The Power of 10: Rules for Developing Safety-Critical Code

The Power of 10 Rules were created in 2006 by Gerard J. Holzmann of the NASA/JPL Laboratory for Reliable Software. ^[1] The rules are intended to eliminate certain C coding practices that make code difficult to review or statically analyze. These rules are a complement to the MISRA C guidelines and have been incorporated into the greater set of JPL coding standards. ^[2]

Rules

The ten rules are: ^[1]

1. Avoid complex flow constructs, such as goto and recursion.
2. All loops must have fixed bounds. This prevents runaway code.
3. Avoid heap memory allocation after initialization.
4. Restrict functions to a single printed page.
5. Use a minimum of two runtime assertions per function.
6. Restrict the scope of data to the smallest possible.
7. Check the return value of all non-void functions, or cast to void to indicate the return value is useless.
8. Use the preprocessor only for header files and simple macros.
9. Limit pointer use to a single dereference, and do not use function pointers.
10. Compile with all possible warnings active; all warnings should then be addressed before release of the software.

Uses

The NASA study of the Toyota electronic throttle control firmware found at least 243 violations of these rules. ^{[3] [4]}

See also

• Life critical system
• Coding conventions
• Software quality
• Software assurance

Further reading

• G.J. Holzmann (2006-06-19). "The Power of 10: Rules for Developing Safety-Critical Code". IEEE Computer . 39 (6): 95–99. doi:10.1109/MC.2006.212.

References

1. The Power of 10: Rules for Developing Safety-Critical Code
2. JPL C Coding Standard - JPL Laboratory for Reliable Software
3. Barr, Michael (2011-03-01). "Unintended Acceleration And Other Embedded Software Bugs". Embedded Gurus. Archived from the original on 2024-02-26. Retrieved 2025-03-03.
4. "NASA Engineering and Safety Center Technical Assessment Report, National Highway Traffic Safety Administration Toyota Unintended Acceleration Investigation, Appendix A" (PDF). 2011-01-18. Archived from the original (PDF) on 2022-06-25. Retrieved 2025-03-03.

External links

• NASA Technical Standards System Software Assurance and Software Safety Standard
• Open Source Satellite: How do you make software that is reliable enough for space missions?