| CARVIEW |
Select Language
HTTP/2 301
date: Tue, 20 Jan 2026 19:50:07 GMT
content-type: text/html; charset=iso-8859-1
location: https://spinroot.com/p10/
server: cloudflare
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self';
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4SL53SxXNclD18LpldL7k001gYpfcWhJqSdU42lJ9qNFdb9HKM2RdrkUBbNKCuLT%2B1%2FA%2FYb0BAjPYjuKsz57owAtOur%2B8gCGPmmcbA%3D%3D"}]}
cf-ray: 9c111956084c3bec-BOM
alt-svc: h3=":443"; ma=86400
HTTP/2 200
date: Tue, 20 Jan 2026 19:50:09 GMT
content-type: text/html
server: cloudflare
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self';
last-modified: Thu, 25 Jun 2009 19:30:18 GMT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=rcewdhOoCkJM0YvBE2pfpup2F7Y%2Fb%2BhWI%2BmueuEemFUepFziJvChUYmMCcOtJ2bpwc9ql5pS1l%2BY84pEr%2FmKekoagOLlElr5O%2BUeXA%3D%3D"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: gzip
cf-ray: 9c11195ab9e63bec-BOM
alt-svc: h3=":443"; ma=86400
The Power of Ten -- Rules for Writing Safety Critical Code
The Power of Ten
Based on: ''The Power of Ten -- Rules for Developing Safety Critical Code,'' IEEE Computer, June 2006, pp. 93-95 (PDF).
The Power of Ten
10 Rules for Writing Safety Critical Code
| 1 | Restrict to simple control flow constructs. | (details) | |
| 2 | Give all loops a fixed upper-bound. | (details) | |
| 3 | Do not use dynamic memory allocation after initialization. | (details) | |
| 4 | Limit functions to no more than 60 lines of text. | (details) | |
| 5 | Use minimally two assertions per function on average. | (details) | |
| 6 | Declare data objects at the smallest possible level of scope. | (details) | |
| 7 | Check the return value of non-void functions, and check the validity of function parameters. | (details) | |
| 8 | Limit the use of the preprocessor to file inclusion and simple macros. | (details) | |
| 9 | Limit the use of pointers. Use no more than two levels of dereferencing per expression. | (details) | |
| 10 | Compile with all warnings enabled, and use one or more source code analyzers. | (details) |
Based on: ''The Power of Ten -- Rules for Developing Safety Critical Code,'' IEEE Computer, June 2006, pp. 93-95 (PDF).