USB Device Middleware Library 2.10
MISRA-C:2012 Compliance

This section describes MISRA-C:2012 compliance and deviations for the USB.

MISRA stands for Motor Industry Software Reliability Association. The MISRA specification covers a set of 10 mandatory rules, 110 required rules and 39 advisory rules that apply to firmware design and has been put together by the Automotive Industry to enhance the quality and robustness of the firmware code embedded in automotive devices.

The MISRA specification defines two categories of deviations (see section 5.4 of the MISRA-C:2012 specification):

  • Project Deviations - deviations that are applicable for particular class of circumstances.
  • Specific Deviations - deviations that are applicable for a single instance in a single file.

Project Deviations are documented in current section below.

Specific deviations are documented in the driver source code, close to the deviation occurrence. For each deviation a special macro identifies the relevant rule or directive number, and reason.

Verification Environment

This section provides MISRA compliance analysis environment description.

Component Name Version
Test Specification MISRA-C:2012 Guidelines for the use of the C language in critical systems March 2013
MISRA Checking Tool Coverity Static Analysis Tool 2020.03

Project Deviation

The list of deviated required rules is provided in the table below. Advisory rules deviation is not documented, as not required per MISRA specification.

Rule ID Rule Description Description of Deviation(s)
Rule 3.1 The character sequences /* and // shall not be used within a comment. Using of the special comment symbols is need for Doxygen comment support, it does not have any impact.
Rule 11.8 A cast shall not remove any const or volatile qualifications from the type pointed by a pointer.
  1. All device descriptors are stored in flash. On the USB Host get descriptor request, the pointer to descriptor is assigned to a pointer that manages data transfer losing const qualification. Despite the qualification being lost, the middleware does not perform any write access using this pointer.
  2. Some device characteristics are stored in volatile variables. On the USB Host request, the pointer to a characteristic variable is assigned to a pointer that manages data transfer losing volatile qualification. Despite the qualification being lost, this does not cause any negative impact because the data transfer is managed by the interrupt handler. The same happens when these variables are passed as parameters to memcpy or memset function.