What is MISRA C and why does it matter for embedded development?

MISRA C is a set of coding guidelines for the C language developed by the Motor Industry Software Reliability Association (originally for automotive, now widely adopted across safety-critical industries). The current version, MISRA C:2012 (with amendments through 2023), defines approximately 175 rules categorized as Mandatory (must be followed, no deviation permitted), Required (must be followed unless a formal deviation is documented and approved), and Advisory (recommended best practice). The rules target the dangerous and undefined behaviors in the C language that cause subtle, hard-to-detect bugs — exactly the kind of bugs that crash safety-critical systems.

MISRA C matters for embedded development because the C language, while powerful and hardware-close, is riddled with undefined behavior, implementation-defined behavior, and easily misused constructs. Examples of MISRA rules: Rule 10.3 prohibits implicit narrowing conversions (assigning a uint32_t to a uint16_t without an explicit cast — silently truncating data), Rule 17.2 prohibits recursive functions (because stack depth becomes unpredictable, critical for systems with limited RAM), Rule 11.3 restricts casting between pointer types (a common source of alignment faults on ARM), and Rule 13.5 prohibits side effects in the right-hand operand of logical operators (because short-circuit evaluation makes execution unpredictable). Each rule exists because the prohibited pattern has caused real failures in production systems.

In practice, MISRA compliance is enforced through static analysis tools like Polyspace, PC-lint, LDRA, Parasoft, or Cppcheck configured with MISRA rule sets. These tools flag violations during compilation, and the development team must either fix the violation or document a formal deviation with justification. Full MISRA compliance on a large codebase is expensive — legacy code almost always has hundreds of violations, and third-party libraries (including standard C library implementations) often violate MISRA rules. The pragmatic approach is to achieve MISRA compliance for new code, document deviations for legacy and library code, and use static analysis in CI/CD to prevent regression. For an interview, emphasize that MISRA C is not about coding style — it is about eliminating categories of bugs that are catastrophic in safety-critical systems (undefined behavior, data loss through implicit conversion, stack overflow from recursion, aliasing violations).