CodeSonar 4 for Embedded Systems
Finding defects early in the application development lifecycle prevents costs and consequential errors. CodeSonar addresses this most complex challenge facing embedded developers.
Deepest source code analysis best
Compared with other static analysis tools, CodeSonar´s static analysis engine typically finds twice as many critical defects, while maintaining user-friendly false-positive rates. These additional bugs are found by a single, unified dataflow analysis that analyzes the underlying computation of the entire program.
Dank einer Datenfluss-Analyse der gesamten Software findet CodeSonar eine Vielzahl zusätzlicher Fehler. Mit dieser Analysemethode findet CodeSecure auch komplexe Bugs, die neue oder ungewöhnliche Fehlermuster haben.
Other static analysis tools are based on multiple pattern-matching checkers, which only catch defects that happen to match the pattern of one of the checkers. The more general symbolic execution of CodeSecure identifies a broader range of problems and provides much better detection of the most grievous defects, including bugs which follow unusual or new patterns.
Integrated Binary Analysis:
Review of libraries and other third-party code
The integrated binary analysis of CodeSonar extracts the semantics of the binary code. They are used to present warnings in the parts of the source code that interact with the binary. The identification of defects in the third-party code can protect all of your code against security vulnerabilities such as format string attacks and command injections. > learn more
Expanded Multi-Core Checks:
Remove complex bugs as early as possible
The ability to detect complex concurrency defects is increasingly important because there is a growing dependence on multi-threaded software and usage of multi-core processors. In addition to CodeSonar´s robust C/C++ concurrency checks, the Java-specific defect detection from ThreadSafe defends your code against errors like race conditions, deadlocks, and livelocks, ensuring the safety of your code. > learn more
Integrated Security Analysis:
Safeguard against dangerous cyber attacks
The attack surface of traditionally isolated applications has expanded in new and unpredictable ways. Responsible for this development are the networking and internet-enabled capabilities which contine to proliferate within embedded systems. The embedded security analysis complements the security features of CodeSonar and support US-CERT´s Build Security In and MITRE´s CWE. An additional, the Visual Taint Analysis capability enhances the detection and elimination of vulnerabilities caused by potentially dangerous information flows. > learn more
Compliance with Coding Standards:
Simplification of your certification process
Industry-specific standards for code quality and security drive the regulation of embedded software. To pursue and achieve relevant certifications CodeSonar has in addition to existing DO-178 analysis capabilities checkers for MISRA C 2012. > learn more