The MISRA C Coding Standard: A Key Enabler for the Development of Safety- and Security-Critical Embedded Software

Building embedded control systems that embody industry best practices for safety and security is a challenging task: doing so in unrestricted C is even more challenging. C~is a general-purpose programming language, partially defined by an ISO standard written in natural language with a slow evolution over the last 40+ years. Its many strong points make it the most used language for the development of embedded systems. Unfortunately, the origin of C's strength is also the origin of C's weakness: the language has many aspects that are not fully defined, it has some rather obscure aspects that can easily induce programmers into error, and it has no run-time error detection facilities. MISRA C is a coding standard defining a subset of the C language, initially targeted at the automotive sector, but now adopted across all industry sectors that develop C software in safety- and/or security-critical contexts. In this talk, we introduce MISRA C, its key role in the development of critical embedded systems' software and its relevance to industry safety and security standards. We explain why and how MISRA C retains 95% of the advantages of C and eradicates 95% of its drawbacks: with the right tools, training and professional expertise, the adoption of MISRA C, besides satisfying some important requirements imposed by safety standards, can significantly decrease development times and costs.