Neural Inverse is Open Source →
DocsCompliance

Compliance

Neural Inverse tracks compliance against 8 industry safety and security standards for firmware projects.

Supported Frameworks

FrameworkDomainStandard
MISRA C:2012Automotive, general embeddedMotor Industry Software Reliability Association
MISRA C:2023Automotive, general embeddedAmendment 4 update
CERT-CSecurity-criticalSEI CERT C Coding Standard
IEC 62304Medical devicesSoftware life cycle processes
ISO 26262AutomotiveFunctional safety (ASIL A–D)
DO-178CAvionicsSoftware considerations in airborne systems
IEC 61508IndustrialFunctional safety (SIL 1–4)
AUTOSARAutomotive platformAutomotive Open System Architecture

Configuration

In your Firmware.inverse manifest:

{
  "compliance": ["misra-c-2012", "iec-61508"]
}

Multiple frameworks can be active simultaneously.

Compliance Tools

MISRA Check

> fw_misra_check_file src/drivers/spi.c

Analyses a single file against MISRA C rules. Returns violations with rule IDs, line numbers, and severity.

CERT-C Check

> fw_cert_c_check src/crypto/aes.c

Checks against CERT C Secure Coding Standard.

Framework Violations

> fw_list_framework_violations misra-c-2012

Lists all violations across the project for a specific framework, grouped by file and severity.

Safety Audit

> fw_safety_audit iso-26262

Full framework audit — generates a comprehensive compliance report.

Traceability Matrix

> fw_generate_traceability iso-26262

Produces a requirements-to-code traceability matrix for safety documentation and audits.

Pattern-Based Detection

The compliance engine detects common violation patterns without external tooling:

Memory Safety

  • Pointer arithmetic past array bounds
  • Use of banned functions (malloc, free in safety-critical code)
  • Missing bounds checks

Type Safety

  • Implicit narrowing conversions
  • Signed/unsigned mismatches
  • Essential type violations

Control Flow

  • Unreachable code (dead code from constant conditions)
  • Missing default in switch statements
  • Missing else in if...else if chains
  • Use of goto

Concurrency

  • Non-atomic read-modify-write on shared registers
  • Missing volatile on ISR-shared variables
  • Reentrant ISR risks

Declarations

  • Unused variables/functions
  • Identifier shadowing
  • External linkage where internal would suffice

Integration with Checks Engine

When the GRC engine (neuralInverseChecks) is active, firmware compliance violations appear in the unified Checks dashboard alongside architecture and logic checks. The compliance tab in the Firmware console shows framework-specific status.

Compliance Status Bar

The status bar shows the active compliance framework. Clicking opens the compliance tab in the Firmware console.

Agent Tools

ToolDescription
fw_misra_checkCheck a code snippet against MISRA
fw_misra_check_fileFull file MISRA analysis
fw_cert_c_checkCERT-C compliance check
fw_safety_auditFull framework compliance audit
fw_list_framework_violationsList all violations for a framework
fw_generate_traceabilityGenerate traceability matrix

Was this page helpful?

Last edited