2.1 KiB
created_at | title | url | author | points | story_text | comment_text | num_comments | story_id | story_title | story_url | parent_id | created_at_i | _tags | objectID | year | |||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
2016-11-04T07:29:03.000Z | Rules for Writing Safety Critical Code (2006) | http://spinroot.com/p10/ | mpweiher | 166 | 81 | 1478244543 |
|
12870899 | 2006 |
The Power of Ten -- Rules for Writing Safety Critical Code
`The Power of Ten
10 Rules for Writing Safety Critical Code`
| ----- |
| 1 | | Restrict to simple control flow constructs. | (details) |
| 2 | | Give all loops a fixed upper-bound. | (details) |
| 3 | | Do not use dynamic memory allocation after initialization. | (details) |
| 4 | | Limit functions to no more than 60 lines of text. | (details) |
| 5 | | Use minimally two assertions per function on average. | (details) |
| 6 | | Declare data objects at the smallest possible level of scope. | (details) |
| 7 | | Check the return value of non-void functions, and check the validity of function parameters. | (details) |
| 8 | | Limit the use of the preprocessor to file inclusion and simple macros. | (details) |
| 9 | | Limit the use of pointers. Use no more than two levels of dereferencing per expression. | (details) |
| 10 | | Compile with all warnings enabled, and use one or more source code analyzers. | (details) |
Based on: ''The Power of Ten -- Rules for Developing Safety Critical Code,'' IEEE Computer, June 2006, pp. 93-95 (PDF).