In the last years the software code quality and security became increasingly important. Static code analysis is about analyzing source code without executing the code to find potential bugs, vulnerabilities and security threats. Static code analyzer look for patterns which can cause code quality problems or security vulnerabilities. A big advantage of static code analyzers is they scan all code of a project. If there are problems in corners of applications which are not even used, there is a high probability that static code analysis finds these. By using static code analysis tools, problems can be allocated early in the development process, where the cost to fix them is still low.
ECLAIR is a powerful platform for software verification. ECLAIR works on the desktop to find critical defects while software is being coded, in the context of the build environment and compiler. The extreme flexibility of ECLAIR allows it to be tailored for any software verification problem and to any software development process. The coding rules are specified in a very high-level language using a powerful library of services, something that greatly facilitates the adoption of project-specific coding rules.
» ECLAIR platform for static code analysis and software verification (German language)
With Klocwork development teams can find possible errors already while they are writing their code. The on-the-fly analysis works like a spell checker. Together with the cross project impact analysis, possible risks in the code can be found at already at a very early development stage.
» Static code analysis with Klocwork
DA-C offers a comprehensive set of tools for the developer, including MISRA-C checker, flowchart and project explorer as well as a set of metrics.
» DA-C Toolbox for developer