MISRA® provides coding guidelines for C and C++.
Consider this your guide to MISRA C and MISRA C++.
Read along or jump to the section that interests you most:
- What Is MISRA?
- Why Use MISRA Standards?
- Important MISRA C Rules With Examples
- Important MISRA C++ Rules With Examples
- How to Achieve MISRA Compliance
- Using Helix QAC For MISRA Rules
What Is MISRA?
MISRA provides coding standards for developing safety-critical systems.
MISRA is made up of manufacturers, component suppliers, and engineering consultancies. Experts from Perforce’s static code analysis team (formerly PRQA) are members of MISRA, too.
MISRA first developed coding guidelines in 1998. These were specific to the C programming language. Since then, MISRA has added a coding standard for C++.
Why Use MISRA Standards?
You can use MISRA standards to ensure your code is:
[RELATED WHITE PAPER: WHAT IS MISRA? AN OVERVIEW OF THE MISRA STANDARD]
The MISRA C coding standard was originally written for the automotive industry. But today, MISRA standards for C and C++ are widely used by embedded industries — including aerospace and defense, telecommunications, medical devices, and rail.
Most of these industries have a compliance requirement to use a coding standard — such as ISO 26262 for automotive functional safety.
[RELATED WHITE PAPER: HOW TO COMPLY WITH THE ISO 26262 STANDARD]
Important MISRA C Rules With Examples
MISRA C is the most widely used set of coding guidelines for C around the world. There have been three releases of the MISRA C standard.
MISRA C:1998 was published in 1998 and remains widely used today. It was written for C90. There are 127 coding rules, including:
The statement forming the body of an "if", "else if", "else", "while", "do ... while", or "for" statement shall always be enclosed in braces
MISRA C:2004 is the second edition of MISRA C, published in 2004. It was written for C90. There are 142 coding rules, including:
An if (expression) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement.
All if … else if constructs shall be terminated with an else clause.
MISRA C:2012 is the third edition of MISRA C, published in 2012. It was written for C99. There are 143 rules, including:
A pointer resulting from arithmetic on a pointer operand shall address an element of the same array as that pointer operand
[RELATED WHITE PAPER: 6 KEY CHANGES IN MISRA:C 2012]
MISRA C:2012 Amendment 1
MISRA C 2012 Amendment 1 was released in 2016. With this amendment, MISRA C:2012 includes 156 rules and 17 directives for a total of 173 guidelines, including:
The sizeof operator shall not have an operand which is a function parameter declared as "array of type"
MISRA C:2012 Addenda
While the MISRA C standard was originally designed for functional safety, it also covers security. MISRA C:2012 includes addenda which strengthen security in coding.
MISRA C:2012 — Addendum 2 shows how each MISRA rule maps to the C Secure rules in ISO/IEC TS 17961:2013.
MISRA C:2012 — Addendum 3 shows how each rule maps to the CERT C rules.
[RELATED WHITE PAPER: HOW TO WRITE SECURE CODE IN C]
Important MISRA C++ Rules With Examples
MISRA C++ is widely used by safety-critical developers. There’s one version of MISRA C++ rules available today.
MISRA C++:2008 was published in 2008. It was written for C++03. There are 228 coding rules, including:
The condition of an if-statement and the condition of an iteration statement shall have type bool.
MISRA C++ and AUTOSAR Guidelines
MISRA recently announced that AUTOSAR guidelines will be integrated into MISRA C++.
How to Achieve MISRA Compliance
Achieving MISRA compliance takes knowledge, skill, and the right tools.
Here are some steps you can take to comply with MISRA.
- Know the Rules
You need to know the MISRA coding rules pertinent to which version of C or C++ you’re using.
- Check Your Code Constantly
Continuously inspecting your code for violations is the best way to improve quality.
- Set Baselines
Embedded systems come with legacy codebases. By setting baselines, you can focus on making sure your new code is compliant.
- Prioritize Violations Based on Risk
You could have hundreds or even thousands of violations in your code. That’s why it’s important to prioritize rule violations based on risk severity. Some static code analysis tools can do this for you.
- Document Your Deviations
Sometimes there are exceptions to the rule. But when it comes to compliance, every rule deviation needs to be well-documented.
- Monitor Your MISRA Compliance
Keep an eye on how MISRA compliant your code is. Using a static code analyzer makes this easier by automatically generating a compliance report.
- Choose the Right Static Code Analyzer
Choosing the right static code analyzer makes everything else easy. It takes care of scanning your code — new and legacy — for violations. It prioritizes vulnerabilities based on risk.
Complying with MISRA is important for many development teams today. Especially as virtualization rises. See how an automotive hypervisor complies with MISRA >>
[RELATED WHITE PAPER: HOW TO COMPARE MISRA CHECKERS]
Using Helix QAC For MISRA Rules
Helix QAC finds and reports on violations of MISRA rules and directives in C and C++.
Here's a short demo using Helix QAC with MISRA C:2012 guidelines.
Why Use Helix QAC for MISRA Compliance?
- Independently certified for use in the development of safety-critical software.
- Fully documented rule enforcement and message interpretation.
- Supplied with extensive example code.
- Fully configurable rules processing.
- Compliance reports for functional safety audits.
How Embedded Developers Use Helix QAC For MISRA
See how leaders in embedded industries — automotive, aerospace, and rail — use Helix QAC and MISRA.