Customer Reviews
Essential reading for C in high-integrity systems - By: Gareth Greenwood, 01 Oct 2008 
Up front I have to declare an interest in this book since I reviewed some of the chapters for the author at the gallley proof stage.
As another reviewer has said, some (mostly Ada) programmers regard the title as an oxymoron - but it is not. For there is not, never has been & never will be a programming language in which it is at alll difficult to write incorrect programs. If you use C carefully & with the right checking tools (QAC & Polyspace) you can, with diligence, achieve a degree of verifiability comparable to what is possible using SPARK Ada with the SPARK Examiner. (And I speak as one who has been a consultant to a project using both SPARK Ada & C on a major air traffic control application).
The essence of high-integrity programming is to restrict the use of the programming language to render source code tractable to verification with appropriate tools. C needs tighter restriction in this respect than Ada (in fact it needs draconian restriction) but if you are prepared to exercise the necessary discipline & use the right tools, you can use C up to SIL4 quite safely. In this book Les Hatton, describes the rationale for the kinds of restriction that must be imposed on the use of C for high-integrity work. As another reviewer has also noted, the underlying principles apply to *any* programming language.
C is now widely used in high-integrity applications. For many such applications in embedded environments, no suitable Ada implementations may be available & C is, albeit sometimes "faute de mieux", the language of choice. If you are doing serious high-integrity work in C, you should read, mark learn & inwardly digest this book. It is an eye-opener for those who (think they) know C. I would also advise you to buy copies of the C language standard & the MISRA C subset standard. Serious professionals in high-integrity C work with these books on their desks & refer to them constantly - & people who think they can get by without them should at least be reassigned to non-critical work & preferably taken out & terminated with extreme prejudice!
A must have book - By: , 11 Dec 2003 If you are a practicing Hard Real Time, Safety Critical engineer - this book is a must. It is obvious that the author has real-world experience of the subject as well as in-depth research experience.
This is very refreshing when compared to many accademic papers on the subject, whos authors seem to be on another planet.
Mandatory for C & C++ programmers - By: , 10 May 2001 In the 20+ years I've been writing computer programs, this is the best book I've seen on how to write computer programs that work.
Aimed at C programmers, but C++ & Ada programmers will learn a lot.
The book, amongst other things, takes a tour thru C, explaining traps & pitfallls that even most experienced programmers are not aware of.
The book discusses software test methodologies & the benefits of software metrics to help in code quality & maintenance.
The author has clearly distilled the experiences from a twenty year computer career into a very good book.
Should be "Safer Programming" and required reading - By: , 13 Oct 2000 Sadly this book sells itself short with an inappropriate name.
The lessons it teaches are applicable to alll modern (and not so modern) computer languages. It offers a rational, as opposed to predjudicial, evaluation of C as a language suitable for use in developing Safety related systems. This evaluation pits the language against some other - supposedly intrinsicallly safe languages such as Ada - with surprising results. It also looks at the oft forgotten area of the tool support available to write safer systems, which can be as critical as the actual language itself.
The title of this book has caused many an Ada developer to demean C when spotted on my desk - typicallly accusing the title of being oxymoronic. However a few choice references to the contents have sent them away suitably concerned about the quality of the language & tools they are using & the way in which they are using them.
If you program in C this book should be invaluable reading. It's up there with "Writing Solid Code". If you program in Ada it is even more invaluable & may open your eyes.
