[ACCEPTED]-Misra standard for embedded software-misra

Accepted answer
Score: 12

I also highly recommend PC-Lint. If you 27 happen to be compiling your code with Visual 26 Studio I recommend a plug-in 'Visual Lint' from 25 Riverblade. If you cannot compile the code 24 in Visual Studio, you can still run PC-Lint 23 from the command line to good effect.

Some 22 embedded system compilers provide MISRA 21 compliance testing as compiler warnings. I 20 use the IAR compiler for Arm7/Arm9 development. It 19 provides an easy to configure MISRA compliance 18 checklist right in the compiler setup.

It 17 is difficult to come up with a rule of thumb 16 for estimating the time it would take you 15 to make some well written code MISRA compliant. A 14 lot depends on the existing coding habits 13 of the programmers and how closely they 12 follow the MISRA rules in the first place.

Rough 11 estimates:
2 - 3 days to become adept at 10 PC-Lint usage.
Initial pass at making existing 9 code MISRA compliant: 10 to 25 percent 8 of the time spent writing the code in the 7 first place.
Keeping code MISRA compliant: 5 6 to 10 percent added to code development. Half 5 of this cost is changing the habits of your 4 coders to follow the 'MISRA way' of doing 3 things. The other half is the extra cost 2 of code testing and inspection to ensure 1 MISRA compliance.

Score: 8

Making code Misra compliant it not too much 12 of a chore - if you follow fairly good programming 11 practices. You might find some of the pointer 10 rules slightly tricky, if the code you're 9 trying to make comply has some weird and 8 wonderful pointer arithmetic.

I'd second 7 Greg's recommendation for PC Lint, but the 6 open-source Splint is also worth looking 5 at, although between them (and the compiler's 4 warning system), I estimate you'll still 3 only be able to cover 80% of the Misra rules 2 - the rest will probably need to be code 1 reviewed by hand.

Score: 4

I use PC Lint for static analysis of C and 3 C++ code. It can be configured to show what 2 MISRA rules have been violated, and it has 1 a command line interface.

Score: 3

I have used a commercial tool called QAC. The 22 tool is able to enforce MISRA

It has a command-line 21 interface, so you can set it up to run from 20 a automated build environment. The rules 19 to be applied are configurable, but expect 18 to have someone spending some time setting 17 it u. The MISRA enforcement is pretty straightforward 16 and worked well enough. I was told (and 15 this is just 3rd hand) that this is one 14 of the tools some agencies (such as the 13 FDA) use to evaluate code. Like most static 12 analysis tools there is noise (false positives) to 11 deal with. The last time I used it, it 10 didn't have a good means to mark/stop a 9 false positive from occurring again (without 8 changing the code it was complaining about).

I 7 suspect a junior engineer will take up to 6 a week (4-5 days) to get it setup (assuming 5 they are determined to get it working as 4 you want).

On a side note, other commercial 3 static analysis tools likely have MISRA 2 enforcement as well. Reportedly (per their 1 sales rep), Klocwork does.

Score: 3

We had a similar problem of retrofitting 22 Misra rules. We had some code quality issues 21 on a large project and decided to use MISRA 20 to improve the code quality.

We use the Green 19 Hills compiler that has support for MISRA 18 C rules. There is also stand alone checkers 17 available. Depending on what you want to 16 do it can be a bit over kill switching on 15 all the rules. We switched one the rule 14 on at a time to give people time to fix 13 a limited number of similar problems else 12 you get totally overwhelmed by the amount 11 of errors.

Since our warnings was generated 10 by the compiler and not by a standalone 9 tool you see the errors as you develop and 8 not only when you run the checker. As we 7 continued developing we got our code compliant 6 and not in one big bang. This also prevent 5 old habits spoiling the new code causing 4 you to having to rework the code again later.

Some 3 times it is difficult to get old code compliant 2 since nobody knows exactly how the code 1 works. I hope you have unit tests.

Score: 1

I appreciate that this is an old question, but 16 for the benefit of any other Archaeologists 15 (or searchers), it is important to remember 14 that MISRA provides guidelines that should not always 13 be blindly followed.

I commend writing new 12 code with MISRA in mind; therefore it will 11 be a lot easier to stay compliant.

However, this 10 is not always possible - and in particular, when 9 trying to reverse engineer code to meet 8 the guidelines. In this case I suggest 7 that you focus on the Required rules, and 6 treat the Advisories as a bonus... cost 5 v benefit applies here too!

Also, bear in 4 mind that there is a deviation process - it 3 is better to keep clean and maintainable 2 code with a deviation, than to contrive 1 some compliant but illegible spaghetti.

More Related questions