B
B
BadCats2019-05-06 22:12:07
Books
BadCats, 2019-05-06 22:12:07

Where can I read / watch about the principles of designing and writing software for strategically important facilities?

Interested in whether there are some principles / standards and techniques for writing extremely fault-tolerant software.
For example, how to properly develop and test a nuclear power plant control panel? Or, for example, an artificial satellite, with which there will be no communication in the future to correct the code and it must adhere to the instructions as clearly as possible, while having as little code as possible?
That is, in fact, I'm interested in how you can develop fault-tolerant software using the example of strategic facilities?
UPD:
Here, I decided to add an example in the form of a video:
(long video - 12 minutes)
https://www.youtube.com/watch?v=d3ENbjUTv0I&t=7s
- I'm talking about such situations - how to avoid them?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
V
Vamp, 2019-05-06
@BadCats

Such standards exist. The most famous are MISRA C and MISRA C++. As you might guess, for C and C++, respectively. Initially created for the automotive industry, but spread to the aerospace industry, medical equipment, the military and other reliability-critical areas. including nuclear power plants.
From MISRA C grew SEI CERT C / C ++, AUTOSAR General Software Specification, JPL Institutional Coding Standard for the C (NASA standard) and a bunch of others.
The whole point of these standards is to limit the language features used as much as possible - so that the code is as simple as possible (even rather primitive) and accessible for analysis. As a rule, it is forbidden to use infinite loops, recursion, macros, heap allocations - in general, any potentially dangerous operations in which errors are most often found. There are also restrictions on the size of the function (in lines of code), cyclomatic complexity, autotest coverage, etc.
In addition, there is a bunch of standards that describe approaches to organizing the development process and quality control. Each industry has its own standards. For example AS9100.
If you are interested in the question of applying such techniques in everyday programming, then you should not - you will not get any pleasure and competitive advantage from this. Unless, of course, your daily programming includes the development of a nuclear power plant control panel.
Update 2019-12-30:
An interesting article has appeared on Habré with a brief overview of MISRA.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question