Why Should Auto-Generated C be Treated any Differently from Hand-Coded C? 2008-01-0661

Many embedded software developers producing C code for automotive applications will be familiar with the MISRA C guidelines. These provide practical guidance in avoiding some of the common pitfalls associated with the C language. They were originally meant for automotive developers, but are now increasingly used in other critical sectors such as aerospace and medical devices. The commonly-held view, expressed in the MISRA C guidelines, is that all C code, whether hand-written or automatically generated, should be subjected to exactly the same verification and validation activities. However, as modeling language and automatic code generation techniques have evolved over the 10 years since the first edition of MISRA C, this advice may no longer be so relevant. This paper looks at some of the issues related to verification and validation of automatically-generated C code and identifies the situations in which the authors believe that a different approach is warranted.