Compliance
Neural Inverse tracks compliance against 8 industry safety and security standards for firmware projects.
Supported Frameworks
| Framework | Domain | Standard |
|---|---|---|
| MISRA C:2012 | Automotive, general embedded | Motor Industry Software Reliability Association |
| MISRA C:2023 | Automotive, general embedded | Amendment 4 update |
| CERT-C | Security-critical | SEI CERT C Coding Standard |
| IEC 62304 | Medical devices | Software life cycle processes |
| ISO 26262 | Automotive | Functional safety (ASIL A–D) |
| DO-178C | Avionics | Software considerations in airborne systems |
| IEC 61508 | Industrial | Functional safety (SIL 1–4) |
| AUTOSAR | Automotive platform | Automotive Open System Architecture |
Configuration
In your Firmware.inverse manifest:
{
"compliance": ["misra-c-2012", "iec-61508"]
}Multiple frameworks can be active simultaneously.
Compliance Tools
MISRA Check
> fw_misra_check_file src/drivers/spi.cAnalyses a single file against MISRA C rules. Returns violations with rule IDs, line numbers, and severity.
CERT-C Check
> fw_cert_c_check src/crypto/aes.cChecks against CERT C Secure Coding Standard.
Framework Violations
> fw_list_framework_violations misra-c-2012Lists all violations across the project for a specific framework, grouped by file and severity.
Safety Audit
> fw_safety_audit iso-26262Full framework audit — generates a comprehensive compliance report.
Traceability Matrix
> fw_generate_traceability iso-26262Produces a requirements-to-code traceability matrix for safety documentation and audits.
Pattern-Based Detection
The compliance engine detects common violation patterns without external tooling:
Memory Safety
- Pointer arithmetic past array bounds
- Use of banned functions (
malloc,freein safety-critical code) - Missing bounds checks
Type Safety
- Implicit narrowing conversions
- Signed/unsigned mismatches
- Essential type violations
Control Flow
- Unreachable code (dead code from constant conditions)
- Missing
defaultin switch statements - Missing
elseinif...else ifchains - Use of
goto
Concurrency
- Non-atomic read-modify-write on shared registers
- Missing volatile on ISR-shared variables
- Reentrant ISR risks
Declarations
- Unused variables/functions
- Identifier shadowing
- External linkage where internal would suffice
Integration with Checks Engine
When the GRC engine (neuralInverseChecks) is active, firmware compliance violations appear in the unified Checks dashboard alongside architecture and logic checks. The compliance tab in the Firmware console shows framework-specific status.
Compliance Status Bar
The status bar shows the active compliance framework. Clicking opens the compliance tab in the Firmware console.
Agent Tools
| Tool | Description |
|---|---|
fw_misra_check | Check a code snippet against MISRA |
fw_misra_check_file | Full file MISRA analysis |
fw_cert_c_check | CERT-C compliance check |
fw_safety_audit | Full framework compliance audit |
fw_list_framework_violations | List all violations for a framework |
fw_generate_traceability | Generate traceability matrix |
Last edited