NASA Rules for Writing Critical Mission Code

Posted on by

When you work at NASA, the development of mission-critical applications that literally depend on life (for example, on the code that controls airplanes and spaceships), the quality and safety of the code are of paramount importance. This is why they study coding standards or rules to ensure the reliability of mission-critical software.

The guidelines were developed by the Jet Propulsion Laboratory (JPL) of California Institute of Technology under contract with NASA and are currently being used experimentally with encouraging results at JPL. Although it focuses on code written in C due to the language’s long history and extensive tooling support, the guidelines can be adapted for other programming languages ​​and used even if your programs will not be used to run planes.

There are 10 rules that will make the set small enough and easy to understand to remember. Some are generally accepted standards of good coding style and practice, such as declaring data objects at the lowest level of scope (rule # 6) and checking the code daily with at least one source code analyzer (rule 10). Some of them may seem strict or restrictive, for example, rule number four:

No feature should be longer than what can be printed on a single sheet of paper in a standard reference format with one line for approval and one line for announcement. This usually means no more than 60 lines of code per function.

Rationale: Each function should be a logical unit in the code, understandable and testable as a whole. It is much more difficult to understand a logical unit that spans multiple screens on a computer display or multiple pages when printed. Overly long functions are often a sign of poorly structured code.

However, as noted in the best practices document, these guidelines are intended to make critical code clearer, easier to parse, and ultimately more secure.

Check out the PDF below for the ten rules and their rationale.

The Power of Ten – Rules for Developing a Critical Safety Code (PDF) | Pixels Commander via JAXenter

More…

0
Uncategorized

Leave a Reply