MISRA C++ 2023 is the coding standard for C++ in safety-critical systems. It defines the subset of the language you can trust when the software controls brakes, ventilators, or flight surfaces.
Most pages about it are either a bare release notice or a tool vendor’s landing page. This one covers what the standard actually contains, where the document really comes from, and which tools check it.
What MISRA C++ 2023 solves: C++ leaves plenty of behavior undefined or compiler-specific, and in a safety-critical system those gaps become failures nobody can reproduce. The guidelines fence off the constructs that cause them, so the code that ships behaves the same way every time, on every compiler.
What is MISRA C++ 2023?
MISRA C++:2023 was published in October 2023 and targets C++17, as defined by ISO/IEC 14882:2017. It is the current edition, replacing both its 2008 predecessor and the AUTOSAR C++14 guidelines.
The document contains 179 guidelines, split into 4 directives and 175 rules.
Rules are precise enough for a tool to check mechanically. Directives need context a tool cannot see, like design intent or documentation.
Guidance like this exists because C++ gives you power the standard never promised to make safe. Signed overflow and uninitialized reads compile fine, then do whatever the platform feels like.
How MISRA C++ got here
The 2023 edition closed a 15-year gap during which the language changed three times while the official guidance stood still.
Edition | Published | Targets | Status |
|---|---|---|---|
MISRA C++:2008 | 2008 | C++03 | Superseded |
AUTOSAR C++14 guidelines | 2017 | C++14 | Superseded, merged into 2023 |
MISRA C++:2023 | October 2023 | C++17 | Current |
AUTOSAR filled the gap first. Its C++14 guidelines carried roughly 70 percent of the 2008 MISRA rules forward and added coverage for modern features, but that left two competing standards for the same job.
In January 2019, AUTOSAR and MISRA announced they would merge the AUTOSAR guidelines into the MISRA-led standard. MISRA C++:2023 is the result of that merge, and it is the single document both communities now point to.
What’s inside the guidelines
Every guideline carries a category that sets how negotiable it is.
Category | What it means |
|---|---|
Mandatory | No deviations, ever |
Required | Deviations allowed with a formal, documented justification |
Advisory | Recommended practice, deviations need no formal process |
Guidelines are also marked by decidability. A decidable rule can be checked completely by a tool, while an undecidable one (anything depending on runtime values) needs a human or a formal argument to close out.
The sections follow the structure of the C++ standard itself, running from basic concepts and standard conversions through expressions, and on to exception handling and the library.
Two rules up close
Numbers and categories are abstract, so here are two real guidelines and the defects they exist to kill. Both examples compile without errors.
#include <cstdint>
int32_t scale(bool flag) {
int32_t factor; // never initialized
if (flag) {
factor = 4;
}
return factor * 10; // read before set when flag is false
}
bool update(int32_t &x, int32_t y) {
if (x = y) { // assignment, comparison intended
return true;
}
return false;
}
Rule 11.6.2 says the value of an object must not be read before it has been set. The scale function violates it on any call where flag is false, and what comes back is whatever garbage occupied that stack slot.
Rule 8.18.2 forbids using the result of an assignment as a condition. The update function assigns instead of comparing, so the condition is true whenever y is nonzero, and x is silently overwritten.
A current compiler will warn about both if you ask nicely. Here is a real clang 21 run over that file with -Wall -Wextra.

Both defect classes caught by clang 21 in Docker. The difference under MISRA is that these stop being warnings you can scroll past and become policy your build enforces.
MISRA C++ 2023 vs AUTOSAR C++14
Teams migrating from AUTOSAR ask what actually changed, and the honest answer fits in a small table.
AUTOSAR C++14 | MISRA C++:2023 | |
|---|---|---|
Language target | C++14 | C++17 |
Maintained by | AUTOSAR consortium (frozen) | MISRA working group |
Status | Superseded | Current, actively maintained |
Compliance framework | AUTOSAR-specific | MISRA Compliance:2020 |
If you are on AUTOSAR C++14 today, nothing breaks tomorrow. New projects and new certifications should start from MISRA C++:2023, because that is where the maintenance and the tool support now live.
Where the PDF actually comes from
The MISRA C++:2023 PDF is not a free download, despite what a lot of search results imply. It is sold through the official MISRA webstore at £15.00 per named individual license.

The official product page. The license is per named person, non-transferable, and the PDF is on-screen only, so it refuses to be printed, which is very MISRA of it.
A hardcopy exists too, printed on demand through Amazon. The free downloads on misra.org.uk’s publications page cover amendments, addenda, and white papers, not the main guidelines documents.
Tools that check MISRA C++ 2023
Compliance at any real scale means static analysis, and vendors differ a lot in what they support. This table reflects each vendor’s own published claim as of July 2026.
Tool | MISRA C++:2023 support (vendor’s claim) |
|---|---|
Parasoft C/C++test | 100% coverage |
Perforce Helix QAC | 100% enforcement via its M2CPP module |
LDRA tool suite | Supported (an LDRA rep chaired the working group) |
MathWorks Polyspace | Full rules and directives reference |
SonarQube | All 179 guidelines, Enterprise editions only |
Cppcheck | Premium only, from 24.5.0. The free version has no MISRA C++ support |
PVS-Studio | Partial, 24% of Mandatory and Required by its own mapping |
clang-tidy | No official MISRA checks in upstream LLVM |
Two honest notes on that table. The 100% claims come from the vendors themselves, and “supports the rules” says nothing about false-positive rates, so pilot before you buy.
For the wider quality stack around a MISRA toolchain, CodeAnt AI covers the adjacent layer, reviewing C and C++ pull requests with SAST checks in the same pass.
It is a defensive and offensive security platform, and its docs ship a MISRA C:2012 compliance ruleset for C codebases. It does not claim MISRA C++ checking, so it complements the table above rather than replacing it.
Whichever checker you choose, wire it into the pipeline instead of running occasional audits. Our guide on integrating SAST into CI/CD covers that pattern, and the wider landscape is in the code quality tools roundup.
The MISRA family in 2026
MISRA C++:2023 is the current C++ edition, and nothing has amended it yet. Its sibling moved more recently, with MISRA C:2025 published in March 2025.
The official MISRA FAQ confirms a new MISRA C++ version is in development, with no date announced. Waiting for it is not a strategy, since certifications signed today reference the 2023 edition.
Where this leaves you
MISRA C++:2023 is a £15 document that unified fifteen years of competing guidance into one current standard. Buy it, pick a checker from the table above, and enforce it from the first commit.
Retrofitting compliance onto a finished codebase is the expensive version of the same work. The metrics that show whether the codebase stays healthy alongside compliance are in our guide to code quality metrics worth tracking.
FAQs
What is MISRA C++ 2023?
Where can I download the MISRA C++ 2023 PDF?
Why is MISRA C++ important?
How is MISRA C++ 2023 different from AUTOSAR C++?
How do you achieve MISRA C++ compliance?











