MISRA C — Safe Coding for Embedded Systems
MISRA C is a set of coding guidelines developed by the Motor Industry Software Reliability Association (MISRA) to ensure safety, security, and reliability of C code in embedded systems. Originally created for the automotive industry, MISRA C is now the de facto standard across aerospace, medical devices, industrial control, rail, and any domain where software failure has safety or security consequences.
MISRA C:2023 — Current Edition
The 2023 edition consolidates all previous versions (MISRA C:2012 + Amendments 1–4 + Technical Corrigenda) into a single, comprehensive standard. Key updates include:
| Update | Description |
|---|---|
| C11/C18 support | Guidelines for _Atomic, _Static_assert, anonymous structs/unions |
| Concurrency rules | New guidelines for multithreading and atomic operations — critical for RTOS-based embedded |
| Security focus | Enhanced alignment with CWE, CERT C, and CRA requirements |
| Unified document | All amendments and corrigenda merged into one specification |
Guideline Classification
| Category | Meaning | Deviation Allowed? |
|---|---|---|
| Mandatory | Must be followed — no exceptions | ❌ Never |
| Required | Must be followed unless formally deviated | ✅ With documented rationale |
| Advisory | Recommended best practice | ✅ No formal deviation needed |
Guidelines are further classified as Rules (precisely defined, tool-checkable) or Directives (broader, require engineering judgment).
What MISRA C Prevents
Common C-language pitfalls that MISRA C guards against:
- Undefined behavior — Signed integer overflow, uninitialized variables, null pointer dereference
- Implementation-defined behavior — Bit-field ordering, char signedness, struct padding
- Dangerous constructs —
goto,setjmp/longjmp, unions for type-punning, recursive functions - Security vulnerabilities — Buffer overflows, format string attacks, integer truncation
- Concurrency bugs — Data races, non-atomic operations on shared variables
Compliance in Practice
| Aspect | Approach |
|---|---|
| Static analysis tools | PC-lint, Polyspace, Coverity, Parasoft, LDRA, QA-C |
| CI/CD integration | Automated MISRA checking on every commit |
| Deviation process | Formal deviation record with safety impact analysis |
| Compliance matrix | Mapping of MISRA rules to project rules with violation tracking |
MISRA C + Functional Safety Standards
MISRA C compliance is referenced or implied by major safety standards:
| Standard | Domain | MISRA Requirement |
|---|---|---|
| ISO 26262 | Automotive | Recommends MISRA C for ASIL A–D |
| IEC 61508 | Industrial | Recommends restricted C subset |
| DO-178C | Aerospace | Coding standards required (MISRA commonly used) |
| IEC 62304 | Medical | Requires documented coding standards |
| EN 50128 | Railway | Recommends restricted language subset |
Related Terms
- CRA — The EU Cyber Resilience Act requires secure development practices; MISRA C provides the implementation framework.
- RTOS — MISRA C:2023’s new concurrency guidelines are essential for RTOS-based multi-threaded firmware.
All our embedded projects follow MISRA C guidelines with automated static analysis in CI/CD. See our Embedded Systems Development services.