AbsInt offers two static analyzers to check coding guidelines and find programming defects at the C code level: RuleChecker and Astrée.
Astrée is a sound static analyzer designed to prove the absence of runtime errors and further critical program defects. It is based on abstract interpretation – a provably correct formal method. If no errors are reported, this is a guarantee that there are no errors from the class of errors under investigation. Open interfaces and full batch mode execution make Astrée ideally suited to be used in continuous verification frameworks. Tool couplings, e.g. to dSPACE TargetLink, are available that provide a seamless integration in existing development environments. The configuration of OSEK/AUTOSAR systems can be determined automatically from OIL/ARXML specifications. By using its Qualification Support Kit and AbsInt’s Qualification Software Life Cycle Data Reports, Astrée can be automatically qualified according to all contemporary safety norms (e.g., ISO 26262 or DO-178B/C).
Astrée reports program defects caused by unspecified and undefined behaviors according to the C norm (ISO/IEC 9899:1999 (E)), program defects caused by invalid concurrent behavior, violations of user-specified programming guidelines, and computes program properties relevant for functional safety.
Users are notified about:
• integer/floating-point division by zero
• out-of-bounds array indexing
• erroneous pointer manipulation and dereferencing (null, uninitialized, and dangling pointers)
• data races (read/write or write/write concurrent accesses by two threads to the same memory location without proper mutex locking)
• inconsistent locking (lock/unlock problems)
• invalid calls to operating system services (e.g. OSEK-calls to TerminateTask() on a task with unreleased resources)
• integer and floating-point arithmetic overflows
• read accesses to uninitialized variables
• unreachable code
• violations of optional user-defined assertions to prove additional runtime properties
• non-terminating loops
• Spectre vulnerabilities (V1, V1.1, SplitSpectre)
Astrée comes with a configurable module for taint analysis that allows to reproduce the impact of erroneous or manipulated input values. Astrée includes RuleChecker to report violations of coding rules and to compute code metric thresholds (MISRA C:2004, MISRA C:2012, HIS metrics, …).
Safety-critical software has to be developed according to coding guidelines to ensure high-quality code, and to reduce the risk of programming errors and security vulnerabilities.
RuleChecker is a static analyzer designed to check coding guidelines and compute code metrics for safety-critical C programs. RuleChecker is fast, easy to use, and can be executed automatically, e.g., within systems for continuous integration. Multiple result views and graphical visualizations enable an efficient result exploration.
- MISRA C:2004
- MISRA C:2012 incl. Amendment 1
- MISRA C++:2008
- ISO/IEC TS 17961:2013
- SEI CERT Secure C
- MITRE Common Weakness Enumeration (CWE)
- Adaptive AUTOSAR C++ Coding Guidelines.
RuleChecker can be coupled with the sound static analyzer Astrée to guarantee zero false negatives and to minimize false positives on semantical rules.
RuleChecker is fully batch-mode compatible and can be used in continuous integration frameworks. A Jenkins plugin is available.
RuleChecker can be automatically qualified according to all relevant safety norms, including ISO-26262, DO-178B/C, IEC-61508, EN-50128, etc.