- | Home |
- Company |
- Contact |
- News |
- S/ware Eng |
- Standards |
- Academic Support |
- Documents |
- | Requirements |
- Validation |
- RTOS |
- Analysis |
- Software |
- Resources |
- Products |
 |
Embedded Curmudgeon Column
|
 |
Chris Hills, our Embedded Curmudgeon looks at requirements, MISRA C, and “free” software
The truth never changes: at a functional safety conference organised by Vector GB Ltd at the Heritage Motor Centre Museum at Gaydon several speakers, no matter what their main topic, were all stressing Requirements and the management of requirements. The point, repeated time and again, was that you can’t test a system and its software if you don’t have a full set of requirements to test against. Equally importantly, you need to be able to link the code you are testing back to specific requirements. This is something I have been ranting about discussing in presentations for the last 5-20 years. In fact, Phaedrus Systems will be offering an annual prize for the best deviation of MISRA-C:2012 Directive 7.3.1. (Look it up!) The prize will be awarded on the anniversary of the launch of the guidelines.
The release of MISRA-C:2012 has brought this into focus. Some people think they can just apply a MISRA-C checker after the code is written and all will be well. Nothing could be further from the truth, which is why my presentation is called Why MISRA-C:2012 won’t save your project! (For a copy, please email library@phaedsys.com .) It is possible just to check for MISRA-C errors after you have written the code, but there really is more to it than that.
For small project and single users you can just apply MISRA-C as you go and it will help improve the quality of the code. But that is rather like having diet coke with a super sized Big Burger meal.
At the start of a project, before you start writing the code and certainly before using a MISRA-C checker, you need to integrate MISRA-C rules, with some careful thought, into your company’s coding standard. Look at the rules you are enforcing and those you are deviating. (Deviating means ignoring the rule for a particular project.) Some rules will normally be enforced but, for specific small areas of code only, deviated. This will, of course, be set out in your MISRA-C Deviation Document and Compliance Matrix. (There is no point in using MISRA-C without these two documents on all but the smallest of projects.) Of course you can expand the compliance matrix to cover your full company coding standard not just the MISRA-C rules.
Now you can write code and run your MISRA-C checker, which should be a properly configured static analyser: MISRA C only works well as part of the static analysis phase.
MISRA C has been out about 4 months and we have had very few queries about it, most being clarification requests from static analysis tool vendors. This suggests that the additional explanations and rationales have answered most of the initial questions. There are only a couple of tools that will enforce MISRA-C:2012 as I write (July 2013). I am sure that many more will appear in the coming months and that we will see an uptake of MISRA-C:2012 in live projects by the end of 2013. That is when we may see an increase in questions, and the MISRA C team will start ramping up for a Technical Corrigendum during 2014/5.
For those of you on LinkedIn there is a new “MISRA-C & C++” group. It is a closed group, which does not admit sales/marketing or recruitment people, to promote technical discussions, remove spam or promotions, and produce a good signal-to-noise ratio.
I was catching up on my reading and came across Jack Ganssle’s An RTOS from TI. Why? Like most of Jack’s writings it asks some interesting questions. http://www.embedded.com/electronics-blogs/break-points/4403045/An-RTOS-from-TI--Why-
Texas Instruments, in common with most silicon companies, is providing FREE software. Hardware manufacturer supplied software is usually free source with parts that are binary, so you get locked into their silicon. Also it is usually written to use the “unique features” of the silicon as much as possible and as many non-standard system calls as possible. This makes a lot of sense to the silicon companies and, I dare say, your company’s accountants. But what happens when the customer needs a feature that is not supported by your favorite silicon company, either in hardware or software?
I have seen a company that used a part with free software and later had to scrap the whole run of prototype boards and start again. They discovered that not only did the free software not have a feature they needed but neither did anyone else. Since “everyone” used the free software from the silicon company, there was no commercial software stack Available for that feature. When they discovered the cost of a bespoke stack, it was cheaper to start again with another MCU.
Which of course begs the question, “Who provides support for this free software?” Well, it may depend on your level of financial commitment. Once you are locked in, a cynic might suggest that there could there be less urgency to spend time and resources on your support when there is another large sale on the horizon. (Although the support will surely continue until you have placed the order for production volumes?) And someone, somewhere, has to pay for this software and support. Presumably it is a few cents on the silicon price?
The only real reason why hardware companies do anything, like writing software, is to sell hardware. Which is the reason why hardware companies like Open Source - you didn’t think it was because they believed, did you?
I am often told Open Source is good because it won’t disappear and commercial software companies might. True. On the other hand so might hardware companies. More worrying is that a change in the breeze in the marketing department and a new campaign starts and the old campaign (along with the software) might go: particularly if they want to move you on to a new HW platform?
So where do you want to go for an RTOS? To a commercial software company whose only reason for existing is making good a RTOS or to a hardware company whose marketing department thinks it is a good idea this quarter…
NOTHING in this life is free. You have to take a cold hard look at the risks and options. Balance the risks and the numbers, after a long cold shower to get rid of the marketing and sales talk.
In the last couple of columns I was moaning about the state of forums and news groups with people asking badly formed questions that, apart from being asked (and answered) once a month in the same forum, are easily answered in 0.2 seconds in Google. Well it is nice to see some others picking up on this, and there does seem to be a bit of a sea change. These questions are now starting to be met with some practical suggestions on using search engines and how to do research! This should start to improve the signal-to-noise ratio in the group. Keep it up.
Incidentally in answer to what is “the Best” MCU, RTOS and Language? It is, of course, the Z80, CPM and Basic.
Author Details and contact
Eur Ing Chris Hills BSc CEng MIET MBCS MIEEE FRGS FRSA is a Technical Specialist and can be reached at This Contact
Copyright Chris A Hills 2003 -2013
The right of Chris A Hills to be identified as the author of this work has been asserted by him in accordance with the Copyright, Designs and Patents Act 1988