MISRA COMPLIANCE FOR EMBEDDED SOFTWARE

We will present a concrete case were a statement of MISRA compliance was done on the basis of the (absence of) reports by a tool plagued with many false negatives (plus a good number of false positives). If the objective of MISRA compliance really was ticking the box, then who cares? However, MISRA compliance is often a contractual requirement, and faking it (possibly because of low-quality or faulty tools) can be very expensive. Most importantly, as the Toyota SUA case shows, if someone gets harmed a court might question whether the manufacturer and/or the software provider are at fault.