10 Rules for Writing Safe Code by NASA

TLDRNASA has a set of rules for writing safe code, derived from the Power of 10 rules. These rules include using simple control flow constructs, limiting the use of recursion and the heap, keeping functions short and focused, declaring variables at the lowest scope possible, checking all return values, limiting the use of the C preprocessor, restricting pointer use, and enabling compiler warnings and analysis.

Key insights

⚙️NASA has derived a set of rules for writing safe code, known as the Power of 10 rules.

🚀These rules include using simple control flow constructs and avoiding the use of go to statements or recursion.

💡NASA limits the use of the heap and recommends using stack memory instead to eliminate memory bugs.

📝Functions should be short and focused, no longer than 60 lines, and variables should be declared at the lowest scope possible.

🔬NASA recommends enabling compiler warnings, static code analysis, and unit testing to ensure code quality.

Q&A

What are the Power of 10 rules?

The Power of 10 rules are a set of rules derived from NASA's guidelines for writing safe code.

Why does NASA limit the use of the heap?

NASA limits the use of the heap to avoid memory bugs and eliminate the need for garbage collectors.

Why should functions be short and focused?

Short and focused functions are easier to read, understand, and test.

Why should variables be declared at the lowest scope possible?

Declaring variables at the lowest scope reduces the chance of errors and makes code easier to debug.

Why is enabling compiler warnings and analysis important?

Enabling compiler warnings and analysis helps catch potential issues and improve code quality.

Timestamped Summary

00:00NASA has a set of rules, known as the Power of 10 rules, for writing safe code.

00:20These rules include using simple control flow constructs and avoiding recursion.

01:40NASA limits the use of the heap and recommends stack memory to eliminate memory bugs.

02:30Functions should be short and focused, no longer than 60 lines.

03:55Variables should be declared at the lowest scope possible to reduce errors.

04:55Checking all return values is important for non-void functions.

05:55Limiting the use of the C preprocessor helps maintain code clarity.

06:35NASA restricts pointer use and recommends limiting dereferencing.

07:45Enabling compiler warnings and analysis is crucial for code quality.

08:50Code should be tested using multiple static analyzers and unit tests.

Browse more