You must log in or # to comment.
I’m a NASA software engineer writing spacecraft flight software. A few thoughts:
- I’m not at JPL and I don’t know how religiously they follow these rules, but we really don’t. They’re not part of our official or unofficial standard practice. Indeed, I can’t even find a reference to the rules on nasa.gov
- Most of these rules are considered obvious these days. Most of the rest we don’t follow either. (at least not absolutely)
- This video critically misstates the rule about heap allocation, which is perhaps the most significant difference between how we write software and how non-safety critical systems are written. Dynamic allocation is allowed during initialization. This is a massive, massive difference in terms of how easy it is to write code compared to stack-only.
- The video also misses the mark on preprocessor usage. Especially in C, you have very little choice but to rely on the preprocessor. We avoid it, but the kind of multi-path compilation he describes is necessary to enable thorough testing of the code.
- We’re still human. Even where the rule is good and we follow it in principle, you will still find all too many exceptions in the actual code.
If you really want to see how the sausage is made, the software framework used by many NASA missions is open source and on GitHub.