Navigating the Delicate Balance Between Autosar and Misra: LDRA’s Strategic Journey

Steve Rogerson Chats with Jim McElroy from LDRA

There’s tension brewing between Autosar and Misra over C++ coding standards. To address this, LDRA has updated its tools, allowing users to choose between the two standards.

The issue flared up last year when Autosar decided to overhaul the 2008 Misra C++ guidelines to match modern practices. This move rendered some Misra rules obsolete and tweaked others. Misra is currently reviewing Autosar’s new guidelines, but it’s unclear if they’ll update their own standards or let Autosar take the lead.

LDRA responded by bringing in some expertise, hiring Andrew Banks, the chair of the Misra C committee. They also added support for Autosar’s C++ 14 coding standard to their tool suite.

“With us, you can choose between Autosar and Misra standards,” said Jim McElroy, LDRA’s VP of Marketing.

Autosar needed to adapt because its C-based Classic platform couldn’t handle the complexities of modern advanced driver-assistance systems (ADAS) and autonomous vehicles. Hence, they introduced the Adaptive platform using C++ 14.

“That’s why we integrated the C++ coding standard into our tools,” explained McElroy. “But we’re still committed to Misra, which is why Andrew Banks joined us.”

Banks brings 25 years of experience in safety standards, having led coding standards initiatives in avionics and military sectors, and more recently focusing on ISO 26262 compliance for hybrid and electronic driveline technologies.

LDRA believes that Banks’ expertise enhances the growing adoption of its tools by the automotive industry, especially in meeting safety and security compliance needs.

The C++ 14 guidelines under the Autosar Adaptive platform target high-performance ECUs for infotainment, connectivity, and ADAS, backing features like high data-processing capacities, service-oriented communications, and over-the-air updates. These complex systems often require multicore microprocessors and robust operating systems, adding to software development challenges. Automated static analysis tools are essential for maintaining standards compliance and consistency across distributed work groups.

The updated Autosar standard not only builds on the 2008 Misra C++ rules but also includes elements from other safety-critical standards such as the Joint Strike Fighter Air Vehicle C++ coding standards, High Integrity C++ version 4.0, Cert C++, and the Google C++ style guide.

Understanding that safety and security are now deeply connected, LDRA is also promoting the use of the SAE J3061 cyber security standard alongside ISO 26262 functional safety standard.

“Both standards perform similar roles,” noted McElroy, “but ISO 26262 doesn’t include security analysis, which J3061 does. We enable you to integrate J3061 just like you do with ISO 26262, making it part of the development workflow. The rise of security concerns means we need more documentation and better methods to handle them.”

In conclusion, LDRA’s updates and new hires position them at the forefront of evolving automotive safety and security standards.