Skip to content

Nasa

The Power of 10

  1. Avoid complex flow constructs, such as goto and recursion.
  2. All loops must have fixed bounds. This prevents runaway code.
  3. Avoid heap memory allocation.
  4. Restrict functions to a single printed page.
  5. Use a minimum of two runtime assertions per function.
  6. Restrict the scope of data to the smallest possible.
  7. Check the return value of all non-void functions, or cast to void to indicate the return value is useless.
  8. Use the preprocessor sparingly.
  9. Limit pointer use to a single dereference, and do not use function pointers.
  10. Compile with all possible warnings active; all warnings should then be addressed before release of the software.

Examples

Loop Upper Bounds

int index = 0;
while (arr[index] != nullptr && index <= MAX_ITERATIONS) { // (1)!
    // operations
    index++;
}
  1. In case we never encounter nullptr, there should be something which limits the number of iterations.

References

Read about The Power of 10: Rules for developing safety-Critical Code