MISRA C is a language subset of the C programming language that is developed and maintained by the Motor Industry Software Reliability Association (MISRA). It is colloquially referred to as a “coding standard” – but never by MISRA themselves. Originally designed to promote the use of the C language in safety-critical embedded applications within the motor industry, the original version, MISRA C:1998, was released in 1998 to target C90.
Over the years, MISRA C has gained widespread acceptance for safety-, security-, life-, and mission-critical applications in aerospace, telecom, medical devices, defence, railway, and other industries. MISRA-C:20042 was renamed to reflect that more widespread use, and included a host of extensions and improvements to the original version.
The third revision of the standard, MISRA C:2012, was first released in early 2013 to provide support for ISO 9899:1999 (C99) while retaining support for C90. The design remit to allow programmers to spend more time coding and less on compliance efforts has been retained throughout subsequent amendments and revisions, which also reflect the evolution of the C language and the environments in which it is applied.
LDRA have been influential in the creation and ongoing development of MISRA C, and has had strong representation on the working group responsible for it throughout its evolution. This document reflects that unique insight into the creation of the standard, and into the incremental changes resulting from a policy of continuous improvement.
In the world of critical embedded software, there are two kinds of standards to be concerned with. The first kind can be thought of as a “process standard” – guidelines and rules that dictate how to go about writing your embedded software (amongst other things) so that errors are minimized. The more critical the application has to be, the more demanding the rules to be followed.
Most of those process standards are concerned with functional safety, and there are many standards with slight variations between industrial sectors (so DO-178C applies to commercial aircraft and ISO 26262 applies to cars, for example.) Increasingly these functional safety standards are being complemented by standards concerned with cybersecurity, so that ISO 26262 is complemented by SAE J3061.
The second kind of standard are collectively known as coding standards (more formally, in MISRA’s case, language subsets). Again, there are many of these which serve similar but slightly different purposes and they apply at a different level to these process standards. In any high level language there are hundreds of instructions and constructs. Some of them are very easy to get wrong (especially in C and C++) so the coding standards were introduced to disallow the use of those error-prone functions and hence make the resulting code more likely to be error free.