[Oberon] Oberon as (embedded) rtos.
chris at cfbsoftware.com
Mon Nov 12 08:12:01 CET 2018
> -----Original Message-----
> From: Oberon [mailto:oberon-bounces at lists.inf.ethz.ch] On Behalf Of
> Paul Reed
> Sent: Monday, 12 November 2018 12:26 AM
> To: ETH Oberon and related systems
> Subject: Re: [Oberon] Oberon as (embedded) rtos.
> > https://en.wikipedia.org/wiki/Rate-monotonic_scheduling#cite_note-
> > ..."What really happened on Mars Rover Pathfinder"
> > http://www.rvs.uni-
> > 1.ht
> > ml
> > ...Some lessons learned...
> > https://lars-lab.jpl.nasa.gov/JPL_Coding_Standard_C.pdf
> Thanks, nice reading! It reminded me that Chris Burrows has already
> pointed out how much you need to do of MISRA-C when writing in C,
> which with Oberon you get out-of-the-box.
Thanks for remembering, Paul!
For those who were not fortunate enough to be able to attend Oberon Day 2011
this is a summary of my attempts to get some measure of the comparative
reliability of C and Oberon-07 when used for embedded software development.
>From Wikipedia: "MISRA C is a set of software development guidelines for the
C programming language developed by MISRA (Motor Industry Software
Reliability Association). Its aims are to facilitate code safety, security,
portability and reliability in the context of embedded systems"
I took the 142 rules of the MISRA-C:2004 "Guidelines for the use of the C
language in critical systems" and applied them to Oberon-07. I discovered
that more than 70% of the rules are NOT required when programming in
Oberon-07. They are either already enforced by the language or are not
Examples of MISRA rules that are not applicable to Oberon-07:
Rule 14.4: The goto statement shall not be used. (Oberon-07 does not have
Rule 14.5: The continue statement shall not be used. (Oberon-07 does not
Examples of MISRA rules that are enforced by the design of Oberon-07:
Rule 14.7: A function shall have a single point of exit at the end of the
Rule 16.6: The number of arguments passed to a function shall match the
number of parameters.
The remaining 30% of MISRA rules would need to be followed if using
Oberon-07 for critical systems. They include:
Rule 2.4 (advisory): Sections of code should not be "commented out".
Rule 20.4: Dynamic heap memory allocation shall not be used.
More information about MISRA and their guidelines can be found on their
More information about the Oberon