LLMpediaThe first transparent, open encyclopedia generated by LLMs

ISO/IEC 16262

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: ECMAScript Hop 4
Expansion Funnel Raw 61 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted61
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
ISO/IEC 16262
TitleISO/IEC 16262
Long nameInformation technology — Programming languages — Guidance for the use of the C programming language in critical systems
StatusPublished
Year2011
OrganizationISO; IEC; JTC 1
DomainInformation technology; Programming languages

ISO/IEC 16262 ISO/IEC 16262 is an international standard providing guidance on the use of the C programming language in safety- and mission-critical systems. It offers recommendations intended to complement language specifications and to assist practitioners, managers, and auditors in applying C (programming language), International Organization for Standardization, International Electrotechnical Commission, ISO/IEC JTC 1, and related organizational frameworks. The standard targets implementers working within regulated contexts such as European Union directives, United States Department of Defense, and industry-specific authorities.

Overview

ISO/IEC 16262 supplies guidance rather than normative constraints, aligning with other normative artifacts such as ISO/IEC 9899 (the C standard), IEC 61508, DO-178C, MISRA C, and CERT C. It is intended to help reconcile the expressive features of C (programming language) with the assurance needs of systems designed by organizations such as NASA, European Space Agency, Airbus, and Boeing. The document addresses risks arising from undefined behavior in C (programming language), interactions between language semantics and implementation-defined behavior in compilers from vendors like GCC, Clang (compiler), and Microsoft Visual C++, and the implications of concurrency features for real-time operating systems such as VxWorks and RTEMS.

Scope and Purpose

The scope encompasses guidance on language subsets, runtime environment assumptions, and development practices for software intended to meet certification under schemes including DO-178C, ISO 26262, and IEC 61508. It targets stakeholders including developers, verification engineers, integrators, and certifiers at organizations such as Lockheed Martin, Raytheon Technologies, Siemens, and Bosch. The purpose is to reduce faults introduced by ambiguous language constructs and implementation variability that could propagate into field failures in projects like Curiosity (rover), Hubble Space Telescope, or industrial control systems deployed by Schneider Electric.

Key Definitions and Terminology

ISO/IEC 16262 defines terminology related to behavior classifications and risk taxonomy, referencing terms found in ISO/IEC 9899 and safety standards like IEC 61508. Core definitions include undefined behaviour, unspecified behaviour, implementation-defined behaviour, and portable constructs, with contextual links to compilers and toolchains such as LLVM Project, Intel C Compiler, and ARM Compiler. The standard distinguishes source-level constructs (for example, pointer arithmetic, aliasing, and type punning) from implementation-level issues (such as endianness on ARM architecture or x86), and maps these to terminology used by certification authorities including Federal Aviation Administration and European Union Aviation Safety Agency. It also defines roles — developer, reviewer, verifier — analogous to positions recognized in Capability Maturity Model Integration and ISO 9001 quality management.

Conformance and Compliance Requirements

As guidance, ISO/IEC 16262 refrains from normative mandates but prescribes recommended practices to achieve conformity with normative standards like ISO/IEC 9899 and regulatory schemes such as DO-178C and ISO 26262. Organizations seeking compliance often combine 16262 guidance with static analysis tools from vendors like Polyspace, Coverity, and Klocwork, and with coding rulesets such as MISRA C and CERT C. The document recommends verification strategies that mirror processes used by European Space Agency and NASA, including code reviews, unit testing compatible with frameworks used at Google, and traceability practices aligned with ISO 15288. It anticipates interactions with compilers, linkers, and runtime libraries produced by GNU Project and proprietary vendors, and recommends documenting implementation-defined behavior to support audits by regulators such as NHTSA in automotive contexts.

Relationship to Other Standards

ISO/IEC 16262 is positioned as complementary to language definition documents like ISO/IEC 9899 and industry coding standards such as MISRA C, CERT C, and JSF Air Vehicle C++ Coding Standard in the context of Joint Strike Fighter software development. It references functional safety standards including IEC 61508, ISO 26262, and avionics standards such as DO-178C, promoting interoperability with system engineering norms like ISO/IEC 15288 and quality frameworks such as ISO 9001. The guidance informs tool qualification approaches consistent with DO-178C objectives and with supplier quality programs operated by companies like Thales Group, GE Aviation, and Honda.

History and Revisions

The standard emerged from collaborative work in ISO/IEC JTC 1/SC 22 and drew on expertise contributed by national bodies including BSI, ANSI, DIN, and AFNOR. Initial editions incorporated community experience from incidents involving embedded systems in sectors represented by Automotive Research Center, FAA, and EASA; later revisions integrated feedback from compiler vendors and safety authorities. Subsequent errata and technical corrections reflected evolving compiler behavior in projects such as LLVM and changed expectations in safety standards like DO-178C supplements. Adoption has been by governmental and industrial stakeholders engaged in software assurance for programs at NASA, ESA, and major aerospace and automotive manufacturers.

Category:Programming language standards