Much more information is needed on the kinds of mistakes developers make and the likelihood that these mistakes will lead to faults in software. Very large quantities of source code have been published under a variety of open source license agreements. Measurements of this source code can provide data on how often a construct covered by a coding guideline appears in real code. For instance, one of the MISRA-C guidelines specifies that the operand of the sizeof operator should not have any side-effects. I failed to find any violation of this guideline in a large quantity of source code. There are a number of possible explanations for this lack of usage. Perhaps people who write open source software don’t make this mistake. Perhaps they do make it but detect it before the software is released. Or perhaps the guideline is recommending against a usage that rarely occurs in practice.
Does selling into the high-integrity software market have sufficient return on investment to overcome the risks it presents? Companies do have a choice about whether they want to be involved with this market. It looks like Sun has decided to keep some of its products out of parts of this market. The Sun Java binary license includes these words: "Licensee acknowledges that Licensed Software is not designed or intended for use in the design, construction, operation, or maintenance of any nuclear facility..." This is an issue that suppliers of tools (for example, compiler writers), who may be unaware of the use to which their products are being put, will need to address at some point. If a company’s tools are involved in the development of software used in a high-integrity application that causes death or serious injury, is that company legally liable in any way? This is a legal gray area, and companies might decide that the market is not large enough to warrant the risk.
Because of the small number of deaths and serious injuries that have been directly attributable to software faults, there has been little legal activity in this area. The extent to which developers and managers might be legally liable for faults in the software they produce is a gray area. Unfortunately, it’s likely that clarification won’t occur until more people have been killed or injured by faults in software.