The goal of software coding standards is to instill proven programming practices that lead to safe, reliable, testable and maintainable code.
Typically, this means avoiding known unsafe coding practices or code that can cause unpredictable behavior. This becomes critical in programming languages like C and C++ where the potential to write insecure or unsafe code is high.
Experts in this area believe it’s critical to find a defect as the code is being written, as the cost is relatively low taking up just a few minutes of the developer’s time. Truth is, if it’s possible to eliminate 85% of the defects at the development phase, there’s a substantial impact on cost.
This is where established coding standards for safety and security are important. Take, for example, MISRA C/C++ developed by the Motor Industry Software Reliability Association. MISRA C is a standard that’s been in use since 1998 and is well defined. It’s updated every couple of years they go through it.
As C and C++ languages evolve, they evolve the standards around it. It’s a very flexible standard that takes into account different severity levels and there’s a documented strategy for handling and documenting deviations.
As the technology that can detect violations to coding standard guidelines (such as static analysis) recent versions of MISRA take into account what guidelines are decidable (detectable with high precision by tools) and those that aren’t.
Static analysis tools are commonly used to detect coding errors. Of course, this may also be achieved through manual code reviews. But using automated tools is much more effective.
Want to learn more? Tonex offers Software Safety Programming and Software Coding Standards, a 2-day advanced workshop for software engineers, programmers, developers, project managers, analysts and anyone else interested in software coding standards to defects to building more robust software through automation.
This course covers many topics such as how to fix software defects early, coding standards and good software engineering practices, safety-critical software coding and common vulnerabilities guide, and how to prevent software safety problems with proper coding.
For more information, questions, comments, contact us.