Written by Amber Mary Hibberd, PhD. Software Engineering Manager at Intel Corporation and member of Zephyr Project Technical Steering Committee
The Zephyr Project consistently develops with the integrity of the code in mind, as highlighted by many of the safety and security initiatives ongoing in the Project. We are excited to announce that we are taking the next step towards improving the robustness of our codebase with the introduction of official Zephyr Project Coding Guidelines. (This will complement the existing Coding Style Guidelines).
For the past several months, the Zephyr Project Safety Working Group, in collaboration with the Technical Steering Committee, has been busy defining a set of rules that are relevant to our code, and are intended to increase reliability, readability, and maintainability, as well as avoid undefined behavior. We surveyed nearly 300 published rules from existing coding standards such as MISRA C:2012, SEI Cert C, and JPL. These guidelines have been referenced for decades to minimize systematic fault in safety-critical systems such as robotic spacecraft developed for NASA.1 The proposed guidelines are expected to be ratified by the Zephyr Technical Steering Committee by the end of the month, and will be published as part of the Project collaboration guidelines.
Many of the rules in the proposed Zephyr Coding Guideline are also safety-specific requirements. For example, mandating that all code be traceable to documented requirements. This means establishing the traceability from functional requirements, to implementation, to test cases and test results. For pre-existing software, we have the added challenge of retroactively defining functional requirements to cover where there are gaps, and then establish the traceability linking requirements to tests. Intel architect, Anas Nashif, has developed a methodology to achieve this required tracing, and to ultimately demonstrate 100% coverage, using tooling that is free and widely available – staying true to open source philosophy.
We hope adhering to a rigorous coding guideline will increase Zephyr community and customer adoption, especially with customers that require safety compliant code for their applications. As announced last year, the Zephyr Project is working towards achieving SIL 3 (SC3) per IEC 61508. Our finalized architecture scope for our initial certification can be seen in Figure 1 below. We are trending towards basing our certified code base off of our next LTS release in Spring 2021. Safety certification presents challenging goals for open source software, and as we prioritize quality and the stringency with which we will deliver “safe” code over timelines, the specific release is a moving target. Stay tuned for future updates.
Figure 1: Indicated in green (components with thicker borders) is the architecture scope for the Zephyr Project initial safety certification.
https://trs.jpl.nasa.gov/bitstream/handle/2014/43875/11-2798_A1b.pdf?sequence=1
You can find the Zephyr Getting started Guide here. If you are interested in contributing to the Zephyr Project please see our Contributor Guide. Join the conversation or ask questions on our Slack channel or Mailing List.
