HOME

TheInfoList



Click Here for Items Related To - CodeSonar
OR:
CodeSonar on:   [Wikipedia]   [Google]   [Amazon]

CodeSonar is a
static code analysis In computer science, static program analysis (or static analysis) is the analysis of computer programs performed without executing them, in contrast with dynamic program analysis, which is performed on programs during their execution. The term ...
tool from
GrammaTech GrammaTech is a software-development tools vendor based in Bethesda, Maryland with a research center based in Ithaca, New York. The company was founded in 1988 as a technology spin-off of Cornell University. GrammaTech is a provider of application ...
. CodeSonar is used to find and fix
bugs Bugs may refer to: * Plural of bug Arts, entertainment and media Fictional characters * Bugs Bunny, a character * Bugs Meany, a character in the ''Encyclopedia Brown'' books Films * ''Bugs'' (2003 film), a science-fiction-horror film * ''Bugs ...
and security vulnerabilities in source and binary code. It performs whole-program, inter-procedural analysis with abstract interpretation on C, C++, C#,
Java Java (; id, Jawa, ; jv, ꦗꦮ; su, ) is one of the Greater Sunda Islands in Indonesia. It is bordered by the Indian Ocean to the south and the Java Sea to the north. With a population of 151.6 million people, Java is the world's mo ...
, as well as x86 and ARM binary executables and libraries. CodeSonar is typically used by teams developing or assessing software to track their quality or security weaknesses. CodeSonar supports
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which i ...
,
BSD The Berkeley Software Distribution or Berkeley Standard Distribution (BSD) is a discontinued operating system based on Research Unix, developed and distributed by the Computer Systems Research Group (CSRG) at the University of California, Be ...
,
FreeBSD FreeBSD is a free and open-source Unix-like operating system descended from the Berkeley Software Distribution (BSD), which was based on Research Unix. The first version of FreeBSD was released in 1993. In 2005, FreeBSD was the most popular ...
,
NetBSD NetBSD is a free and open-source Unix operating system based on the Berkeley Software Distribution (BSD). It was the first open-source BSD descendant officially released after 386BSD was forked. It continues to be actively developed and is a ...
,
MacOS macOS (; previously OS X and originally Mac OS X) is a Unix operating system developed and marketed by Apple Inc. since 2001. It is the primary operating system for Apple's Mac (computer), Mac computers. Within the market of ...
and
Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for ...
hosts and embedded operating systems and compilers. CodeSonar provides information for every weakness found, including the trace through the source code that would trigger the bug as well as a call-tree visualization that represents how the weakness is related to the wider application.


Functional safety compliance

CodeSonar supports compliance with functional safety standards like
IEC 61508 IEC 61508 is an international standard published by the International Electrotechnical Commission consisting of methods on how to apply, design, deploy and maintain automatic protection systems called safety-related systems. It is titled ''Functi ...
,
ISO 26262 ISO 26262, titled "Road vehicles – Functional safety", is an international standard for functional safety of electrical and/or electronic systems that are installed in serial production road vehicles (excluding mopeds), defined by the Interna ...
, DO-178B/C, or ISO/IEC TS 17961. CodeSonar's warning classes also support several coding standard initiatives, including MITRE's CWE, JPL, Power of 10, MISRA C/C++ and SEI CERT C.


Applications

CodeSonar is used in the defense/aerospace, medical, industrial control, automotive, electronic, tele/datacommunications and transportation industries. Some well known use cases are
FDA Center for Devices and Radiological Health The Center for Devices and Radiological Health (CDRH) is the branch of the United States Food and Drug Administration (FDA) responsible for the premarket approval of all medical devices, as well as overseeing the manufacturing, performance and safe ...
uses it to detect defects in fielded medical devices. The
NHTSA The National Highway Traffic Safety Administration (NHTSA ) is an agency of the U.S. federal government, part of the Department of Transportation. It describes its mission as "Save lives, prevent injuries, reduce vehicle-related crashes" rela ...
and NASA used CodeSonar to study on
sudden unintended acceleration Sudden unintended acceleration (SUA) is the unintended, unexpected, uncontrolled acceleration of a vehicle, often accompanied by an apparent loss of braking effectiveness. Such problems may be caused by driver error (e.g., pedal misapplication), ...
in the electronic throttle control systems of Toyota vehicles


Supported programming languages, host platforms and compilers

Supported Programming Languages: C, C++, C#, Java, Python, binary code analysis supports Intel
x86-32 IA-32 (short for "Intel Architecture, 32-bit", commonly called i386) is the 32-bit version of the x86 instruction set architecture, designed by Intel and first implemented in the 80386 microprocessor in 1985. IA-32 is the first incarnation of ...
,
amd64 x86-64 (also known as x64, x86_64, AMD64, and Intel 64) is a 64-bit version of the x86 instruction set, first released in 1999. It introduced two new modes of operation, 64-bit mode and compatibility mode, along with a new 4-level paging mo ...
and ARM. Supported Platforms: Microsoft Windows, Linux, FreeBSD, NetBSD, MacOS Supported Compilers: Apple Xcode, ARM RealView,
CodeWarrior CodeWarrior is an integrated development environment (IDE) published by NXP Semiconductors for editing, compiling, and debugging software for several microcontrollers and microprocessors ( Freescale ColdFire, ColdFire+, Kinetis, Qorivva, PX, Free ...
, GNU C/C++, Green Hills Compiler, HI-TECH Compiler, IAR Compiler,
Intel C++ Compiler Intel oneAPI DPC++/C++ Compiler and Intel C++ Compiler Classic are Intel’s C, C++, SYCL, and Data Parallel C++ (DPC++) compilers for Intel processor-based systems, available for Windows, Linux, and macOS operating systems. Overview Intel ...
,
Microsoft Visual Studio Visual Studio is an integrated development environment (IDE) from Microsoft. It is used to develop computer programs including web site, websites, web apps, web services and mobile apps. Visual Studio uses Microsoft software development platfor ...
, Renesas Compiler, Sun C/C++, Texas Instruments CodeComposer, Wind River Compiler


See also

*
List of tools for static code analysis This is a list of notable tools for static program analysis (program analysis is a synonym for code analysis). Static code analysis tools Languages Ada * * * * * * * * * * * C, C++ * * * * * * * * * * * ...


References

{{Reflist


External links


CodeSonar product page
Static program analysis tools