187
MISRA C 2023 rules
Mandatory 16 · Required 142 · Advisory 29
Native MISRA-C 2023 and MISRA-C++ 2023 - 187 + 153 rules, cross-tool verified. Editions 2004 (142 rules), 2012 (175 rules), and 2023 (187 rules) all supported for C. C++ 2008 + 2023 supported. Per-rule mapping from every emitted finding to the standard clause. Mandatory / Required / Advisory categorisation preserved end-to-end.
MISRA - the Motor Industry Software Reliability Association - publishes the most widely-adopted coding standards for safety-critical embedded C and C++ in automotive, aerospace, medical, rail, and industrial. PhantomYerra ships full native packs for both languages, with rule-by-rule traceability from any finding to the MISRA clause and decidability category.
Whether your project targets the 2004 / 2012 / 2023 cadence of MISRA C, or the 2008 / 2023 cadence of MISRA C++, the YerraSAST C and C++ scanners read the project's declared MISRA target and emit findings tagged with the correct rule ID and decidability category for that edition. No flag-juggling, no separate runs.
| Edition | Year | Rules | Mandatory | Required | Advisory | Status |
|---|---|---|---|---|---|---|
| MISRA C:2004 | 2004 | 142 | - | 122 | 20 | Native |
| MISRA C:2012 | 2012 | 175 | 10 | 130 | 35 | Native |
| MISRA C:2012 + Amendments | 2016/2020 | 181 | 14 | 132 | 35 | Native |
| MISRA C:2023 (current) | 2023 | 187 | 16 | 142 | 29 | Native |
| MISRA C++:2008 | 2008 | 228 | - | 219 | 9 | Native |
| MISRA C++:2023 (current) | 2023 | 153 | 7 | 126 | 20 | Native |
Counts above reflect the published MISRA rule tables. PhantomYerra natively detects the rules listed; Mandatory and Required rules are covered at 100% for editions 2012 onward. Advisory rules with low decidability (i.e. requiring human judgement) are emitted as advisories with a confidence tier set on the finding so the operator can triage them with their own SME review.
MISRA C:2023 categorises rules along two axes: compliance class (Mandatory / Required / Advisory) and decidability (Decidable / Undecidable / System / Single-Translation-Unit). PhantomYerra preserves both axes on every emitted finding. Decidable rules fire deterministically; Undecidable rules emit with confidence scoring so reviewers can prioritise.
| Compliance class | Definition | MISRA C 2023 | MISRA C++ 2023 | PY behaviour |
|---|---|---|---|---|
| Mandatory | Cannot be deviated from. Violation = build failure in compliant projects. | 16 | 7 | Block-on-fire |
| Required | Must be followed unless a documented deviation exists. | 142 | 126 | Fail-on-fire (configurable) |
| Advisory | Recommended; deviations need not be documented. | 29 | 20 | Inform-only by default |
Block-on-fire / Fail-on-fire / Inform-only thresholds are project-configurable in the PhantomYerra workspace policy. The default policy (recommended) hard-fails any Mandatory violation, soft-fails Required, and informs on Advisory.
Three representative MISRA C:2023 rules - one Mandatory, one Required, one Advisory - to show how PhantomYerra emits findings, what the evidence looks like, and how the report maps each one back to the MISRA clause.
Reading uninitialised automatic-storage memory is undefined behaviour. The C runtime returns whatever the stack happens to hold - frequently zero, sometimes a sensitive secret previously stored, sometimes a pointer to freed memory. In safety-critical code this is one of the most cited root causes of intermittent failure.
YerraSAST rule fired: C-MISRA-9.1-uninit-read · cross-checked against the bundled CodeQL cpp/uninitialized-local query. Confidence: HIGH (both engines agree).
/* Vulnerable: x is read before assignment on the if-false path. */ int compute(int flag) { int x; if (flag) { x = 42; } return x; /* MISRA C:2023 Rule 9.1 - Mandatory - read before set */ }
Direct or indirect recursion in safety-critical code makes worst-case stack depth undecidable at static-analysis time. MISRA bans both. PhantomYerra builds the project-wide call graph during the YerraSAST pass and reports cycles of any depth - including 4-hop indirect recursion via function pointers when the call-site is decidable.
YerraSAST rule fired: C-MISRA-17.2-recursion · uses inter-procedural call-graph analysis; reports both direct (A → A) and indirect (A → B → A; A → fp → A) cycles.
size_t factorial(size_t n) { if (n <= 1) return 1; return n * factorial(n - 1); /* MISRA C:2023 Rule 17.2 - direct recursion */ }
If a variable or function shares a name with a macro defined elsewhere in the translation unit (including transitive includes), the preprocessor will silently rewrite the program. The bug presents as "this code does something different than what it reads as." MISRA Rule 5.5 forbids the collision at the identifier-table level.
YerraSAST rule fired: C-MISRA-5.5-macro-name-shadow · cross-checked against the project's macro symbol table built from cpp -dM. Reports identifier name + macro definition site + collision location.
/* In header: */ #define MAX 100 /* In source - Rule 5.5 violation: */ int compute(int MAX) { /* parameter shadows macro */ return MAX * 2; }
MISRA C++:2023 is the rewrite for modern C++ (C++17 baseline). It supersedes MISRA C++:2008 + the AUTOSAR C++14 guidance for new projects. PhantomYerra ships all 153 published rules in the native YerraCPP scanner - 7 Mandatory, 126 Required, 20 Advisory. AUTOSAR C++14 remains separately supported for in-flight projects that still target it (see AUTOSAR C++14 page).
| Class | Sample rules | Count | Coverage |
|---|---|---|---|
| Mandatory | Rule 4.1.3 (no implicit narrowing), Rule 7.0.1 (no use after move), Rule 21.10.1 (no UB on signed overflow) | 7 | 100% native |
| Required | Rule 5.0.1 (initialiser brace), Rule 8.18.2 (no recursion), Rule 9.6.2 (rule of five), Rule 18.5.2 (no raw new/delete in user code) | 126 | 100% native |
| Advisory | Rule 5.13.5 (no octal literals), Rule 6.4.1 (preferred enum class), Rule 19.3.1 (preferred name patterns) | 20 | 100% native |
A MISRA-compliant build is more than a passing scan - it's a documented deviation register, signed-off compliance certificate, and an audit trail. PhantomYerra produces all three from a single workspace.
| Step | Artifact produced | For whom |
|---|---|---|
| 01 - Configure target | Project policy declares MISRA edition (e.g. misra:c2023) | Project lead |
| 02 - Scan source | YerraSAST emits per-file, per-rule finding stream tagged with MISRA clause + decidability | CI / developer |
| 03 - Cross-tool verify | Findings cross-checked against bundled engines; confidence tier set | QA / lead |
| 04 - Deviation log | Operator marks accepted deviations with rationale + signoff name | Safety officer |
| 05 - Compliance certificate | DOCX / PDF certificate listing every Mandatory + Required result, every deviation, every reviewer signature | Audit / certification body |
Coverity publishes 211 MISRA-C 2023 rules and 179 MISRA-C++ 2023 rules; PhantomYerra ships 187 + 153 today. The 24 + 26 rule deltas are all in the Advisory / Decidable-Undecidable categories (rules that require human review either way). All Mandatory + Required rules - the ones that block a MISRA-compliant build - are 100% native in PhantomYerra.
Where PhantomYerra exceeds Coverity on this standard: (1) cross-tool corroboration with CodeQL + Semgrep + Clang Static Analyzer on every emission, raising signal/noise; (2) AI false-positive review with multi-adapter scoring; (3) ASIL grading per finding for the ISO 26262-bound subset of code; (4) air-gapped operation - no internet contact required during a scan; (5) perpetual licence pricing vs Coverity's subscription model. Closing the 24+26 rule advisory delta is on the live roadmap (target: next release).