Reason behind MISRA rule 111

Hi Walter,

On 5/15/2011 11:23 PM, Walter Banks wrote:

>> It's the same sort of mentality that seeks to impose "style
>> guidelines" on code in an attempt to make it more readable,
>> maintainable, etc.  People end up working to appease the
>> Standard's God instead of focusing on the product they are
>> preparing.
>
> Coding standards misra and others do a lot to make big projects
> much more reliable. They tend to force people to use clear
> statements devoid of the kind of one of programming tricks
> that create debugging and application nightmares.

Coding *guidelines* can have the same effect -- without the
"policeman".  If your staff aren't competent enough to
understand the costs and benefits associated with different
language features, then you have bigger problems than a
"standard" can fix.

> I have seen a lot of code written by many different people
> the best fastest and most easy to maintain code is simple
> and clear and let modern tools do there work.
>
> misra is a low cost standard well worth the cost.

The "cost" of an e-file isn't the issue.  Rather, the cost
of BLINDLY (i.e., following the "shalls" and "shoulds")
adhering to it can be significant!

Standards cost a lot more than the "paper" they're written
on.  Someone has to codify an enforcement policy for your
organization, put in place mechanisms to verify compliance,
maintain any tools that are required for these activities,
educate users as to why rules that obviously have significant
coding consequences are BLINDLY enforced ("Yes, we value you
as an employee... we just don't think you are smart enough
to know when *to* use a goto/break/continue/etc. and when
*not* to -- so we'll just make it illegal to use them!"),
determine (in some empirical manner) if the costs are being
justified by productivity increases, etc.

Or, go the DoD route -- impose heavy-handed "requirements"
on the code, the coding *process*, specification, testing,
etc.  *That* sure seems to have worked out well for *them*,
eh?  ;-)

Hi Chris,

On 5/16/2011 12:14 AM, Chris H wrote:
> In message<iqp21t$pag$1@speranza.aioe.org>, D Yuniskis
> <not.going.to.be@seen.com>  writes
>>
>> Or, hope for the benevolence of "key players" in those industries
>> to underwrite all or part of their efforts.  Things like Standards
>> are so tenuous that you have to be wary that The Industry might
>> just pick up and head off in a different direction regardless of
>> your concern/interests.
>>
>> The problem with "paid" organizations promoting/sponsoring things
>> like this is they tend to be self-perpetuating.  They have a
>> vested interest in "their" Standard.  So, the biological organisms
>> involved in it have a *huge* stake -- their SALARIES!
>
> Then there are no standards you can rely on.

What prevents me from relying on *any* standard (guideline) that
I choose?  Why does it have to have an organization behind it?

MISRA isn't trying to define something akin to interoperability.
I.e., defining a consistent API, etc. so code from vendor A
works with vendor B.  So, there is nothing "shared".

I can take MISRA (or any other "standard"), drag out a red pen
and mark it up to my heart's content, laminate it between two
sheets of clear plastic, write "Company Guidelines" across
the top and now I have a "standard that I can rely on".

Does the fact that *this* company (and not *that* organization)
has assumed ownership of it make it any less reliable?  The
people who will be held accountable to it will have had a
*real* say in its creation.  They will have *control* over
its evolution.  Your claim is that some third-party needs
to be involved in order to make it *credible*/reliable??

(if my quality/performance is higher than yours, why do you care
what my "standard" is?)

Hi Walter,

On 5/15/2011 11:28 PM, Walter Banks wrote:
> D Yuniskis wrote:
>
>> *Personally*, I abhor "closed" and "for pay" standards -- if what
>> you have is so wonderful (and really little more than a piece of
>> electronic paper), why horde it?
>
> I assume that you don't charge for the work you do for customers.

If a customer wants me to design a set of guidelines (for
coding style, testing, etc.) then I charge them for the
work I do TOWARDS THAT GOAL.

[I *really* don't like this sort of task because you "can't win":
the sorts of clients that want to develop these guidelines tend to
be small shops suffering "growing pains".  They invariably want
*rules* that they can forget about (hire a policeman). And, you
*know* that those "rules" will be resented by the folks they are
imposed upon.  And, *you* (I) will be the personification of that
resentment!]

I don't tell them, "before I start this coding project for you,
I need to charge you to develop a set of guidelines that will apply
to that code -- its design, documentation and testing".  They benefit
from the guidelines that I've evolved over the past few decades.

[I've had several clients amused by how "consistent" my designs
are -- whether hardware or software.  My ASICs look like they
were designed "mechanically"!]

They pay for that in terms of my level of experience.  They benefit
by being exposed to those code samples and my exchanges with their
staff.  I, in turn, learn from them -- the particulars of their
application domain, any hardware or software "tricks" that I
develop while working on their project, etc.

I'm not getting paid to share my beliefs *here*.  I'm not trying
to be coy saying, "Buy *my* 'standard' instead".  Rather, I am
putting forth the argument (for *free*) that "Standards" (in the
sense we are discussing here) have big downsides when treated as
legislation instead of recommendation.

Anyone who's spent more than a minute around the watercooler
arguing/pondering/complaining about some unilaterally imposed
"coding rule" represents a hidden cost of that "standard's
enforcement".  If you listen to the folks in shops that have
these sorts of things *imposed* vs. taking control of their
*own* "guidelines", you will see a big difference in their
attitudes towards their work and their employer.

Invest in your staff so that they are better able to *make*
these decisions intelligently instead of imposing "rules"
arbitrarily.

Hi David,

On 5/16/2011 1:50 AM, David Brown wrote:
>>> *Personally*, I abhor "closed" and "for pay" standards -- if what
>>> you have is so wonderful (and really little more than a piece of
>>> electronic paper), why horde it?
>>
>> I assume that you don't charge for the work you do for customers.
>
> There are plenty of different business models for different types of
> work. I have no issues with standards developers making money out of
> their work (though I think state sponsorship of standards committees is
> a better model in many cases). I just think that a better way to make
> that money is by publishing the standards freely and spreading them as
> wide as possible, then selling services (trademark licensing,
> consultancy, certification, etc.).

As I mention elsewhere, recall that we aren't talking about
a "Standard" for interoperability, here.  It's not like needing
to come to concensus about how to enumerate a USB device, etc!

The "value added", in this particular case, is someone sat down and
codified a set of rules (most of which are obvious to a student
in a formal language course) regarding what you should *avoid*
when writing code.  [note that this is less severe than saying
you *must* avoid -- as MISRA does in many cases]

Spend an evening searching for "C coding standards" and you'll find
at least a dozen that address the same sorts of issues.  And none
of those web sites will require a PayPal account to access the
content...

If MISRA wants to try to elevate their status to something
comparable to ISO 9000 certification, they need to add far more
value than "codifying the obvious".  (and, they'll have to be
able to defend their claims more aggressively to gain that
level of acceptance -- like DoD's Ada)

> Maybe I'm naive here, and the sums wouldn't work out in the end. But
> Misra charge �10 for their pdf - it's absurd. Give it out free, and
> charge �100 for a Misra rule checker program.

What are the *costs* associated with it?  Besides "order takers",
what ongoing costs can they claim?  "Certification costs"??  Pass
those on to the vendors being certified (so that the vendor can
make an economic decision as to the *value* of that certification).
Charging to distribute a PDF is just silly.  It suggests that
they can't command a high enough premium from *vendors* to
cover their overhead (which implies that vendors don't consider
it worthwhile).

I wonder how widespread PDF's would be if every *reader* had
to be *purchased* from Adobe?  (yet, obviously they fare well
enough charging for *writers*!)

Hi Chris,

On 5/16/2011 2:02 AM, Chris H wrote:
>>   Give it out free, and charge �100 for a Misra rule checker program.
>
> IF it is free why charge for a rule checker program?

Because the rule checker ADDS VALUE.  It automates what would
otherwise be a manual process of inspecting code for compliance
with this set of rules and, presumably, *commenting* on the
results it discovers to *educate* the user (to the point where
the user will ultimately not need the checker, at all!)

On 16/05/2011 11:23, Chris H wrote:
> In message<LNCdnZgace-cdk3QnZ2dnUVZ8t6dnZ2d@lyse.net>, David Brown
> <david@westcontrol.removethisbit.com>  writes
>> On 16/05/2011 10:52, Chris H wrote:
>>> In message<qf2dnUc_JNuefk3QnZ2dnUVZ8i2dnZ2d@lyse.net>, David Brown
>>> <david@westcontrol.removethisbit.com>   writes
>>>> On 16/05/2011 09:12, Chris H wrote:
>>>>> In message<KLCdnWXnsvyPY1LQnZ2dnUVZ8gGdnZ2d@lyse.net>, David Brown
>>>>> <david.brown@removethis.hesbynett.no>    writes
>>>>>> As far as I am concerned, a set of rules or definitions is not a
>>>>>> standard unless it is well-maintained by a reputable body, freely
>>>>>> available to view by anyone who wants it, freely implementable by
>>>>>> anyone who wants to, represents a real and practical document that is
>>>>>> widely followed, and adapts as required by its users, and modern
>>>>>> developments.  Without that, it's just a set of private rules for a
>>>>>> particular club.  That's fine in itself - private rules have lots of
>>>>>> uses.  But it is not a standard.
>>>>>
>>>>> Then neither ISO C or C++ are a "Standard"
>>>>>
>>>>
>>>> By the definition I used, then that's correct.  They come close,
>>>> however.  But until you can freely download the pdfs, and use google to
>>>> search online html versions, it's not a full standard to me.  I think
>>>> it is absurd that so many millions of developers around the world rely
>>>> on these "standards", yet have no simple and easy way to view them.
>>>> Online versions, especially with an interactive comment / wiki setup,
>>>> would be a huge boon to developers.
>>>
>>> They all have a VERY easy way to get the standards... they go and buy a
>>> copy of the PDF.
>>>
>>
>> And will that pdf work on /my/ choice of pdf reader?
>
> No idea. Probably Adobe and you can use any reader you with that is
> compliant.
>

If it works with any compliant pdf reader, then I'm happy.  I've just 
seen too many pay-for "pdf" files that are /not/ pdf format (i.e., the 
don't follow the pdf standards, and only work with Adobe Acrobat).

>>> Incidentally the MISRA standards come closer than the ISO C and C++
>>> standards by your definitions. For the ISO (and certainly the BSI parts
>>> of it) there is no requirement to have any qualifications or experience
>>> in the field of the standard.
>> MISRA are also closer in that &#4294967295;10 is a lot less than ISO charges for
>> the C standards.
>
> MISRA can't do it for free for obvious reasons.
>

These reasons are not doubt obvious to you, but they are not obvious to 
me.  I understand that it costs a fair amount of money to run a group 
like Misra, and you need to get that income somehow.  But as I've said 
elsewhere, I don't think charging for the document is the best way to 
get that money.  Obviously, of course, you know far more about this than 
I do - I can only comment from the outside.

It's not that &#4294967295;10 is expensive - it's peanuts to a professional, and 
even the most hard-up amateur could find the money.  But when it is 
paid-for and single-user, a company has to figure out and track who has 
the documents, how many they need, what are the rules for when the 
developer gets a new computer, etc., etc.  If it's free, you download a 
copy and pass it around as needed.

Having a price - any price - makes it an exclusive club.  If it is free, 
the knowledge can be spread around so much more easily - you'd find more 
information on the web, and more in discussions.  The OP in this thread 
could have quoted rule 111 for everyone's benefit.  Some things are 
worth more when they are free.

>
>>> BTW an on line wiki set up would be a complete disaster.
>
>> Registered community members can add comments to clarify the document,
>> or to give hints or tips.  The authors use these comments to improve
>> later versions of the manual (and sometimes the software).
>
> That is how MISRA works now. There is a forum for registered users to
> comment.   They can not write to the document and "clarify" it as they
> will not have attended the meetings to know what was intended.
>

I had a little look at the forums, and they seem very useful - I 
definitely like the way they are organised by rule.

I am not proposing that outsiders be able to modify the documents 
themselves - that would be useless.  But if you looked at the postgresql 
link I posted, you can see that it is user annotations at the end of the 
pages - not modifications to the pages themselves.  Imagine that the 
MISRA standards were available in html format, with one rule per page, 
and at the bottom of each page was a link to the matching subforum and 
perhaps a copy of the most popular relevant forum posts.

In message <tfidnXYX4bnpY03QnZ2dnUVZ8mOdnZ2d@lyse.net>, David Brown
<david@westcontrol.removethisbit.com> writes
>> MISRA can't do it for free for obvious reasons.
>>
>
>These reasons are not doubt obvious to you, but they are not obvious to
>me.

Time == money.
It takes time to issue a licensed Pdf.

>I understand that it costs a fair amount of money to run a group like
>Misra, and you need to get that income somehow.

Yes.

>It's not that &#4294967295;10 is expensive - it's peanuts to a professional, and
>even the most hard-up amateur could find the money.

Exactly.

> But when it is paid-for and single-user, a company has to figure out
>and track who has the documents, how many they need, what are the rules
>for when the developer gets a new computer, etc., etc.

Yes. As you say time is money.

>Having a price - any price - makes it an exclusive club.

Just like life in general and ALL business in particular.

>I am not proposing that outsiders be able to modify the documents
>themselves - that would be useless.  But if you looked at the
>postgresql link I posted, you can see that it is user annotations at
>the end of the pages - not modifications to the pages themselves.

We don't want those... It would take far to much time to administer

>Imagine that the MISRA standards were available in html format, with
>one rule per page, and at the bottom of each page was a link to the
>matching subforum and perhaps a copy of the most popular relevant forum
>posts.

There would be no usable MISRA standards.


-- 
Support Sarah Palin for the next US President
Go Palin! Go Palin! Go Palin!
In God We Trust! Rapture Ready!!!
http://www.sarahpac.com/

In message <iqqtr0$201$1@speranza.aioe.org>, D Yuniskis
>If MISRA wants to try to elevate their status to something
>comparable to ISO 9000 certification,

They don't


-- 
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
\/\/\/\/\ Chris Hills  Staffs  England     /\/\/\/\/
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/

In message <iqqsv9$vcp$1@speranza.aioe.org>, D Yuniskis
<not.going.to.be@seen.com> writes
>Hi Walter,
>
>On 5/15/2011 11:28 PM, Walter Banks wrote:
>> D Yuniskis wrote:
>>
>>> *Personally*, I abhor "closed" and "for pay" standards -- if what
>>> you have is so wonderful (and really little more than a piece of
>>> electronic paper), why horde it?
>>
>> I assume that you don't charge for the work you do for customers.
>
>If a customer wants me to design a set of guidelines (for
>coding style, testing, etc.) then I charge them for the
>work I do TOWARDS THAT GOAL.

If you are unable to work to customer specifications and guidelines you
seem unemployable.


-- 
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
\/\/\/\/\ Chris Hills  Staffs  England     /\/\/\/\/
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/

>-----< D Yuniskis >
> The "value added", in this particular case, is someone sat down and
> codified a set of rules (most of which are obvious to a student in a
> formal language course) regarding what you should *avoid* when writing
> code.  [note that this is less severe than saying you *must* avoid -- as
> MISRA does in many cases]

You don't have to comply to the MISRA rules to be MISRA compliant. You 
just have to get the manager/product owner/whoever to sign a paper 
explaining when and why you choose not to comply. This is the real 
problem.

Instead of engineers making design and implementation decisions, managers 
are by MISRA invited to make (or not make) them.