GrammaTech CodeSonar

Many critical processes in our lives today are controlled by software systems, from airplanes, to power grids, to nuclear power plants to self driving cars, to infusion pumps to trains. The software in these devices is becoming ever more complex and development teams can use all the help they can get to develop these devices quicker while maintaining high safety standards. Static analysis is here to help.

Many functional safety standards such as IEC 61508, DO178 B/C, CENELEC EN 50128, ISO 26262 and others either recommend or mandate the use of static analysis to improve code quality and enforce coding standards. CodeSonar is specifically developed to assist software developers in building these safety and security critical software systems. Its high levels of defect recall, its whole program, deep analysis using abstract execution, the elaborate explanations of warnings, including warning paths and code navigation and the extensibility make it a favorite for developers of systems that cannot fail.

Static analysis is a great help during the software development phase, but it can also be a great time-saver in the functional safety process. This is where the CodeSonar Safety Qualification Kit comes in. This kit is the extension to CodeSonar that helps the functional safety team understand where static analysis fits in the safety process and how they can build on it. The Safety Qualification Kit helps the safety team qualify CodeSonar in the development environment, and generate the Tool Classification Report, the Tool Qualification Plan, the Tool Qualification Report and the Tool Safety Manual. These documents provide the guidelines the team can follow during the functional safety process.

The Qualification Kit is a very flexible tool and grows with the needs of the project. It is not version dependent and can be re-executed after changes to the project such as changes to the software, the toolchain, the operating systems and others.