A comparison of real to false positive ratios between the 1998 and 2004 versions of the MISRA C guidelines on a common population of 7 commercial software packages.
On these results, MISRA C 2004 seems a step backwards and attempts at compliance with either document are essentially pointless until something is done about improving the wording of the standard and its match with existing experimental data. In its current form, the complexity and noisiness of the rules suggest that only the tool vendors are likely to benefit.
Information and Software Technology 49 (5), p. 475-482, May 2007
A review of the latest version (October 2004) of the MISRA C guidelines. Discusses the background of such initiatives and compares the two versions of MISRA C.
When I first wrote this, I was full of hope that MISRA would actually help in improving the software quality of embedded control systems.
Now I have had more time to look at it, its a disaster. The rules do not make use of any measurement background and the latest version is bigger, more complicated, still ambiguous and much noisier in false positives to the point where its uninhibited enforcement may well make things worse in terms of injected defect. The people most likely to benefit unfortunately are the tool vendors.
Safety Critical Systems Club Newsletter, January 2005
A safer subset for ISO C which is based entirely on the measurements reported in “Safer C” and the T experiments and their updated results. There are only about 20 rules but they cover nearly all of the known fault modes provided formally undefined behaviour of ISO C is avoided.
Information and Software Technology, 47 (3) (2005), p. 181-187
Defines some basic concepts for a programming standard based on whether a rule evolves on stylistic grounds or is known to cause failure. It argues that safer subsets should only contain the latter. Introduces a taxonomy for such rules and the concept of signal to noise ratio for standards enforcement with examples from real systems.
Information and Software Technology, 46 (7) (2004), p.465-472
This incomplete suite, released under the GPL, was an exemplary set of code examples and supporting infrastructure for MISRA C Version 1 (MISRA-C 1998) which is now out of date following the release of MISRA C Version 2 (MISRA-C 2004). It is expected to be replaced in due course by a set of exemplary code examples for MISRA C 2004 produced by the MISRA-C committee, which will apparently be available through the MISRA-C website http://www.misra-c.com/. It would be far better if the exemplary code examples were produced independently but unfortunately, this will not be the case.
Feedback was received on the first version from Peter Devlin. This will be included in the work on version 2.