Skip to main content
What Is MISRA? The Definitive Guide to MISRA C and C++ for Indian Automotive Teams, featured image

What Is MISRA? The Definitive Guide to MISRA C and C++ for Indian Automotive Teams

GSAS Engineering · · 5 min read

If you work in embedded software anywhere in the automotive, aerospace, medical, or industrial sectors, you have encountered MISRA. The name appears in customer requirements documents, in functional safety plans, in OEM supplier quality manuals, and in job postings for embedded engineers across India. But what exactly is MISRA, where did it come from, and why does it hold the position it does? This guide provides a comprehensive answer.

Origins: The SafeIT Programme and Automotive Roots

MISRA stands for the Motor Industry Software Reliability Association. It was established in 1994 as part of the UK government’s SafeIT programme, a collaborative initiative between the automotive industry and academia to improve the reliability of software in vehicles. The founding members recognised that the C programming language, while essential for embedded development, contained constructs and behaviours that were inherently dangerous in safety-critical contexts: undefined behaviour, implementation-defined behaviour, and constructs that were technically legal but practically hazardous.

The first MISRA C guidelines were published in 1998. They were not a language standard in the ISO sense. They were, and remain, a set of industry-consensus coding rules designed to restrict the use of C to a safer, more predictable subset. This distinction matters. MISRA guidelines do not change the C language. They tell you which parts of the language to avoid, which constructs to prefer, and how to document intentional deviations.

MISRA is a registered trademark and is governed by a consortium of automotive and technology organisations. Its guidelines are developed through a formal committee process, drawing on decades of accumulated field experience with safety-critical embedded systems.

MISRA C: From 1998 to 2025

The MISRA C guidelines have evolved through several major revisions, each reflecting changes in the C language standard and lessons learned from industry adoption.

MISRA C:1998 was the original publication, targeting C90. It established the foundational approach of mandatory and advisory rules. MISRA C:2004 expanded the rule set and refined the classification system. It became the most widely adopted version and remained in active use for nearly a decade. MISRA C:2012 was a major revision that restructured the guidelines around the C99 language standard, introduced a clearer taxonomy of directives and rules, and added a decidability classification to indicate which rules could be fully enforced by automated tools and which required human judgement. MISRA C:2023 updated the guidelines to cover C11 and C17 language features, incorporated new security-oriented rules, and strengthened alignment with ISO/IEC TS 17961 (C Secure) and CERT C. MISRA C:2025 is the current edition, containing 225 active guidelines. It represents the most comprehensive version to date, with expanded coverage of concurrent programming, security-relevant coding patterns, and alignment with modern functional safety and cybersecurity standards.

MISRA C++: From 2008 to 2023

C++ adoption in safety-critical embedded systems has grown steadily, particularly in automotive and aerospace, where the language’s abstraction capabilities offer productivity benefits if used carefully.

MISRA C++:2008 was the first edition, targeting C++03. It followed the same philosophy as MISRA C: restrict the language to a safer subset. MISRA C++:2023 is a ground-up rewrite covering C++17. It represents a modern approach to safe C++ usage in embedded systems and aligns with the AUTOSAR C++ guidelines, which were themselves derived from MISRA C++:2008. For teams operating in the AUTOSAR ecosystem, MISRA C++:2023 provides a natural migration path.

MISRA C vs MISRA C++

The choice between MISRA C and MISRA C++ is not simply about which language your project uses. MISRA C addresses the broader embedded ecosystem where C dominates: microcontrollers, real-time operating systems, bare-metal firmware, and legacy codebases. MISRA C++ targets applications where object-oriented design and modern C++ features offer genuine advantages in safety-critical contexts, such as autonomous driving software stacks and avionics middleware.

Many Indian automotive teams maintain both C and C++ codebases within the same product line. In these environments, enforcing both MISRA C and MISRA C++ with consistent tooling and deviation management processes is essential.

Why MISRA Matters Beyond Automotive

MISRA’s influence extends well beyond the automotive industry that gave it its name. The guidelines are referenced in functional safety standards across multiple domains.

ISO 26262 (automotive functional safety) explicitly recommends MISRA C as a method for achieving software unit design and implementation in compliance with ASIL requirements. It appears in Part 6, Table 1, as a recommended practice for enforcing a safe subset of a programming language. IEC 61508 (industrial functional safety) and its sector-specific derivatives, including IEC 62304 for medical device software, reference the same principle of using a restricted language subset, and MISRA is the most widely adopted implementation of that principle. DO-178C (airborne systems) does not name MISRA directly, but the standard’s objectives around coding standards and verifiable code align precisely with what MISRA provides.

The practical result is that MISRA compliance is a customer requirement in nearly every safety-critical embedded market. It is not optional. It is the cost of entry.

Enforcement: Helix QAC and Klocwork

MISRA guidelines are designed to be enforced by automated static analysis tools. Manual enforcement through code review is neither scalable nor reliable for a rule set of 225 guidelines.

Helix QAC is the reference implementation for MISRA enforcement. It provides 100% coverage of MISRA C:2023 and MISRA C++:2023 guidelines, meaning every decidable rule is checked automatically and every undecidable rule is supported with diagnostic assistance. QAC is certified by TUV SUD for use in ISO 26262 and IEC 61508 tool qualification workflows. It generates the compliance reports, deviation records, and guideline re-categorisation plans that auditors and OEM quality teams require. Klocwork complements QAC by providing deep defect detection and security analysis mapped to CWE and CERT C rules. Teams that need both MISRA compliance and security vulnerability detection often deploy QAC and Klocwork together, with QAC handling coding standard enforcement and Klocwork handling interprocedural security analysis.

The Indian Context

The Perforce 2026 State of Automotive Software Quality report provides data that is directly relevant to Indian embedded teams. MISRA usage increased by 8% in 2026 compared to the previous year. Sixty-one percent of automotive software teams now use MISRA guidelines. Fifty-two percent of teams comply with ISO 26262, with customer mandates identified as the primary driver of adoption.

India’s automotive engineering services sector is deeply integrated into global OEM supply chains. When Tier 1 suppliers in Germany, Japan, or the United States require MISRA compliance from their software development partners, Indian teams are on the receiving end of those requirements. Understanding MISRA, not as an abstract standard but as a practical engineering discipline with specific tools, processes, and deliverables, is essential for competitiveness.

GSAS has delivered over 50 MISRA workshops across India, covering automotive, industrial, and defence teams. These workshops go beyond tool training. They establish coding standard baselines, configure enforcement tooling to match project-specific rule profiles, define deviation management workflows, and prepare teams for OEM audits.

Start with a MISRA Baseline

If your team is beginning its MISRA journey or upgrading from an older guideline version, the most effective first step is a compliance baseline assessment. GSAS conducts baseline workshops where we analyse a representative portion of your codebase against the current MISRA C or C++ guidelines, identify the most common violation patterns, and help you build a prioritised remediation plan. Contact us to schedule a MISRA compliance baseline workshop for your team.

Interested in Perforce tools?

Talk to our application engineers for personalized tool recommendations.

Stay in the Loop

Get monthly compliance updates, product insights, and engineering best practices delivered to your inbox.