NASA (NaTIonal AeronauTIs and Space AdministraTIon, abbreviated NASA) is an independent agency of the US federal government responsible for the development and implementation of US civil space programs and research in aerospace science and space science. In addition to the space program, NASA also conducts long-term civil and military aerospace research.
In the eyes of ordinary people, NASA is a very "advanced" organization with a large number of scientists and researchers in different fields. Similar to any other organization, NASA's daily work and almost all of the projects it performs are inseparable from the computer's assistance. Due to the particularity and importance of the requirements, many of the computer software they use are internally developed. , playing a role in key areas of some important projects.
Last year, a former NASA intern uploaded the source code of the Apollo Guidance Computer system, the No. 11 computer of the American Apollo Moon Landing Project, to GitHub, which caused a great deal among the developer community. Hot discussion.
In addition, NASA officials have also opened up some of their source code to GitHub, allowing us to take a look at the professional level of code written by smart brains in this top research institution.
Large, complex software projects often follow certain code writing standards and guidelines. These guidelines lay down the basic principles that must be followed during software development.
a) How is the structure of the code arranged?
b) What language features should or should not be used?
For the sake of effectiveness, these principles must be as concise as possible and must be specific enough to be better understood and remembered.
This article will introduce 10 code-writing principles that are focused on safety parameters, as proposed by Gerard J. Holzmann, chief scientist at NASA's Jet Propulsion Laboratory. Of course, these principles also apply to other programming languages.
The world's top programmers working for NASA follow this set of guidelines when writing highly secure code. In fact, many organizations, including the NASA Jet Propulsion Laboratory, mainly choose to write code in C.
The reason is that this language has comprehensive tool support, including logic model separator, debugger, static compiler, strong source code analyzer, and measurement tools.
Sometimes writing code must follow certain principles, especially in areas where the correctness of the code can have a decisive impact on human life, such as airplanes, spacecraft that bring astronauts into orbit, and miles away from where they live. Control code for the operation of facilities such as nuclear power plants.
Principle 1 – Simplified Control Flow (Simple Control Flow)
Use a streamlined control flow to construct a program -- don't use setjmp or longjmp constructs, goto statements, and direct or indirect recursion.
Why: Simplified control flow helps improve code clarity and code verification. Without recursion, looped function call graphs are not generated, which also proves that all bounded executions are actually bounded.
Principle 2 – Fixed Upper Bound for Loops
All loops must have a fixed number of upper limits. We can statically prove through the verification tool that the upper limit set for the number of iterations in the loop is not exceeded.
If the limit of the number of cycles cannot be proved statically, it can be considered that this principle is not followed.
Reason: Setting the number of limits for the loop and avoiding recursion can help prevent code from getting out of hand. However, this principle cannot be applied to iterations that should not be terminated (such as the process scheduler). The inverse principle of this principle will be followed at this point: it must be able to statically prove that the iteration cannot be terminated.
Principle 3 – No Dynamic Memory AllocaTIon
Do not perform dynamic memory allocation after initialization is complete.
Cause: Memory allocation mechanisms such as malloc, and garbage collectors often produce unpredictable behavior that can have an impact on performance. More importantly, there may be memory errors caused by programmer errors, such as:
Attempting to allocate more memory than the amount of available physical memory
Forgot to release memory
Continue to use the memory that has been released
Cross-border use of allocated memory
All modules should be forced to be in a fixed-size, pre-allocated storage area to avoid such problems and simplify verification of memory usage.
In the case of unallocated memory in the heap, the only way to dynamically request memory is to use stack memory.
Principle 4 – No Large Functions
The length of any function should not exceed the number of characters that can be held on the previous page of paper printed using the standard reference format (up to one line per statement, up to one line per statement). This means that the function's code should not exceed 60 lines.
Cause: A function that is too long usually means that the structure is not optimal. Each function should be a single logical unit that is understandable and verifiable. Such a logical unit is often extremely difficult to understand if a multi-screen interface is required on a computer monitor to display it completely.
Principle 5 – Low Assertion Density
2000 puffs disposable vape pen are so convenient, portable, and small volume, you just need to take them
out of your pocket and take a puff, feel the cloud of smoke, and the fragrance of fruit surrounding you. It's so great.
We are China's leading manufacturer and supplier of disposable vape puff bars, 2000 puffs disposable vape,2000 puff vape pen,2000 puff e-cigarette kit
disposable vape 2000 puffs,2000 puffs vape kit, and e-cigarette kit, and we specialize in Disposable Vapes, e-cigarette vape pens, e-cigarette kits, etc.
2000 puffs disposable vape,2000 puff vape pen,2000 puff e-cigarette kit,disposable vape 2000 puffs,2000 puffs vape kit
Ningbo Autrends International Trade Co.,Ltd. , https://www.mosvape.com