NASA's 10 Rules for Developing Safety-Critical Code

[nelsonic]

https://www.perforce.com/blog/kw/NASA-rules-for-developing-safety-critical-code 🔗

Shared in a DM by @donchev7 ❤️

NASA’s 10 rules for developing safety-critical code are:

1. Restrict all code to very simple control flow constructs—do not use goto statements, setjmp or longjmp constructs, or direct or indirect recursion.
2. Give all loops a fixed upper bound.
3. Do not use dynamic memory allocation after initialization.
4. No function should be longer than what can be printed on a single sheet of paper in a standard format with one line per statement and one line per declaration.
5. The code's assertion density should average to minimally two assertions per function.
6. Declare all data objects at the smallest possible level of scope.
7. Each calling function must check the return value of nonvoid functions, and each called function must check the validity of all parameters provided by the caller.
8. The use of the preprocessor must be limited to the inclusion of header files and simple macro definitions.
9. Limit pointer use to a single dereference, and do not use function pointers.
10. Compile with all possible warnings active; all warnings should then be addressed before the release of the software.

I really like this list of Rules. 😍
Feel this is something we should aspire to in all the code we write not just for spaceships! 🚀