Language subsetting in an industrial context: A comparison of MISRA C 1998 and MISRA C 2004
نویسنده
چکیده
The MISRA C standard [7] first appeared in 1998 with the objective of providing a set of guidelines to restrict features in the ISO C language of known undefined or otherwise dangerous behaviour. The standard was assembled by representatives of a number of companies in the automobile sector in response to the rapidly growing use of C in electronic embedded systems in automobiles. The standard attempts to build on the earlier work of [6], [3] and others. Due to various perceived deficiencies, notably considerable ambiguity in the rule definitions, a revision was planned and eventually appeared in 2004. This paper measures how well the two standards compare on the same population of software and also determines how well the 2004 version achieved its stated goals. Given its increasing influence, the results raise important concerns. 1 Overview Pragmatic safer subsetting of languages to remove dependence on poorly defined features is finally becoming a mainstream activity with the recent recommendation to form a high-integrity study group under the auspices of the ISO, [8] with the intention of producing sets of rules to restrict features with undefined or otherwise dangerous behaviour in programming languages in common use. It frequently comes as a surprise to developers that significant parts of a programming language can fall into this category. In practice, all standardised programming languages contain problematic features for a variety of reasons which include the inability of the standardising committee to agree on the behaviour of a particular feature, the use of unintentionally ambiguous language in the standards document itself, omitting to say anything at all and so on. It must of course be remembered that many users of a programming language never see the underlying standard document, but these documents are usually
منابع مشابه
MISRA C, for Security's Sake!
Athird of United States new cellular subscriptions in Q1 2016 were for cars. There are now more than 112 million vehicles connected around the world. The percentage of new cars shipped with Internet connectivity is expected to rise from 13% in 2015 to 75% in 2020, and 98% of all vehicles are likely to be connected by 2025. Moreover, the news is often reporting about “white hat” hackers intrudin...
متن کاملMechanically Verifying the Correctness of the Fast Fourier Transform in ACL2
In [10], Misra introduced the powerlist data structure, which is well suited to express recursive, data-parallel algorithms. In particular, Misra showed how powerlists could be used to give simple descriptions to very complex algorithms, such as the Fast Fourier Transform (FFT). Such simplicity in presentation facilitates reasoning about the resulting algorithms, and in fact Misra was able to g...
متن کاملThe second edition of the MISRA C guidelines
Nine years ago, I finally finished a book entitled “Safer C”, (Hatton 1995). The theme of this book was not to promote the use of C in highintegrity and safety critical systems, but simply to make the point that uninhibited coding in this language was entirely inappropriate for such systems. However, if measures were in place to prevent the reoccurrence of very well known fault modes in this la...
متن کاملThe Yaddes Distributed Discrete Event Simulation Specification Language and Execution Environments
This paper describes a simulation specification language and execution environments that are being used to study the performance of distributed discrete event simulation. First, a simulation programming model based on Chandy-Misra distributed discrete event simulation is presented. Then, the Yaddes simulation specification language is described. Yaddes specifications are translated into C langu...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- Information & Software Technology
دوره 49 شماره
صفحات -
تاریخ انتشار 2007