There is a wealth of empirical evidence for the adage "prevention is worth a pound of cure" in software development, especially in C programming. In fact, we have known for many years the most effective means of removing and preventing defects in systems software is through rigorous code inspection.
What makes code inspections so effective in C programming is the formal review of each line of source code by a team of experts enforcing a strict set of inspection criteria (best practices and standards) along with their own experience, in the preventation and detection of bugs. Part of these criteria is avoiding the many traps and pitfalls within the C language that can lead to unpredictable or unwanted behavior. This is known as language subsetting. The most widely used C language subset is MISRA-C:2004, which provides the basis of a rigorous coding standard.
Unfortunately, anyone who has developed under these strict processes knows how painful it can be. Existing coding standards and subsets (even MISRA-C:2004) can be a source of frustration due to rules that are imprecisely written or more restrictive than necessary. But even the most well written coding standards and practices gather dust on bookshelves unless there is inspection- yet inspections can be too much of a strain on key human resources too early in the development process, especially as we increasingly embrace the idea development should be more agile - not burdened with heavy-weight processes. For highly regulated safety critical systems, these pains have been recognized to be worth the effort and MISRA-C:2004 is widely used in the Automobile, Aero and Medical industries.
Now, from the many lessons learned over the decade there is a new MISRA standard, which is described within the embedded system industry as "an indispensable resource for anyone who cares about software quality and is developing systems in C."
MISRA:2012 is a complete overhaul and represents an extensive effort to ensure:
1) Rules are more precise and do not prevent reasonable uses or behaviors with no undesirable consequences.
2) Rules have detailed rationale and remove rules without strong rationale - with better guidance on their applicability.
3) Rules are more decidable, to allow better tool enforcement and reduce the amount of manual checking, making automatic code inspection a reality.
This talk will provide an overview of MISRA-C:2012 and the new generation of code inspection tools that automate and help manage standards and processes based on it.
Clayton Weimer is Programming Research's Sr. Technical Consultant in North America. He has 30 years of experience in software development including advancement of development tools and practices at GTE, TRW, and AT&T where he received publication and presentation awards in the areas of object-oriented design, configuration management and design tools and techniques. He also did early pioneering work on embedded wireless solutions and tablet computers at several startup companies. Before joining Programming Research in 2009, he continued his work in wireless mobile technology as a technical consultant and expert legal consultant in software patent and antitrust litigation. Clayton received his BSc degree in Computer Science in 1985 from California State University, Dominguez Hills during which time he worked as a programmer for Beckman Instruments developing it’s first small hospital laboratory management system where he gained his full education and appreciation of software engineering working with a team of seasoned IBM software consultants.