Webinar Wed., June 17: Best Practices for Software Trustworthiness in IIOT Applications Register Here

CodeSonar for C/C++

CodeSonar empowers teams to quickly analyze and validate source and binary code, identifying serious vulnerabilities that could lead to system failures, poor security and reliability, system breaches, or unsafe conditions.


CodeSonar tracks vulnerabilities between software releases and integrates directly into CI/CD and DevSecOp pipelines to extend team scalability all the while improving quality and instilling confidence.


CodeSonar for C/C++ finds


Coding style violations


MISRA C:2012, AUTOSAR, IS0-26262, DO-178C, JPL, Power of 10, or ISO/IEC TS 17961 as well as initiatives such as MITRE's CWE

Code inconsistancies


Dead code, unreachable computation, double close



Buffer over-runs, null pointer dereferences and many other problems that can impact your quality and security


CodeSonar supports

  • Control-flow, data-flow and abstract execution engine
  • Whole program static analysis that spans procedures and compilation units
  • Analysis on programs from 10s of thousands to 100s of millions of lines of code
  • Incremental analysis, including the use of parallel, distributed and cloud compute resources
  • Safety certification against standards like IEC 61508, ISO 26262 and CENELEC EN 50128 and can be used as well for avionics safety using standards like DO-178C / DO-330