MISRA clarifies safe and secure uses of the C language

April 25, 2016 // By Graham Prophet
MISRA is releasing new documents to clarify use of the MISRA C Guidelines in developing any application with high integrity or high reliability requirements – both safety related and security-related. The release will take place at a MISRA workshop at the Device Developer Conference in Cambridge UK on April 27th, 2016.

The MISRA C Guidelines (The latest version is MISRA C:2012 Guidelines for the Use of the C Language in Critical Systems), the organisation notes, are internationally accepted as setting out a subset of C for use in critical systems. Generally this is understood to mean for use in safe systems. However the guidelines are equally appropriate for secure systems, a topic of increasing concern with the growth of the Internet of Things. ISO/IEC JTC1/SC22/WG14 (the committee responsible for maintaining the C Standard) has published its C Language Security Guidelines (ISO/IEC 17961:2013). MISRA has carried out a coverage comparison between this and MISRA C:2012 and is publishing the resulting coverage matrix as MISRA C:2012 Addendum 2. Alongside MISRA C:2012 Amendment 1 “Additional security guidelines for MISRA C:2012”, which includes a small number of additional guidelines, to improve the coverage of the security concerns highlighted by the ISO C Secure Guidelines, particularly in the use of "untrustworthy data", MISRA C is demonstrably suitable for both safe and secure applications.

 

"Anyone using the C language for system development, particularly for systems that have to safe and/or secure should be using the MISRA C Guidelines," said Andrew Banks Chairman of the MISRA C Committee. "The coverage matrix, plus the new rules, provides reassurance that code will be of high quality."

 

The other two documents address the issues of deviation and conformance.

Since the earliest days of MISRA C it has been recognised that it might, on occasion, be impracticable or unreasonable to follow the requirements of a specific guideline, so there has always been the option to declare and document a deviation, that is, an approved violation. However there is often confusion as to how a deviation can impact on declaring something as "MISRA Compliant" and even on what MISRA Compliance actually means.

 

MISRA Compliance 2016: Achieving compliance with MISRA Coding Guidelines, is designed to

- Provide clearer guidance on the