July 19, 2018

Coding Best Practices for C++

Coding Best Practices
Security & Compliance

Coding best practices help you to write reliable, high-quality code. This is important as no matter what type of product you develop, your code needs to be reliable and error-free. Here we share three coding best practices for C++.

Read along or jump ahead to the section that interests you the most:

➡️ start Your Free Static Code Analysis Trial

Back to top

Coding Best Practices Ensure Reliable Code

You need reliable code to ensure that your software is safe and stable. This is especially important in safety-critical industries, such as medical devices and automotive.

But it remains important in any organization. Your product could be hacked. An undetected coding error could cause a malfunction. A device your product connects to could have malware — and endanger your device.

The security risks are countless. Without reliable code, your reputation can be damaged — and the future of your product will be at stake.

That leads to recalls. And recalls are no stranger to the embedded industry — particularly medical devices and automobiles.

In 2017, the FDA recalled thousands of medical devices due to hacking risks and failures to work as they should. And 2014 was a particularly dangerous year for automotive recalls. Vehicles were recalled for software flaws that caused incidents, such as unintended acceleration.

Your code needs to be reliable, safe, and secure from the start. And coding best practices ensure that it is.

Static code analysis tools help support coding best practices. Start your free trial >>>

Back to top

3 Coding Best Practices for C++

There are plenty of best practices for coding. But here are a few to consider for coding in C++.

Write Readable Code

Your code should be easy for any developer on your team to understand and maintain. And you can do that by writing clean, readable code. Avoid unnecessary parentheses. Use consistent indentation. Beware of using too many levels of nesting. Monitor cyclomatic complexity.

Follow Coding Rules

Coding rules ensure developers don’t make common mistakes that lead to security vulnerabilities. These rules may come from a published coding standard. Or they may be developed internally by your organization. Whatever the case may be, make sure your code obeys the rules.

Here’s an example of a coding rule from MISRA C++:2008 (Rule 4-10-1):

NULL shall not be used as an integer value

Inspect Your Code Regularly

Every line of code should be thoroughly inspected to ensure it’s safe, secure, and reliable. Use code reviews and automated toolsets to verify your code.

Automated tools can scan your code and verify it against your coding rules. Manual code reviews can help you ensure the code is readable.

Back to top

Coding Best Practices For Your Version of C++

Selecting the right coding standard will help you ensure that your code is safe, secure, and reliable. The right one may depend on your industry — and which version of the C++ language you are using. There are key differences to each version of the programming language.

C++17 Is the Latest, However…

C++17 is the latest version of C++. However, adoption of new programming languages is slow — particularly for the embedded industry. There are some standards that support C++17, but it’s more practical to code in C++14 (or earlier versions) if you’re compliance-minded.

C++03 vs. C++11 vs. C++14

C++03, C++11, and C++14 are the most frequently used versions of C++, particularly for safety-critical industries.

C++03 is a minor update to C++98. At the time it was released, C++03 was noted for greater consistency and portability over C++98.

MISRA C++ supports C++03.

C++11 is a major update to C++03. It includes performance improvements, such as multithreading support. It also features usability improvements, such as uniform initialization. And it includes functionality improvements, such as new string literals.

High Integrity C++ supports C++11.

C++14 is a minor update to C++11. It includes functionality updates to the language (e.g., function return type deduction) and the library (e.g., shared mutexes and locking).

AUTOSAR supports C++ 14.

📕 Related Resource: Coding Standards Best Practices >>

Back to top

Coding Best Practices: How to Migrate to Modern C++

There are many reasons why your company might be using an older version of C++. For instance, the MISRA specifies use of C++03. If you’re already using modern C++ it will be more difficult to demonstrate MISRA compliance.

The AUTOSAR C++ coding guidelines were recently developed to bridge the gap between MISRA compliance for C++03 and more modern versions of C++. So, convincing your company to make the move to modern C++ may involve educating them on the benefits of this new standard.

📕 Related Resource: MISRA and AUTOSAR to Unite C++ Coding Guidelines — What This Means

There are other coding standards that support C++ as well. It’s important to know which standards support which language version, in order to make your case for modern C++.

Make the Case for Modern C++

Ready to convince your company to adopt modern C++? Download “Moving to Modern C++”.

📕 Related Resource: Move to Modern C++>>

Back to top

Static Code Analyzers Support Coding Best Practices

By using a Perforce static code analyzer — like Helix QAC for C/C++ or Klocwork for C, C++, C#, Java, JavaScript, and Python — it’s easy to see where the errors in your code are.

➡️ Start Your Static Code Analysis Free Trial

Back to top