How do the folks at JPL write the code that will land a 2000-pound robot on Mars without a single glitch? Much of their success is no doubt due to their talent and dedication, but it doesn’t hurt that they have very strict coding standards (PDF). Among the requirements for C-language code at JPL:
Compile with all warnings enabled; use static source code analyzers.
Do not use direct or indirect recursion.
Do not use dynamic memory allocation after task initialization.
Declare data objects at smallest possible level of scope.
Check the validity of values passed to functions.
Make the order of evaluation in compound expressions explicit.
Do not use expressions with side effects.
Make only very limited use of the C pre-processor.
Use short functions with a limited number of parameters.
Do not cast function pointers into other types.
The JPL code standards are based on the 2004 MISRA-C coding standard. MISRA was originally designed for automotive applications, but was later adapted to other safety-critical systems where computer glitches can have dire consequences, like remote control locomotives. Some of the requirements parallel specifications of the language ADA, which was originally designed for safety-critical applications like missile guidance systems.
We are angry, frustrated, and in pain because of the violence and murder of Black people by the police because of racism. We are in the fight AGAINST RACISM. George Floyd was murdered, his life stolen. The Adafruit teams have specific actions we’ve done, are doing, and will do together as a company and culture. We are asking the Adafruit community to get involved and share what you are doing. The Adafruit teams will not settle for a hash tag, a Tweet, or an icon change. We will work on real change, and that requires real action and real work together. That is what we will do each day, each month, each year – we will hold ourselves accountable and publish our collective efforts, partnerships, activism, donations, openly and publicly. Our blog and social media platforms will be utilized in actionable ways. Join us and the anti-racist efforts working to end police brutality, reform the criminal justice system, and dismantle the many other forms of systemic racism at work in this country, read more @ adafruit.com/blacklivesmatter
Stop breadboarding and soldering – start making immediately! Adafruit’s Circuit Playground is jam-packed with LEDs, sensors, buttons, alligator clip pads and more. Build projects with Circuit Playground in a few minutes with the drag-and-drop MakeCode programming site, learn computer science using the CS Discoveries class on code.org, jump into CircuitPython to learn Python and hardware together, TinyGO, or even use the Arduino IDE. Circuit Playground Express is the newest and best Circuit Playground board, with support for CircuitPython, MakeCode, and Arduino. It has a powerful processor, 10 NeoPixels, mini speaker, InfraRed receive and transmit, two buttons, a switch, 14 alligator clip pads, and lots of sensors: capacitive touch, IR proximity, temperature, light, motion and sound. A whole wide world of electronics and coding is waiting for you, and it fits in the palm of your hand.
Get the only spam-free daily newsletter about wearables, running a "maker business", electronic tips and more! Subscribe at AdafruitDaily.com !
i love this kind of stuff…
I’ve been looking for a decent MISRA/JPL static analysis tool, but it seems most of them are internal and proprietary or linked to specific toolchains. I have a license for IAR for ARM, for example, which includes MISRA … but it’s hardly accessible to the general public. Seems like a pressing addition needed to complement the rest of the GCC ecosystem, but maybe I’m just not aware of some tool that exists.