2-12590-2023-06-14 EW-China MISRA.pdf

1、MISRA C EvolutionPresented byAndrew BanksTechnical Specialist,LDRAChair,MISRA CAndrew.BEmbedded World China 14th June 2023About the speaker Biography Over 30 years experience in developing real-time embedded software systems,across a number of industries Chartered Fellow of the British Computer Soci

2、ety Member of the Institution of Engineering&Technology.Member of the System Safety Technical Professional Network Executive Technical Specialist/Field Application Engineer,LDRA Standards Chairman of MISRA C Working Group since May 2013.Working Group member since 2007 Chairman of the British Standar

3、ds Institutes Software Testing Working Group Contributor to ISO/IEC JTC1/SC7 and WG26 Contributor to ISO 29119“Software Testing”Contributor to ISO 26262“Road Vehicles-Functional Safety”2nd Edition etc2AndrewBanks AndrewBanksAndrew BanksIEng MIET FBCS CITPThe background to MISRA C3Far back,in the mis

4、ts of ancient timeIn the beginning,the Universe was created.This has made a lot of people very angry and been widely regarded as a bad move.The Restaurant at the End of the UniverseBook 2 of the Douglas Adams 5-part TrilogyThe Hitch Hikers Guide To The Galaxy4 K&R C 1972 First created by Dennis Ritc

5、hie 1976 Lint,the first C static analyser,created by Stephen Johnson 1978 The C Programming Language published ANSI C 1989 ANSI X3.159-1989aka C89First standardized version ISO C 1990 ISO/IEC 9899:1990aka C90Equivalent to C89 1995 Amendment 1aka C95 1999 ISO/IEC 9899:1999 aka C99 2011ISO/IEC 9899:20

6、11 aka C11 2018 ISO/IEC 9899:2018 aka C18 202x ISO/IEC 9899:202x aka C2xThe C Language A Quick History5Despite its popularity,there are several drawbacks with the C language,eg:The ISO Standard language definition is incomplete Behaviour that is Undefined61 incidences Behaviour that is Unspecified21

7、1 incidences Behaviour that is Implementation Defined120 incidences Behaviour that is Locale-dependant15 incidences Language misuse and obfuscation Language misunderstanding Run-time error checkingMISRA C is one solution.MISRA C The Rationale6 Nov 1994:Development guidelines for vehicle based softwa

8、re(The MISRA Guidelines)The first automotive publication concerning functional safety Commenced more than 10 years before work started on ISO 26262 April 1998:Guidelines for the use of the C language in vehicle based software(MISRA C)Dec 1998:IEC 61508(1st Edition)publishedOriginal MISRA publication

9、s7MISRA C The Vision The vision of MISRA C is set out in the opening paragraph of the Guidelines:The MISRA C Guidelines define a subset of the C language in which the opportunity to make mistakes is either removed or reduced.Many standards for the development of safety-related software require,or re

10、commend,the use of a language subset,and this can also be used to develop any application with high integrity or high reliability requirements.So not just automotive.And not just safety-criticalFebruary 20218MISRA C Evolution9MISRA C Evolution 1998 to 201910MISRA-C:19981st Edition(April 1998)MISRA-C

11、:20042nd Edition(October 2004)MISRA C:20123rd Edition(March 2013)MISRA C:20123rd Edn,1st Rev.(Feb 2019)Amendment 1(April 2016)Tech.Corr.1(June 2017)MISRA C:20233rd Edn,2nd Rev.(Apr 2023)MISRA C Evolution11MISRA C:20123rd Edn,1st Rev.(Feb 2019)Amendment 2(Feb 2020)Tech.Corr.2(Mar 2022)Amendment 3(Nov

12、 2022)Amendment 4(Mar 2023)Happy 25th anniversary,MISRA C!Introducing MISRA C:202312Available to purchase as a PDF now via:https:/www.misra.org.uk/product/misra-c2023/Coming soon Print On DemandComparison DR MISRA C:2012161433rd Edition AMD1(2016 Security)+1+13 MISRA C:2012(2019)171563rd Edition,1st

13、 Revision AMD2(2020 C11)0+2Mods to most other guidelines AMD3(2022)+1+23 AMD4(2023)+3+19 MISRA C:2023212003rd Edition,2nd Revision13The MISRA C Supporting Cast Not being maintained Addendum 1Rule Mapping(MISRA C:2012 v MISRA C:2004)Coverage of MISRA C:2012 against Addendum 2ISO/IEC TS 17961:2013“C S

14、ecure”Published(*)Addendum 3CERT C 2016 EditionPublished(*)Addendum 4ISO/IEC 24772“Language Vulnerabilities”In progress Addendum 5MITRE Common Weakness EnumerationIn progress MISRA Compliance PermitsDeviation permits for MISRA CompliancePublished(*)(*)=will be revised for MISRA C:202314Looking Forwa

15、rd15Publication Process Previously,infrequent new editions(1998,2004,2012,2019)Recent incremental approach speeds up development,with updates coinciding with the Embedded World Conference 20193rd Edition,1st Revision 2020Amendment 2 2021Permits 2022Amendment 3,Technical Corrigendum 2 2023Amendment 4

16、 Print-on-Demand allows flexibility in producing new full documents16Work in Progress Work in Progress Enhancements for Automatically Generated Code Updated coverage mappings for:ISO/IEC TS 17961“C Secure”CERT C New coverage mappings for:ISO/IEC 24772Language Vulnerabilities MITRE CWECommon Weakness

17、 Enumeration17What Next?the Incremental ISO/IEC 9899:202x(aka C2x)New and revised features Improvements for undecidability Potential use of annotations to aid analysis,eg misra:xxx Enhanced guidance for the Standard Library Use of dynamic memory Character data handling Use of stdio.h etc18What Next?

18、More fundamental A Layered Approach?Predictable Subset v Good/Best Practice Bare Metal v Application Freestanding v Hosted What about C90?Do we still need to continue C90 support?19In conclusion.MISRA C In SummaryMISRA C and MISRA C+are-widely respected as a safety-related coding standard-equally ap

19、plicable as a security-related coding standard-appropriate for use in all high-integrity and high-reliability environmentsMISRA C and MISRA C+have-evolved from being automotive guidance into a pan-industry best practiceMISRA C and MISRA C+will-continue to evolve as new editions of the C/C+standards

20、are produced-seek to address other constraints as they become identifiedThe MISRA C Working Group welcomes feedback from all usersJune 28,202321MISRA Working Groups Get InvolvedThe MISRA C and MISRA C+Working Groups are made up of volunteers.Most work is still done via Zoom meetingsFace-to-Face meet

21、ings are typically held at Sibson(near Nuneaton).Membership is open to anyone with the appropriate technical ability.Anyone interested in joining should contact the respective Working Group Chairman:-For MISRA Cchair.cmisra.org.uk-For MISRA C+chair.cppmisra.org.uk-For MISRA SQMchair.sqmmisra.org.ukJune 28,202322QA&23Need moreinformation?LDRA Software TechnologyLDRA Limitedldra_technologyLDRA ToolsContact Us24