Resources

The value of peer code review is undeniable. But despite this, it continues to be a much-maligned milestone in the software development cycle. Code reviews are difficult to implement consistently, the review is often left incomplete, and let’s be honest, developers generally don’t like doing them. In this latest white paper, Klocwork provides specific recommendations on how organizations can implement a simple, effective code review process that takes advantage of the latest tools and technologies.

TAGS: CODE REVIEW, SOFTWARE QUALITY, SOFTWARE SECURITY, SOURCE CODE ANALYSIS

For turn-key deployments or customer with special requirements, Klocwork has partnered with Code Integrity Solutions offering deployment and installation customized to your needs.

TAGS: INSIGHT, INSIGHT PRO

Short demo on how command line users can use Klocwork Desktop to find and fix defects before they check-in their code.

TAGS: COMMAND LINE, SOFTWARE QUALITY, STATIC ANALYSIS

No one wants to be on the hot seat when a critical vulnerability is exploited in the field or when a coding mistake causes product recalls, brand damage, or revenue losses. Automated source code analysis helps developers and development teams avoid this exposure by performing the most rigorous form of automated code review possible. This paper discusses what issues can be found with source code analysis tools, why developers should use them when they have other tools to choose from, and why the technology should ... More

TAGS: SOFTWARE QUALITY, SOFTWARE SECURITY, SOFTWARE VERIFICATION, SOURCE CODE ANALYSIS

Given the complexity of today's airborne software systems, the use of automated tools can assist in the successful on-time and on-budget delivery of these projects. Automated source code analysis tools locate and describe areas of weakness in source code, and can help address key areas of the DO-178B guidance related to the Software Verification and Software Lifecycle Data requirements. In this white paper, learn how the defect, architecture, and metrics analysis capabilities of Klocwork Insight can be used to ... More

TAGS: AVIONICS, DEFECT DETECTION, DO-178B, INSIGHT, SOFTWARE ARCHITECTURE, SOFTWARE METRICS

Connecting the developer desktop with the overall system context to delivers new levels of developer productivity.

TAGS: CONNECTED DESKTOP, CONTINUOUS ANALYSIS, DEVELOPER PRODUCTIVITY, INSIGHT, REFACTORING

Join our guest speaker Dave West, Senior Analyst, Forrester Research, Inc., as he reviews the findings of a recent code reveiw study and discusses why it’s time for software development organizations to exploit modern technology to improve the code review process. Learn about the key challenges of code review and recommendations on ways to improve the process right from the analyst himself.

TAGS: CODE REVIEW, DEFECT DETECTION, SOFTWARE QUALITY, SOFTWARE SECURITY, STATIC ANALYSIS

Offering network solutions to integrate sensors and communications for government and defense customers, Raytheon Network Centric Systems had two challenges: Frequent use of legacy code and the unavailability of the original developers meant new developers had to come up to speed quickly The need to run 'what if' scenarios

TAGS: LARGE CODEBASE, SOFTWARE ARCHITECTURE, SOFTWARE REUSE

A short demonstration of Peer Code review, C/C++ refactoring and static analysis brought together under Klocwork's Insight Pro development suite

TAGS: CONTINUOUS ANALYSIS, INSIGHT PRO, REFACTORING, SOURCE CODE ANALYSIS, STATIC ANALYSIS

This Tips and Tricks guide breaks down the topic of software security assurance into a series of questions that fall into these four key areas: Managing for Software Security Developing for Software Security Auditing for Software Security Testing for Software Security

TAGS: SOFTWARE QUALITY, SOFTWARE SECURITY

This report quantifies the costs of low quality software for customers and uses benchmark data to illustrate the magnitude of these costs. The basic conclusion is that the cost of low quality to customers can be substantial, and customers would do well to seek out more capable vendors. For the software developers themselves, by demonstrating the financial burden of low quality on their customers, they can differentiate themselves from the competition by focusing on improving the quality of their software. The ... More

TAGS: BUG IDENTIFICATION, DEFECT DETECTION, SOFTWARE QUALITY

Today's developers of mission-critical software are using automated source code analysis (SCA) to locate and describe critical bugs and security vulnerabilities in their source code at system build time. However, system build-time analysis suffers from an inherent weakness: bugs impact the main code stream before they are even detected. This paper proposes a solution: move high-quality SCA to the developer's desktop and perform it at the earliest point in the development cycle - before code check-in. This approach ... More

TAGS: BUG IDENTIFICATION, CONNECTED DESKTOP, SOFTWARE QUALITY, SOFTWARE SECURITY, STATIC ANALYSIS

With the adoption of Agile, the need to create high-quality software code in less time has never been greater. In this paper, developers will learn how to maintain velocity and eliminate bug debt with automated tools.

TAGS: AGILE DEVELOPMENT, CODE REVIEW, CONTINUOUS ANALYSIS, REFACTORING, STATIC ANALYSIS

With new aircraft now being highly software dependent – software verification and integrity is becoming ever more vital. Tim Robinson speaks to one company who are experts in squashing these software bugs in mission-critical code.

TAGS: AVIONICS, DO-178B, EMBEDDED PROGRAMMING, SOFTWARE VERIFICATION, STATIC ANALYSIS

As a provider of payment software for banks and merchants worldwide, ACI Worldwide puts a great deal of emphasis on code quality and security. Given the nature of their business and need for PCI compliance, ensuring their source code is intruder resistant and free from defects is paramount. Gain insight from their first-hand experience qualifying, selecting and deploying a source code analysis solution and learn why they selected Klocwork.

TAGS: SOFTWARE QUALITY, SOFTWARE SECURITY, STATIC ANALYSIS, CODING STANDARDS

Iskratel employs over 400 developers writing complex software to drive advanced communications technologies. These applications typically include between 1 and 1.5 million lines of code, written in C, SDL, Java and C++. To identify the best testing solution to eliminate bugs early in the development lifecycle, Iskratel conducted a head-to-head competitive evaluation of three products, and ultimately selected Klocwork's source code analysis tools. This case study looks at how Iskratel uses automated source code ... More

TAGS: DEFECT DETECTION, DEVELOPER PRODUCTIVITY, NETWORK AND TELECOM EQUIPMENT, STATIC ANALYSIS

Short demo on using Klocwork Architect to visualize the architecture of your source code.

TAGS: SOFTWARE ARCHITECTURE, SOFTWARE REUSE, INSIGHT

Software coding defects increase the cost of development and support, tarnish a company's reputation, and limit revenue opportunities. This research report from the New Rowley Group discusses how investing in a defect detection and prevention solution enables companies to catch defects early, limit their financial impact, and institute a proactive approach to defect prevention.

TAGS: SOFTWARE QUALITY, DEFECT DETECTION

This IDC white paper examines how software development organizations can improve the quality of the software they deliver, and tangibly improve their overall software development process by incorporating static analysis tools into their routine development processes. The results are higher quality, more robust and maintainable code; lower risk of failure because of software reliability problems and security vulnerabilities; a more predictable software development process; and lower overall life-cycle costs. The ... More

TAGS: SOFTWARE QUALITY, STATIC ANALYSIS

Producing high-quality, feature-rich software while meeting regulatory guidelines presents a unique set of challenges for those developing medical device software. In this paper for medical device software managers, learn how an effective verification process can help achieve FDA compliance and meet productivity goals.

TAGS: DEVELOPER PRODUCTIVITY, MEDICAL DEVICES, SOFTWARE VERIFICATION, STATIC ANALYSIS

Maintain iteration velocity and reduce the risk of bug debt with an integrated suite that includes powerful source code analysis, collaborative code review, and refactoring tools.

TAGS: CODE REVIEW, INSIGHT PRO, REFACTORING, STATIC ANALYSIS

The driving objective of the Laboratory for Atmospheric and Space Physics (LASP) at the University of Colorado is research in atmospheric science, space physics, solar influences, and planetary science, supported by the technological contributions of its engineering and mission operations divisions. To better ensure the reliability of key data processing software, LASP has introduced Klocwork Insight several key projects.

TAGS: AVIONICS, BUG IDENTIFICATION, DEFECT DETECTION

Looking for a way to understand and visualize your complex software code, identify re-usable components, and re-engineer your code for better optimization? Then don’t miss our latest on-demand webinar. Using graphical models of source code, Klocwork Insight allows software architects to experiment with various models without impacting the system. This webinar provides a technical deep-dive into the following advanced software architecture analysis capabilities: Code discovery and comprehension Impact ... More

TAGS: INSIGHT, SOFTWARE ARCHITECTURE, SOURCE CODE ANALYSIS

During this web seminar you will see how easy it is to exploit security vulnerabilities caused by common software defects. Watch how a simple hack on an older version of FireFox enables a hacker to gain full access to a remote machine. More importantly, see how this same vulnerability could have been prevented through the use of static analysis.

TAGS: DEFECT DETECTION, INSIGHT, STATIC ANALYSIS

Source code analysis technology (SCA) has been evolving for more than two decades, and is now used by embedded software developersin virtually every industry to create better, bug-free code. In an Agile context where software production is performed in short, feature-driven iterations, it's critical that bugs are found and removed from code as early as possible. In this session, we examine the evolution of SCA technology and discuss why and how it should be deployed for maximum benefit within an Agile development ... More

TAGS: AGILE DEVELOPMENT, SOURCE CODE ANALYSIS, STATIC ANALYSIS