Automate the Verification of Your Code
Today’s embedded, M2M, and IoT devices are being developed in an increasingly agile, rapid-deployment paradigm, delivering highly sophisticated capabilities to the market more quickly than any time in history. To do so, teams are utilizing legacy code, open source, 3rd-party, and new proprietary code, to develop software for new devices that are being deployed to highly connected ecosystems, exposing them to new risks – including serious cyber threats. In fact, software has become the leading cost in the production of safety-critical systems – a full third of the cost of a new airplane is in software and software development. In automobiles, 25% of the capital costs of a new vehicle are now electronics (including software).
Software has afforded amazing new capabilities, but its exponential growth and associated costs have made it effectively unaffordable. To cope with these issues, software teams are looking for increased levels of test and verification automation – helping to speed verification while driving higher testing coverage.
Static analysis has been proven to be a highly valuable member of software verification tool suites, yielding significant benefits to development, QA, and audit teams by:
- Dramatically increasing code coverage, including source and binary code. Static analysis doesn’t depend on test cases being written, enabling teams to ensure complete coverage and analysis.
- Enhancement of system expertise. Static analysis helps teams gain system expertise by combining strong visualization views of the system while performing verification needs, enabling groups to minimize their reliance on in-house system experts.
- Analyzing highly complex scenarios tough to replicate in testing environments. Static analysis can identify highly complex concurrency and data flow issues that may be difficult to replicate in lab environments.
- Improved code quality and security metrics.
- Improved code compliance - coding standards, industry standards, and more
"CodeSonar does a better job of finding the more serious problems, which are often buried deep in the code and sometimes hidden by unusual programming constructs that are hard for other static analysis tools to parse."
– GE AviationLearn more
Embedded Software Design:
Understanding Best Practices for Static Analysis Tools
This paper reviews a number of the growing complexities that embedded software development teams are facing, including the proliferation of third-party code, increased pressures to develop secure code, and the challenges of multi-threaded applications.