Thread

Topic: DO-178b safety-critical C++

Author: Robin Rowe <robinsrowe@gmail.com>
Date: Thu, 25 Feb 2016 22:45:17 -0800 Raw View

Can anyone tell me what work has been done to standardize C++ for
safety-critical systems?

What C++ features are considered unsafe for DO-178b? For example, with
flight software, any program termination will result in destruction of
the spacecraft. Since an uncaught exception would be catastrophic, is
banning using exceptions here the best course?

Robin

--
You received this message because you are subscribed to the Google Groups "ISO C++ Standard - Future Proposals" group.
To unsubscribe from this group and stop receiving emails from it, send an email to std-proposals+unsubscribe@isocpp.org.
To post to this group, send email to std-proposals@isocpp.org.
To view this discussion on the web visit https://groups.google.com/a/isocpp.org/d/msgid/std-proposals/56CFF47D.4090607%40gmail.com.

.

Author: daniele.bordes@gmail.com
Date: Fri, 26 Feb 2016 00:28:28 -0800 (PST) Raw View

------=_Part_257_1501128971.1456475308763
Content-Type: multipart/alternative;
 boundary="----=_Part_258_2045284394.1456475308763"

------=_Part_258_2045284394.1456475308763
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Some standards were developed with C++ guidelines and feature limitations.
The most important are:

- MISRA C++=20
- JSF Air Vehicle C++ Coding Standard

Tipically features like dynamic memory allocation are forbidden, automatic=
=20
conversions are restricted and so on.

Il giorno venerd=C3=AC 26 febbraio 2016 07:45:22 UTC+1, Robin Rowe ha scrit=
to:
>
> Can anyone tell me what work has been done to standardize C++ for=20
> safety-critical systems?=20
>
> What C++ features are considered unsafe for DO-178b? For example, with=20
> flight software, any program termination will result in destruction of=20
> the spacecraft. Since an uncaught exception would be catastrophic, is=20
> banning using exceptions here the best course?=20
>
> Robin=20
>
>

--=20
You received this message because you are subscribed to the Google Groups "=
ISO C++ Standard - Future Proposals" group.
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to std-proposals+unsubscribe@isocpp.org.
To post to this group, send email to std-proposals@isocpp.org.
To view this discussion on the web visit https://groups.google.com/a/isocpp=
..org/d/msgid/std-proposals/c62b81a9-9c41-4d09-b815-98729d3ce998%40isocpp.or=
g.

------=_Part_258_2045284394.1456475308763
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Some standards were developed with C++ guidelines and feat=
ure limitations.<br>The most important are:<br><br>- MISRA C++ <br>- JSF Ai=
r Vehicle C++ Coding Standard<br><br>Tipically features like dynamic memory=
 allocation are forbidden, automatic conversions are restricted and so on.<=
br><h3 class=3D"r"></h3><br>Il giorno venerd=C3=AC 26 febbraio 2016 07:45:2=
2 UTC+1, Robin Rowe ha scritto:<blockquote class=3D"gmail_quote" style=3D"m=
argin: 0;margin-left: 0.8ex;border-left: 1px #ccc solid;padding-left: 1ex;"=
>Can anyone tell me what work has been done to standardize C++ for=20
<br>safety-critical systems?
<br>
<br>What C++ features are considered unsafe for DO-178b? For example, with=
=20
<br>flight software, any program termination will result in destruction of=
=20
<br>the spacecraft. Since an uncaught exception would be catastrophic, is=
=20
<br>banning using exceptions here the best course?
<br>
<br>Robin
<br>
<br></blockquote></div>

<p></p>

-- <br />
You received this message because you are subscribed to the Google Groups &=
quot;ISO C++ Standard - Future Proposals&quot; group.<br />
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to <a href=3D"mailto:std-proposals+unsubscribe@isocpp.org">std-proposa=
ls+unsubscribe@isocpp.org</a>.<br />
To post to this group, send email to <a href=3D"mailto:std-proposals@isocpp=
..org">std-proposals@isocpp.org</a>.<br />
To view this discussion on the web visit <a href=3D"https://groups.google.c=
om/a/isocpp.org/d/msgid/std-proposals/c62b81a9-9c41-4d09-b815-98729d3ce998%=
40isocpp.org?utm_medium=3Demail&utm_source=3Dfooter">https://groups.google.=
com/a/isocpp.org/d/msgid/std-proposals/c62b81a9-9c41-4d09-b815-98729d3ce998=
%40isocpp.org</a>.<br />

------=_Part_258_2045284394.1456475308763--
------=_Part_257_1501128971.1456475308763--

.

Author: daniele.bordes@gmail.com
Date: Fri, 26 Feb 2016 00:31:52 -0800 (PST) Raw View

------=_Part_188_194636818.1456475512565
Content-Type: multipart/alternative;
 boundary="----=_Part_189_53746412.1456475512570"

------=_Part_189_53746412.1456475512570
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

The JSF C++ Coding Standard forbids also Exceptions.

Il giorno venerd=C3=AC 26 febbraio 2016 07:45:22 UTC+1, Robin Rowe ha scrit=
to:
>
> Can anyone tell me what work has been done to standardize C++ for=20
> safety-critical systems?=20
>
> What C++ features are considered unsafe for DO-178b? For example, with=20
> flight software, any program termination will result in destruction of=20
> the spacecraft. Since an uncaught exception would be catastrophic, is=20
> banning using exceptions here the best course?=20
>
> Robin=20
>
>

--=20
You received this message because you are subscribed to the Google Groups "=
ISO C++ Standard - Future Proposals" group.
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to std-proposals+unsubscribe@isocpp.org.
To post to this group, send email to std-proposals@isocpp.org.
To view this discussion on the web visit https://groups.google.com/a/isocpp=
..org/d/msgid/std-proposals/33531df8-6b9d-441c-92f4-e3212705b167%40isocpp.or=
g.

------=_Part_189_53746412.1456475512570
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><h3 class=3D"r">The JSF C++ Coding Standard forbids also E=
xceptions.<br></h3><br>Il giorno venerd=C3=AC 26 febbraio 2016 07:45:22 UTC=
+1, Robin Rowe ha scritto:<blockquote class=3D"gmail_quote" style=3D"margin=
: 0;margin-left: 0.8ex;border-left: 1px #ccc solid;padding-left: 1ex;">Can =
anyone tell me what work has been done to standardize C++ for=20
<br>safety-critical systems?
<br>
<br>What C++ features are considered unsafe for DO-178b? For example, with=
=20
<br>flight software, any program termination will result in destruction of=
=20
<br>the spacecraft. Since an uncaught exception would be catastrophic, is=
=20
<br>banning using exceptions here the best course?
<br>
<br>Robin
<br>
<br></blockquote></div>

<p></p>

-- <br />
You received this message because you are subscribed to the Google Groups &=
quot;ISO C++ Standard - Future Proposals&quot; group.<br />
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to <a href=3D"mailto:std-proposals+unsubscribe@isocpp.org">std-proposa=
ls+unsubscribe@isocpp.org</a>.<br />
To post to this group, send email to <a href=3D"mailto:std-proposals@isocpp=
..org">std-proposals@isocpp.org</a>.<br />
To view this discussion on the web visit <a href=3D"https://groups.google.c=
om/a/isocpp.org/d/msgid/std-proposals/33531df8-6b9d-441c-92f4-e3212705b167%=
40isocpp.org?utm_medium=3Demail&utm_source=3Dfooter">https://groups.google.=
com/a/isocpp.org/d/msgid/std-proposals/33531df8-6b9d-441c-92f4-e3212705b167=
%40isocpp.org</a>.<br />

------=_Part_189_53746412.1456475512570--
------=_Part_188_194636818.1456475512565--

.

Author: Arash Partow <partow@gmail.com>
Date: Fri, 26 Feb 2016 20:20:33 +1100 Raw View

DO-178B levels C/D are pretty much standard coding nothing special.
Levels A and B have much more stricter requirements - to the point
where I don't think you can use C++ in Level A.

Unless there's a toolchain provider out there that has a Level A
certified c++ toolchain, standard library et al, don't even think
Green Hills has one, so there's really no point...

--
You received this message because you are subscribed to the Google Groups "ISO C++ Standard - Future Proposals" group.
To unsubscribe from this group and stop receiving emails from it, send an email to std-proposals+unsubscribe@isocpp.org.
To post to this group, send email to std-proposals@isocpp.org.
To view this discussion on the web visit https://groups.google.com/a/isocpp.org/d/msgid/std-proposals/CACS6Y7%2Bkp8c%3DAmq2nuGNzsvGrRLLD3653TqCSG6VxL6ca30Xtg%40mail.gmail.com.

.

Author: Robert Ramey <ramey@rrsd.com>
Date: Fri, 26 Feb 2016 09:21:22 -0800 Raw View

On 2/25/16 10:45 PM, Robin Rowe wrote:
> Can anyone tell me what work has been done to standardize C++ for
> safety-critical systems?
>

Note that next Tuesday, the C++ standards committee SG-6 will consider
the proposal safe integers which is specifically designed for these
types of applications.  Feel free to read the proposal and comment on
this list.


https://isocpp.org/blog/2016/02/2016-02-pre-jacksonville-mailing-available

http://open-std.org/JTC1/SC22/WG21/docs/papers/2016/p0228r0.pdf

Robert Ramey

--
You received this message because you are subscribed to the Google Groups "ISO C++ Standard - Future Proposals" group.
To unsubscribe from this group and stop receiving emails from it, send an email to std-proposals+unsubscribe@isocpp.org.
To post to this group, send email to std-proposals@isocpp.org.
To view this discussion on the web visit https://groups.google.com/a/isocpp.org/d/msgid/std-proposals/56D08992.5000501%40rrsd.com.

.