Coding standards help developers learn about and use a safer subset of a language. As a result, code safety, security, maintainability, testability, and portability all improve.
Fallacy 1: “Our compiler is very good. We just enable all the warnings.”
Compilers do a decent job of catching syntax and constraint errors. However, they don’t do a good job of identifying undefined behavior. Coding standards reduce the risk of introducing undefined behavior errors into your code.
Fallacy 2: “We don’t need a coding standard! We just need to catch bugs.”
Not all bugs are catchable, but it’s easier to find bugs within high-quality code. Coding standards exist to improve code quality by helping developers avoid constructs that introduce undefined behavior and other errors.
Fallacy 3: “Coding standards are dangerous! Making changes to code can introduce bugs.”
Code changes introduce new bugs about 15% of the time -- whether you’re fixing a bug or conforming to a coding standard. So, applying a coding standard to legacy code can be risky. However, it’s important and beneficial to do so selectively.
Fallacy 4 “Of course we have a coding standard. I’m sure I saw it only the other day.”
Many companies produce a coding standard that goes unused because it’s nearly impossible to manually enforce. However, automatic enforcement is fast, reliable, deterministic, and non-confrontational.
Fallacy 5: “Apparently, it gives us 100% enforcement of the XXXX coding standard.”
Not true. Some rules are not statically enforceable. Each coding standard has rules that can’t be enforced and instead act as guidelines. Some rules aren’t well-specified. And, other rules are undecidable and responsible for a lot of false positives.
"Projects and products depending on the PRQA solution now extend to braking systems through to comfort controls, engine and transmission management, infotainment equipment and displays."
Since 1985, PRQA has pioneered software coding governance for critical software applications in industries ranging from the automotive to aerospace, transport, to finance, medical devices to energy.
Supporting both individual developers and globally distributed teams, we provide sophisticated code analysis, robust defect detection and enforcement of both organization specific coding policies and industry coding standards through functional integrity and application security and safety.