IEEE Article – 10 rules for safe code

In the July 2006 IEEE Computer Journal article: “The Power of 10: Rules for Developing Safety- Critical Code” by Gerard J. Holzmann of the NASA/JPL Laboratory for Reliable Software, the following 10 rules were listed:

  1. Restrict all code to very simple control flow constructs—do not use go to statements, set jump or long jump constructs, or direct or indirect recursion.
  2. Give all loops a fixed upper bound.
  3. Do not use dynamic memory allocation after initialization.
  4. No function should be longer than what can be printed on a single sheet of paper in a standard format with one line per statement and one line per declaration.
  5. The code’s assertion density should average to minimally two assertions per function.
  6. Declare all data objects at the smallest possible level of scope.
  7. Each calling function must check the return value of non void functions, and each called function must check the validity of all parameters provided by the caller.
  8. The use of the pre-processor must be limited to the inclusion of header files and simple macro definitions. Token pasting, variable argument lists (ellipses), and recursive macro calls are not allowed. All macros must expand into complete syntactic units. The use of conditional compilation directives must be kept to a minimum.
  9. The use of pointers must be restricted. Specifically, no more than one level of de-referencing should be used. Pointer de-reference operations may not be hidden in macro definitions or inside typedef declarations. Function pointers are not permitted.
  10. All code must be compiled, from the first day of development, with all compiler warnings enabled at the most pedantic setting available. All code must compile without warnings. All code must also be checked daily with at least one, but preferably more than one, strong static source code analyzer and should pass all analyses with zero warnings.

62304 Software Training Course – February 23-25, 2021

IEC 62304 and Emerging Standards and FDA Expectations for Medical Device and Health IT Software – Virtual

This very popular 3-day course provides a clear understanding of applying IEC 62304 standard for medical device software and much more. The course compares and contrasts 62304 with FDA expectations and discusses approaches for alignment. In addition, participants will learn of other relevant standards and technical reports pertinent to medical device software, HealthIT, medical mobile apps, and Software as a Medical Device (SaMD) products (e.g., 82304, 80002-1, 14971, 80001-2-x, 62366).

Participants will gain practical advice and pragmatic experience with all types of medical software. Participants will leave with a clear understanding of how to effectively and efficiently integrate 62304 compliance into their software development lifecycle (SDLC).

Register (click):  EventZilla Registration Site

Need info?  Email us at training@softwarecpr.com

Corporate Office

15148 Springview St
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN) and Italy.