原创 The many roads to safe, reliable firmware dev't

We often see materials regarding MISRA C/C++ standard. The reason we have continued to focus so much on this standard is that the need for such a disciplined approach is growing more necessary as embedded devices move into areas beyond automotive, military/aerospace and medical equipment to automate more and more aspects of our lives.

Beyond the more obvious Roomba robotic vacuum cleaners, numerous aspects of our lives are becoming dependent on automated operation: refrigerators, ovens, microwaves, dishwashers. And much of the "smart grid," which will be supplying electric power to our homes is dependent on the use of more, not less, automation of basic home operations.

Also, to make them "safer," and protect them from human error, operation of many common medical devices are being automated. And mobile smart phones are being adapted for such uses with Android and iPhone health apps developed without any thought given to the need for their reliable and safety-critical operation.

And since the introduction of MISRA C/C++ for automobiles, the use of microprocessors and microcontrollers there has only increased to the point that fully automated vehicles are already being tested. As a result, the automobile, the focus of the original standard, is even more dependent of safe and reliable firmware and software, not only for use in the drive train and engine electronics, but in applications being developed to aid the driver in operating the vehicle.

Given this growing need for safety-critical operation of embedded systems, Jack Ganssle in "MISRA C got bigger and better," is breathing a sigh of relief with the newest update of the standard. While there are some aspects of the new standard that need even further improvement and others that have him scratching his head, he is generally impressed. "I'm a strong advocate of MISRA," he writes. "No one (well, with the possible exception of those who crafted the standard) likes all of the rules, but most of them make a lot of sense. MISRA is one way to get a firmware standard in place fast, one that has plenty of street cred."

He points out that one of the things that MISRA has going for it is that there are numerous static analysis tool vendors who have in the past incorporated the standard into their tools. Several companies, including LDRA and PRQA, are already offering upgrades to support the 2012 version of MISRA.

However, before you jump into the 2012 version I think it would be a good idea to have a thorough understanding of the benefits and features of the earlier. There is only so far that minding your Ps and Qs during the code development stage will take you. To be completely assured that your application is of the highest quality level and following the safety-critical rules for reliable operation, you will have to be aware of the proper implementation of all aspects of your software design.