Webinar Wed., June 17: Best Practices for Software Trustworthiness in IIOT Applications Register Here

CodeSonar for C/C++

CodeSonar empowers teams to quickly analyze and validate source and binary code, identifying serious vulnerabilities that could lead to system failures, poor security and reliability, system breaches, or unsafe conditions.

 

CodeSonar tracks vulnerabilities between software releases and integrates directly into CI/CD and DevSecOp pipelines to extend team scalability all the while improving quality and instilling confidence.

 

CodeSonar for C/C++ finds

 

Coding style violations

 

MISRA C:2012, AUTOSAR, IS0-26262, DO-178C, JPL, Power of 10, or ISO/IEC TS 17961 as well as initiatives such as MITRE's CWE

Code inconsistancies

 

Dead code, unreachable computation, double close

Defects

 

Buffer over-runs, null pointer dereferences and many other problems that can impact your quality and security

 

CodeSonar supports

  • Control-flow, data-flow and abstract execution engine
  • Whole program static analysis that spans procedures and compilation units
  • Analysis on programs from 10s of thousands to 100s of millions of lines of code
  • Incremental analysis, including the use of parallel, distributed and cloud compute resources
  • Safety certification against standards like IEC 61508, ISO 26262 and CENELEC EN 50128 and can be used as well for avionics safety using standards like DO-178C / DO-330