Saturday, April 8, 2017

The Power of 10



Rules for Developing Safety-Critical Code:


Avoid complex flow constructs, such as goto and recursion.


All loops must have fixed bounds. This prevents runaway code.


Avoid heap memory allocation.


Restrict functions to a single printed page.


Use a minimum of two runtime assertions per function.


Restrict the scope of data to the smallest possible.


Check the return value of all non-void functions, or cast to void to indicate the return value is useless.


Use the preprocessor sparingly.


Limit pointer use to a single dereference, and do not use function pointers.


Compile with all possible warnings active; all warnings should then be addressed before release of the software.