Login
Login

The Power of 10: Rules for Developing Safety-Critical Code

{{Short description|Coding guidelines by Gerald J. Holzmann}}

The Power of 10 Rules were created in 2006 by Gerard J. Holzmann of the NASA/JPL Laboratory for Reliable Software.[http://web.eecs.umich.edu/~imarkov/10rules.pdf The Power of 10: Rules for Developing Safety-Critical Code] The rules are intended to eliminate certain C coding practices that make code difficult to review or statically analyze. These rules are a complement to the MISRA C guidelines and have been incorporated into the greater set of JPL coding standards.[https://web.archive.org/web/20111015064908/http://lars-lab.jpl.nasa.gov/JPL_Coding_Standard_C.pdf JPL C Coding Standard - JPL Laboratory for Reliable Software]

Rules

The ten rules are:

  1. Avoid complex flow constructs, such as goto and recursion.
  2. All loops must have fixed bounds. This prevents runaway code.
  3. Avoid heap memory allocation after initialization.
  4. Restrict functions to a single printed page.
  5. Use a minimum of two runtime assertions per function.
  6. Restrict the scope of data to the smallest possible.
  7. Check the return value of all non-void functions, or cast to void to indicate the return value is useless.
  8. Use the preprocessor only for header files and simple macros.
  9. Limit pointer use to a single dereference, and do not use function pointers.
  10. Compile with all possible warnings active; all warnings should then be addressed before release of the software.

Uses

The NASA study of the Toyota electronic throttle control firmware found at least 243 violations of these rules.{{cite web |archive-url=http://web.archive.org/web/20240226080759/https://embeddedgurus.com/barr-code/2011/03/unintended-acceleration-and-other-embedded-software-bugs/ |archive-date=2024-02-26 |access-date=2025-03-03 |url=https://embeddedgurus.com/barr-code/2011/03/unintended-acceleration-and-other-embedded-software-bugs/ |url-status=dead |title=Unintended Acceleration And Other Embedded Software Bugs |first=Michael |last=Barr |date=2011-03-01 |website=Embedded Gurus}}{{cite web |archive-url=https://web.archive.org/web/20220625035237/https://one.nhtsa.gov/staticfiles/nvs/pdf/NASA_FR_Appendix_A_Software.pdf |archive-date=2022-06-25 |url=https://one.nhtsa.gov/staticfiles/nvs/pdf/NASA_FR_Appendix_A_Software.pdf |access-date=2025-03-03 |date=2011-01-18 |title=NASA Engineering and Safety Center Technical Assessment Report, National Highway Traffic Safety Administration Toyota Unintended Acceleration Investigation, Appendix A}}

See also

Further reading

  • {{cite journal

| author = G.J. Holzmann

| date = 2006-06-19

| title = The Power of 10: Rules for Developing Safety-Critical Code

| journal = IEEE Computer

| volume = 39

| issue = 6

| page = 95–99

| doi = 10.1109/MC.2006.212

| author-link = Gerard J. Holzmann

}}

References

{{reflist}}

External links

  • [https://standards.nasa.gov/standard/NASA/NASA-STD-87398 NASA Technical Standards System] Software Assurance and Software Safety Standard
  • [https://opensourcesatellite.org/how-do-you-make-software-reliable-enough-space-travel/ Open Source Satellite: How do you make software that is reliable enough for space missions?]

{{DEFAULTSORT:Power of 10}}

Category:C (programming language)

Category:Programming principles