Embedded Prep

MISRA C MISRA C++: Are you new to embedded systems programming and want to write safe, secure, and reliable C/C++ code? This beginner-friendly tutorial is your ultimate guide to understanding and applying MISRA-C and MISRA-C++ guidelines in real-world embedded projects.

In this MISRA C MISRA C++ Guidelines 2025 edition, we’ll walk you through:

✅ What is MISRA and why it’s important for automotive, aerospace, medical, and other safety-critical industries
✅ Detailed explanation of key MISRA-C and MISRA-C++ rules, including examples and rationale
✅ How to write compliant code step-by-step, avoiding undefined behavior and bugs
✅ Common pitfalls and how to fix violations in your code
✅ Using static analysis tools (like Parasoft, PC-lint, etc.) to check for compliance
✅ Practical tips for integrating MISRA compliance into your development workflow

This tutorial is crafted to help beginners and professionals alike gain confidence in writing MISRA-compliant code—one concept at a time.

Let’s make your embedded software robust, maintainable, and industry-ready in 2025!

MISRA C MISRA C++ :

What is MISRA?

MISRA stands for Motor Industry Software Reliability Association. It is a set of software development guidelines for the C and C++ programming languages, especially designed to:

• Improve code reliability, portability, and safety
• Avoid undefined behavior and compiler-specific behavior
• Ensure code can be used in critical systems, especially in automotive, aerospace, medical, and industrial software

Why Use MISRA-C MISRA-C++?

In embedded and safety-critical systems, even a small bug can lead to huge failures. MISRA helps you write safe, predictable, and standardized code that:

• Avoids risky language features
• Is easier to analyze and test
• Can be certified for safety (like ISO 26262 in automotive)

Difference Between MISRA C MISRA C++

Feature	MISRA-C	MISRA-C++
Language Focus	C (especially C90, C99, C11)	C++ (mainly C++03, some C++11)
Use Case	Widely used in embedded C	Less common, but used in modern automotive software (e.g., ADAS)
Latest Version	MISRA C:2012 (with amendments)	MISRA C++:2008

Structure of MISRA C MISRA C++ Guidelines

Each rule is categorized by:

1. Category

• Mandatory – Must always be followed
• Required – Should be followed; deviations must be documented
• Advisory – Good practice; optional

2. Rule Types

• Directive – High-level rule (e.g., All code should be traceable to a requirement)
• Rule – Detailed code-specific rule (e.g., avoid goto)

Common MISRA C MISRA C++ Rules (Simplified Examples)

Rule	Description	Example
Rule 1.1	Only standard headers must be used	✅ #include <stdio.h>❌ #include "myheader.h" (if non-standard)
Rule 8.7	Functions should have internal linkage if not used outside the file	✅ static void helper()
Rule 11.4	Avoid casting between pointers to different object types	❌ int *x = (int*)ptr;
Rule 17.7	Do not use goto	❌ goto error;
Rule 21.1	Use of standard library functions should be limited	❌ system("rm -rf /")

Common MISRA-C++ Rules (Simplified Examples)

Rule	Description	Example
Rule 0-1-1	Avoid compiler-specific extensions	❌ __attribute__((packed))
Rule 5-0-15	Do not use reinterpret_cast	❌ reinterpret_cast<int*>(ptr)
Rule 6-4-1	Do not use multiple inheritance	❌ class A: public B, public C
Rule 7-1-1	Avoid using new and delete	Prefer static memory or smart pointers

How to Start Using MISRA in Your Project

1. Read the Guidelines
   • Official documents are paid but summaries are available online
2. Use a Static Code Analyzer
   Tools like:
   • Parasoft
   • PC-lint / FlexeLint
   • Coverity
   • Cppcheck (partial support)
3. Write Clean and Portable Code
   Follow:
   • No goto
   • No dangerous casts
   • No dynamic memory unless necessary
   • Always initialize variables
4. Use Compiler Warnings
   Set high warning levels and treat warnings as errors.

Example MISRA-Compliant C Code

#include <stdint.h>

static int32_t add_numbers(int32_t a, int32_t b) {
    int32_t result = a + b;  // Always initialized
    return result;
}

int main(void) {
    int32_t sum = add_numbers(5, 10);
    return 0;  // No dynamic memory, no undefined behavior
}

Resources to Learn More

• MISRA Official Site
• Static analysis tools with MISRA support
• Open-source GitHub repos demonstrating MISRA compliance
• Automotive safety books (ISO 26262 + MISRA)

When to Use MISRA-C and MISRA-C++

Use MISRA-C When:

1. Your project is written in C
   • Example: Low-level firmware, device drivers, or bare-metal embedded systems.
2. You’re working with microcontrollers with limited memory and no operating system.
3. Safety and reliability are critical (automotive ECUs, medical devices, industrial sensors).
4. You want to avoid risky or undefined behaviors in C (e.g., pointer misuse, buffer overflows).
5. You need to follow standards like ISO 26262, DO-178C, IEC 61508, etc.

Common Domains: Automotive, medical devices, industrial automation, robotics, defense.

Use MISRA-C++ When:

1. Your project uses C++ instead of C.
2. You’re building complex embedded applications using object-oriented design (e.g., control systems, infotainment systems).
3. You want to leverage C++ features (e.g., classes, inheritance, templates) but still need safety and predictability.
4. Your team has C++ experience and your toolchain supports it.
5. You need to comply with C++-specific safety standards (e.g., AUTOSAR Adaptive Platform).

Common Domains: Automotive (infotainment, ADAS), drones, robotics, aerospace control systems.

Still Confused?

• Use MISRA-C if you’re writing in pure C, especially for low-level or real-time systems.
• Use MISRA-C++ if your embedded project uses modern C++, and you want to combine safety with high-level features.

Summary

Term	Meaning
MISRA	Coding rules for safety-critical software
Mandatory	Must follow
Required	Should follow (document if not)
Static Tool	Tool to check MISRA violations

Beginner-Level Questions

1. What is MISRA? Why is it important?
2. What are the goals of MISRA-C / MISRA-C++?
3. What is the difference between MISRA-C and MISRA-C++?
4. What do “Mandatory”, “Required”, and “Advisory” rules mean?
5. What is undefined behavior in C, and how does MISRA help avoid it?
6. Why does MISRA disallow the use of goto?
7. Why should dynamic memory (malloc, new) be avoided in embedded systems according to MISRA?
8. Why does MISRA suggest using static for functions not used outside the file?
9. Why is type casting between incompatible types discouraged in MISRA?
10. Can you name a few standard C functions that MISRA recommends avoiding?

Intermediate-Level Questions

11. Explain the difference between a directive and a rule in MISRA.
12. How does MISRA ensure portability across compilers and architectures?
13. What are some limitations or criticisms of MISRA rules?
14. How do you apply MISRA rules in a real project?
15. What tools have you used to enforce MISRA compliance?
16. What is a deviation? How is it handled in MISRA compliance?
17. Explain Rule 11.4 (Avoid conversion between pointers to different object types).
18. Why does MISRA-C++ restrict the use of multiple inheritance and virtual functions?
19. How would you fix a violation of Rule 8.7 (Functions with internal linkage)?
20. How do you handle third-party code that violates MISRA guidelines?

Advanced-Level Questions

21. How would you implement a MISRA compliance process in an existing codebase?
22. What challenges do you face while using static analysis tools for MISRA?
23. How do MISRA-C and ISO 26262 relate in terms of functional safety?
24. What are the implications of using reinterpret_cast in C++ for safety-critical systems?
25. Explain how MISRA helps in enabling formal verification or model-based design.
26. Can you give an example of a rule violation that caused a bug or issue in production?
27. How do you justify a deviation with traceability to requirements?
28. How do you balance performance optimization and MISRA compliance?
29. What is the difference between MISRA C:2004 and MISRA C:2012?
30. Have you ever written custom rules in a static analysis tool to supplement MISRA?

FAQ: MISRA-C / MISRA-C++ Guidelines

1. What is MISRA?

MISRA (Motor Industry Software Reliability Association) is a set of coding guidelines for C and C++ designed to help developers write safe, secure, and portable code—especially in safety-critical industries like automotive, aerospace, and medical devices.

2. What is the difference between MISRA-C and MISRA-C++?

• MISRA-C applies to the C programming language (mostly used in embedded systems).
• MISRA-C++ applies to the C++ language, offering guidance for object-oriented programming in critical systems.

3. Why should I follow MISRA guidelines?

Following MISRA helps:

• Prevent undefined behavior
• Improve code reliability and maintainability
• Ensure safety and compliance with industry standards (e.g., ISO 26262)

4. Is MISRA only for the automotive industry?

No. Although MISRA was started by the automotive industry, it is now widely adopted in aerospace, medical, railway, industrial control, and defense sectors.

5. Do I need special tools to check for MISRA compliance?

Yes, most developers use static analysis tools like:

• PC-lint
• Parasoft
• Coverity
• Helix QAC
  These tools automatically detect violations of MISRA rules in your code.

6. Are all MISRA rules mandatory?

No. MISRA guidelines include:

• Mandatory rules (must always be followed)
• Required rules (must be followed unless a formal deviation is documented)
• Advisory rules (recommended best practices)

7. Can I use dynamic memory (malloc, free) in MISRA-compliant code?

Generally, MISRA discourages or forbids dynamic memory in embedded systems because of potential issues like fragmentation and non-determinism, especially in real-time systems.

8. How do I start learning MISRA guidelines as a beginner?

Start by:

1. Understanding basic C/C++ syntax and behavior
2. Reading MISRA rule categories (e.g., syntax, type safety, portability)
3. Studying real-world code examples
4. Using static analysis tools to get hands-on experience

9. What’s covered in this tutorial?

This tutorial covers:

• Introduction to MISRA-C and MISRA-C++
• Deep dive into key rules with code examples
• Step-by-step guidance to write compliant code
• Static analysis integration
• How to document deviations and avoid common mistakes

10. Do I need to buy the official MISRA documents?

While the official MISRA documents provide complete rule sets and rationale, this tutorial offers simplified, beginner-friendly explanations. However, if you’re working professionally, it’s recommended to purchase the official documentation from the MISRA website.

You can also Visit other tutorials of Embedded Prep 

• What is eMMC (Embedded MultiMediaCard) memory ?
• Top 30+ I2C Interview Questions
• Bit Manipulation Interview Questions
• Structure and Union in c
• Little Endian vs. Big Endian: A Complete Guide
• Merge sort algorithm

Special thanks to @mr-raj for contributing to this article on EmbeddedPrep