The work of NASA developers is among the most demanding in the world of software engineering. They create mission-critical systems that must be reliable, secure, and error-free. As a result, coding standards at NASA are extremely strict, especially at the Jet Propulsion Laboratory (JPL), where safety-critical software is developed for space missions.
To ensure code quality and reduce the risk of failure, JPL's chief scientist, Gerard J. Holzmann, introduced the "Top Ten Rules for Developing Safety-Critical Codes." These guidelines are followed by all engineers and have become a cornerstone of NASA’s software development practices.
Although these rules were originally designed for C, they can be adapted to other programming languages as well. Here are the ten key principles:
1. **Simplify the control flow**: Avoid using complex constructs like `setjmp`, `longjmp`, `goto`, or recursive calls. Keep the program logic as simple and straightforward as possible.
2. **Use fixed loop limits**: All loops must have a static upper bound that can be verified by a tool. If this isn’t possible, the code violates this rule.
3. **Avoid dynamic memory allocation after initialization**: Once the system is initialized, no further dynamic memory should be allocated.
4. **Keep functions short**: Each function should fit on a single page, ideally not exceeding 60 lines of code. This helps maintain clarity and readability.
5. **Maintain low assertion density**: Include about two assertions per function. Assertions help detect runtime errors, but they should not have side effects and must be boolean-based.
6. **Declare variables at the smallest scope possible**: Limiting the visibility of data improves security and reduces bugs.
7. **Check parameters and return values**: Always validate inputs and check return values from function calls to catch errors early.
8. **Limit preprocessor use**: Only allow header inclusions and simple macros. Avoid complex preprocessor features like variable arguments or recursive macros.
9. **Restrict pointer usage**: Allow only one level of indirection. Avoid hiding dangling pointers in macros or type definitions.
10. **Compile with full warnings**: From day one, compile with the highest warning level. The code must compile without any warnings and pass static analysis tools daily.
These rules are not just suggestions—they are essential for ensuring the reliability of software used in space exploration. By following them, NASA engineers can minimize the risk of catastrophic failures in their systems.
Countdown Timer
FUNCTION DESCRIPTION
Countdown
socket has an AC outlet, the maximum can output 230 V16A of power,
there are two control modes, that is, countdown off and countdown on. It
is convenient to control the equipment which needs to switch off or
turn on AC. improve the safety of the use of some equipment and save
more energy.
SET Timer
1,Countdown
plug in the socket, all indicator lights red flash three times, at this
time the socket has no output, for the normal state, into the countdown
state. Click the button, the first red light up, the socket output
after an hour off, and then short press the button can set the socket
timing of 2 H.4H.6H.8H.10H.OFF.
2,Long
press button 3s, all indicator lights green flash three times, at this
time the socket has output, for the regular open state, into the
countdown on state. Click on the button, the first green light on, the
socket is closed an hour later, and then press the button to set the
socket countdown 2 H.4H.6H.8H.10H.OFF.
3,Press button 3 longer S, all indicator lights red light flash 3 times again into countdown mode.
4,Select
the required countdown time mode, the corresponding mode countdown
lights up, start countdown until the end of the countdown time. The
outlet that controls the output will start or stop the output.
5,After the countdown starts, the time indicator will change automatically from high to low until the countdown is over.
NOTE:
1,Check that the power connection is good.
2,Use only indoors and in dry places.
3,This product does not convert AC voltage.
4,Maximum load not exceeding 16A 3680W.
5,Grounding is required for safety.
6,Any questions, please contact the electrician.countdown timer socket, countdown timer plug, Countdown digital timer, Countdown socket, countdown switch socket
NINGBO COWELL ELECTRONICS & TECHNOLOGY CO., LTD , https://www.cowellsocket.com