The Power of 10: Rules for Developing Safety-Critical Code explained

The Power of 10 Rules were created in 2006 by Gerard J. Holzmann of the NASA/JPL Laboratory for Reliable Software.^[1] The rules are intended to eliminate certain C coding practices which make code difficult to review or statically analyze. These rules are a complement to the MISRA C guidelines and have been incorporated into the greater set of JPL coding standards.^[2]

Rules

The ten rules are:^[1]

1. Avoid complex flow constructs, such as goto and recursion.
2. All loops must have fixed bounds. This prevents runaway code.
3. Avoid heap memory allocation.
4. Restrict functions to a single printed page.
5. Use a minimum of two runtime assertions per function.
6. Restrict the scope of data to the smallest possible.
7. Check the return value of all non-void functions, or cast to void to indicate the return value is useless.
8. Use the preprocessor sparingly.
9. Limit pointer use to a single dereference, and do not use function pointers.
10. Compile with all possible warnings active; all warnings should then be addressed before release of the software.

Uses

The NASA study of the Toyota electronic throttle control firmware found at least 243 violations of these rules.^{[3] [4]}

See also

• Life critical system
• Coding conventions
• Software quality
• Software assurance

Further reading

• G.J. Holzmann . 2006-06-19 . The Power of 10: Rules for Developing Safety-Critical Code . . 39 . 6 . 95 - 99 . 10.1109/MC.2006.212 . Gerard J. Holzmann .

External links

• Open Source Satellite: How do you make software that is reliable enough for space missions?

Notes and References

1. http://web.eecs.umich.edu/~imarkov/10rules.pdf The Power of 10: Rules for Developing Safety-Critical Code
2. https://web.archive.org/web/20111015064908/http://lars-lab.jpl.nasa.gov/JPL_Coding_Standard_C.pdf JPL C Coding Standard - JPL Laboratory for Reliable Software
3. http://embeddedgurus.com/barr-code/2011/03/unintended-acceleration-and-other-embedded-software-bugs/ Unintended Acceleration and Other Embedded Software Bugs
4. https://web.archive.org/web/20220625035237/https://one.nhtsa.gov/staticfiles/nvs/pdf/NASA_FR_Appendix_A_Software.pdf NASA Engineering and Safety Center Technical Assessment Report, National Highway Traffic Safety Administration Toyota Unintended Acceleration Investigation, Appendix A