Static Analysis to Detect Runtime Problems Without Executing Code
Parasoft C/C++test detects complex runtime-like problems early in the development stage – without the need to execute costly runtime tests. C/C++test analyzes the execution paths through the code, and finds possible issues (i.e. null pointer dereferencing, division by zero, memory leaks) and security vulnerabilities (i.e. tainted data file, buffer overflows, command injection, SQL injection).
Code Compliance With Industry Standards
Parasoft C/C++test provides set of built-in C/C++ code checker (rules) for verifying compliance with standards like MISRA C 2012, MISRA C++ 2008, JSF AV C++, SEI CERT C/C++, AUTOSAR C++14, HIC++ and more. Such analysis is recommended/required for regulated industries (automotive, medical, aviation etc.), functional safety development (with standards like ISO 26262, IEC 61508 or DO-178C), and security (SEI CERT C/C++, CWE, OWASP). Parasoft Compliance Packs provide users with industry-specific configurations, along with dynamic compliance reporting dashboards, to help stakeholders easily understand progress.
Ability to Easily Add Checkers for Custom Coding Standards
C/C++test helps users verify company-specific or team-specific guidelines and coding standards with its specialized editor for creating custom rules (checkers), enabling users to extend (or replace) built-in rules provided with C/C++test, without writing any scripts.
Collection of Source Code Metrics
Code metrics collected during C/C++ static analysis provide further insight into code quality and help you eliminate bugs. These metrics are collected and analyzed on a per-unit, per-build level of granularity. Teams can use this information to access high-risk code that is too complex, for example, as candidates for better testing or refactoring.
Centralized Reporting and Analytics
Results from C/C++test’s static code analysis tools can be viewed in Parasoft’s dynamic reporting dashboard, enabling automated post-processing and advanced reporting strategies using historical data. It’s easy to see static analyzer results across builds over time, even when working with large codebases and legacy code where visibility into the code is typically challenging, so you can quickly focus on the quality of the newly-added code.
With widgets that automatically track compliance with a given coding standard, users get a dynamic view into the compliance process, and can easily produce automatic reports for code audits.
Qualification Kits for Safety-Critical Software Development
Along with being independently certified for use in any safety-critical project by TÜV SÜD, entitling use of C/C++ static analysis tools without any further qualification/validation effort, Parasoft also provides Qualification Kits that go way beyond simple documentation to dramatically reduce the amount of time and effort required for achieving tool qualification for standards like ISO 26262, DO-178B/C, IEC 61508, IEC 62304, and EN 50128.
A unified testing solution means only one vendor to deal with. Parasoft’s qualification kits provide a certifiable and qualifiable test tool suite, taking the risk out of safety-critical testing and qualification, while saving time by only having to qualify a single solution for multiple testing practices.