Can anyone share their experience in adopting the MISRA C specification in their software development process?
+2
A:
While my projects are not decreed or required to comply with MISRA C++, I try to make sure that my code is mostly compliant. There are only a few items in MISRA C++ that I disagree mildly with, and more than a few items that I didn't even know about!
So in my mind MISRA is a good thing to at least be aware of.
jdkoftinoff
2009-03-15 05:39:24
Do you know of any open-source tools to check MISRA C/C++ compliance? Some Eclipse plugin similar to the Java tool Checkstyle would be best.
starblue
2009-03-15 07:09:46
No, I don't... I'd love to hear about any if anyone else knows!
jdkoftinoff
2009-03-15 17:16:54
PC-lint by [Gimpel Software](http://www.gimpel.com/) has supported static checking for MISRA compliance since 2001. To activate it, use the au-misra2.lnt author (i.e., configuration) file they provide.
bitFlipper
2010-01-08 23:52:01
A:
You might find the answers to my question about misra useful. In general if you are starting from the beginning it's a good standard to follow, you can modify it a bit to adapt to your specific needs, but it's a good start. Porting existing code is a bit time consuming and not always worth an effort.
Ilya
2009-03-15 14:29:24
A:
I assume that you mean Misra-C:2004?
I think that it is not that bad, even thou some part are a little strange.
One thing that I like is that the in section 4.2.5 Test coverage, they tell you to use something they call DFT (Design For Test). DFT feels like a softer version off TTD (Test Driven Development), and most people should not have a problem with this one.
Update: A link to Misra C: http://www.misra-c.com/ (since jdkoftinoff had a link to the Misra C++)
Update: Another thing that can be disturbing is that they claim not to support C99. From their website:
Is C99 covered?
MISRA-C:2004 is based on the C language as defined by ISO 9899:1990 (plus corrigenda). C99 has not been considered in MISRA-C:2004 due to the limited support for C99 on embedded microprocessors. MISRA C3 will consider support for C99 language constructs.
Update: If we look at the attention this question got here, and compare it with similar questions I would guess that not that many people use Misra... (but this is just a feeling) And not that many have used the misra tag:
http://stackoverflow.com/questions/tagged/misra
But there is quite some answer that for some reason mention the word misra, so it is not totally unknown here ;-)
Johan
2009-03-15 16:01:19
Design for test would be the idea that you should be able to prove the correctness of code you write using tests, and therefore have to be able to run the code through all scenarios and see the effects. Test driven development is the idea that you should have a test to prove what you've written does what you intend before you even write it. The second does rather imply the first to be true, but if you're doing TDD without requiring 100% coverage there's no requirement for your code to be DFT.
ijw
2009-11-03 17:26:22
+3
A:
My work projects adhere to MISRA-C 2004.
I and my colleagues find it useful in preventing common coding errors - or should that be checking-in these errors!, since it is really something for a programmer to beware of and know some of the core 'teachings' but let a static analysis checker like QAC do the robust work.
I would suggest you don't work with anything older than the 2004 standard since this is the first version in IMO relaxed enough to reflect real world C usage while still adding value.
Also don't go overboard, allow deviations from the standard where they make sense for the project and ensure you record the justification for any deviation so the customer is happy to sign-off on the product and reasoning isn't lost when the team changes.
Oliver
2009-03-15 18:09:11