Safety-Critical Coding Patterns

Guidelines adapted from NASA's Power of 10 rules for safety-critical software.

When to Apply

Full rigor: Safety-critical systems, financial transactions, data integrity code Selective application: Business logic, API handlers, core algorithms Light touch: Scripts, prototypes, non-critical utilities

"Match rigor to consequence" - The real engineering principle

The 10 Rules (Adapted)

1. Restrict Control Flow

Avoid goto, setjmp/longjmp, and limit recursion.

Why: Ensures acyclic call graphs that tools can verify. Adaptation: Recursion acceptable with provable termination (tail recursion, bounded depth).