MISRA Is Now Better and Easier to Implement with Polyspace Tools

By Ram Cherukuri, Gary Ryu

The most recent version of the MISRA standard coding rules is MISRA C:2012, which  succeeds MISRA C:2004 that has been widely adopted in the software community across industries for embedded systems.

In a nutshell, the MISRA coding rules define a subset of the C language that is reliable for embedded system programming. Adherence to the standard was initially driven by certification requirements, but now the standard has become widely accepted as it helps to mitigate the liability and risk while developing complex software.

MISRA C:2004 guidelines were based on the then popular C90 version of the C programming language. But, a lot has changed since the 2004 standard was released. We now have the new C99 and C11 versions, which extend the C language with new features.

Even some of the helpful features of the C90 version that enabled developers to write simpler and more efficient code were disallowed by the MISRA C:2004 standard. Although this helped to guard against unreliable or unsafe programming constructs, it tended to be overly restrictive.

A good example of this is MISRA C:2004 Rule 17.4, a required rule that restricted array indexing as the only form of pointer arithmetic. This meant that the use of pointer arithmetic with ++ and - - operators was in violation of the standard. The new MISRA C:2012 standard has turned this into an advisory rule and relaxed the rule to allow the use of ++ and - - operators on pointers.

MISRA C:2004 Rule 17.4 restricts pointer arithmetic to array indexing.
MISRA C:2012 removes the restriction on pointer arithmetic and there’s no coding rule violation.

MISRA C:2012 therefore addresses some of these key issues by:

  • Supporting the new C99 version as well as the existing C90 version
  • Providing detailed rationale for all coding rules
  • Correcting issues in the 2004 version
  • Turning into directives certain rules from 2004 standard that are not statically enforceable (makes it easier for automated static analysis tools to check for compliance)

The new standard also classifies certain rules as undecidable since many static analysis tools are inadequate in their analysis of the data flow, resulting in a high number of false positives and false negatives.

Polyspace® static analysis tools are unique in this respect, in leveraging formal methods to provide exhaustive analysis of the control flow and data flow to help comply with all statically enforceable rules. Both the 2004 and the 2012 versions of the MISRA standard have built-in support within Polyspace tools, along with the subsets for automatically generated code (MISRA AC AGC) and the ability to define a custom subset of the standard. If you are interested in finding out more about this topic and how Polyspace tools can help in complying with MISRA, you can contact the authors.

Tip: Addendum 1 to MISRA C:2012 has also been made available on the MISRA website, which contains rule mappings to assist users in migrating from the 2004 version to the 2012 version. It provides a bidirectional rule mapping between MISRA C:2004 and MISRA C:2012.

Ask the Expert

Puneet Lal Polyspace Static Analysis Notes Contact Expert

Static Analysis with Polyspace Products