How do the folks at JPL write the code that will land a 2000-pound robot on Mars without a single glitch? Much of their success is no doubt due to their talent and dedication, but it doesn’t hurt that they have very strict coding standards (PDF). Among the requirements for C-language code at JPL:
Compile with all warnings enabled; use static source code analyzers.
Do not use direct or indirect recursion.
Do not use dynamic memory allocation after task initialization.
Declare data objects at smallest possible level of scope.
Check the validity of values passed to functions.
Make the order of evaluation in compound expressions explicit.
Do not use expressions with side effects.
Make only very limited use of the C pre-processor.
Use short functions with a limited number of parameters.
Do not cast function pointers into other types.
The JPL code standards are based on the 2004 MISRA-C coding standard. MISRA was originally designed for automotive applications, but was later adapted to other safety-critical systems where computer glitches can have dire consequences, like remote control locomotives. Some of the requirements parallel specifications of the language ADA, which was originally designed for safety-critical applications like missile guidance systems.
Make a robot friend with Adafruit’s CRICKIT – A Creative Robotics & Interactive Construction Kit. It’s an add-on to our popular Circuit Playground Express, FEATHER and other platforms to make and program robots with CircuitPython, MakeCode, and Arduino. Start controlling motors, servos, solenoids. You also get signal pins, capacitive touch sensors, a NeoPixel driver and amplified speaker output. It complements & extends your boards so you can still use all the goodies on the microcontroller, now you have a robotics playground as well.
Get the only spam-free daily newsletter about wearables, running a "maker business", electronic tips and more! Subscribe at AdafruitDaily.com !
i love this kind of stuff…
I’ve been looking for a decent MISRA/JPL static analysis tool, but it seems most of them are internal and proprietary or linked to specific toolchains. I have a license for IAR for ARM, for example, which includes MISRA … but it’s hardly accessible to the general public. Seems like a pressing addition needed to complement the rest of the GCC ecosystem, but maybe I’m just not aware of some tool that exists.