of Existing Material • Other Coding Standards • MISRA-C • JSF++ • Medical Systems • Transportation • Tool Vendors (‘real world’ experience). • Other Publications • Scott Meyers • Stephen Dewhurst • Etc.

  7. MISRA C++ Aims • Predictability – mostly functional • Portability • Clarity for review/maintenance • Avoiding common errors Not systematically addressed • Predictability – temporal, memory usage Not • Consistency of style • Good practice/future proofing

  8. MISRA C++ (&C) rule structure • Rule Structure • Rule Number and category (Mandatory…) • Headline Text • (should be) precise and testable • Issue and Existing Material References • Explanation of the issue(s) and rule justification. • Examples of non-conforming and, where appropriate, conforming code. • Expected deviations (if appropriate and may include ‘none’!)

  9. MISRA C++ relationship with OWGV? • Would hope that this group sets the objectives for high integrity software • MISRA C++ would then want to claim compliance

More Related