Resources

The value of peer code review is undeniable. But despite this, it continues to be a much-maligned milestone in the software development cycle. Code reviews are difficult to implement consistently, the review is often left incomplete, and let’s be honest, developers generally don’t like doing them. In this latest white paper, Klocwork provides specific recommendations on how organizations can implement a simple, effective code review process that takes advantage of the latest tools and technologies.

TAGS: CODE REVIEW, SOFTWARE QUALITY, SOFTWARE SECURITY, SOURCE CODE ANALYSIS

Video Demonstration: See how developers can use Klocwork's plug-in for Visual Studio to find and fix defects before they check-in their source code.

TAGS: ENDIAN, INSIGHT, SOFTWARE QUALITY, STATIC ANALYSIS, VISUAL STUDIO, INSIGHT 9.5

Automated source code analysis locates and describes areas of weakness in source code. Those weaknesses might be security vulnerabilities, logic errors, implementation defects, concurrency violations, rare boundary conditions, or many other types of problem-causing code. The name of the associated research field is static analysis and while the technology has been around for decades - primarily in the form of lint tools - modern static analysis has little in common with its well known but much maligned ... More

TAGS: DEFECT DETECTION, SOFTWARE QUALITY, SOFTWARE SECURITY, STATIC ANALYSIS, TRUEPATH

With the adoption of Agile, the need to create high-quality software code in less time has never been greater. In this paper, developers will learn how to maintain velocity and eliminate bug debt with automated tools.

TAGS: AGILE DEVELOPMENT, CODE REVIEW, CONTINUOUS ANALYSIS, REFACTORING, STATIC ANALYSIS

As a manufacturer of medical electronics, meeting the FDA's rigorous safety and quality standards is crucial to Stockert. With the safety of their devices depending significantly on the quality of software they develop, Stockert invested in Klocwork's source code analysis tools. Learn how their static analysis deployment has helped Stockert achieve FDA certifications, gain more trust in their code quality, and increase development efficiency.

TAGS: CODING STANDARDS, DEFECT DETECTION, DEVELOPER PRODUCTIVITY, MEDICAL DEVICES, SOFTWARE QUALITY, SOURCE CODE ANALYSIS, STATIC ANALYSIS

When it comes to security, embedded software presents a unique set of challenges for application development and engineering teams. To ensure your embedded software is secure, you must start by understanding the threats that can make it susceptible to attack and then establish appropriate counter measures. Designed for embedded software engineers and security specialists, this on-demand webinar identifies the characteristics of embedded software that make it vulnerable to security threats, discusses the importance ... More

TAGS: CODE REVIEW, EMBEDDED PROGRAMMING, SOFTWARE SECURITY, SOURCE CODE ANALYSIS

In the push to meet demands for functionality and speed, software teams are moving away from single processor architectures at a rapid rate. But the realities of developing software for these next-generation architectures is introducing significant complexity when it comes to identifying errors in the software - specifically concurrency errors and endian incompatibilities. This paper looks at the challenges of developing for multicore and multiprocessor environments, explains how Klocwork's tools can be used to ... More

TAGS: CONCURRENCY ANALYSIS, DEADLOCK, ENDIAN, LIVELOCK, MULTICORE, SOURCE CODE ANALYSIS

The driving objective of the Laboratory for Atmospheric and Space Physics (LASP) at the University of Colorado is research in atmospheric science, space physics, solar influences, and planetary science, supported by the technological contributions of its engineering and mission operations divisions. To better ensure the reliability of key data processing software, LASP has introduced Klocwork Insight into several projects.

TAGS: AVIONICS, BUG IDENTIFICATION, DEFECT DETECTION, LANGUAGE: C

We're setting a new standard for static analysis tools with the launch of Klocwork Insight 9.5. The latest release of our flagship product brings on-the-fly static analysis capabilities to the desktop, allowing developers to fix critical defects the moment they're introduced. Features covered in this webinar: On-the-fly static analysis that instantly underlines defects as code is written Drag and drop reporting that answers complex questions about the security and reliability of your code On-the-fly impact ... More

TAGS: DEFECT DETECTION, INSIGHT 9.5, SOFTWARE QUALITY, SOFTWARE SECURITY, SOURCE CODE ANALYSIS

To keep pace with ever-increasing customer demands on software functionality and time-to-market expectations, software developers have had to evolve the way they develop code to be both faster and higher quality. As part of this trend, Agile development practices are becoming more commonplace. However, to fully realize the benefits of Agile development, it is critical to have a repeatable process for ensuring code is as free of defects and security vulnerabilities as possible. This paper examines how the use of ... More

TAGS: AGILE DEVELOPMENT, DEFECT DETECTION, SOFTWARE SECURITY, SOURCE CODE ANALYSIS

Video demonstration: using Klocwork Review for integration build reporting and metrics on your source code

TAGS: INSIGHT, SOFTWARE METRICS, SOFTWARE QUALITY, SOFTWARE SECURITY, INSIGHT 9.5

Video Demonstration: Rename and Introduce Variable Refactoring for C/C++ in Eclipse and Visual Studio with Klocwork Refactoring

TAGS: ECLIPSE, INSIGHT, LANGUAGE: C, REFACTORING, VISUAL STUDIO, INSIGHT 9.5

Embedded software is a ubiquitous presence onboard aircraft today. Just as software has become a key element in everything from consumer vehicles to household appliances, it is also critical to aircraft control. Beyond mission-critical avionics systems, software is also increasingly present in commercial aircraft galley equipment, passenger onboard entertainment systems and, more recently, wi-fi networks for passengers.

TAGS: AVIONICS, DO-178B, EMBEDDED PROGRAMMING, STATIC ANALYSIS

As a market-leading provider of healthcare technology, Schiller has deployed Klocwork tools, including the Connected Desktop, to help the company meet its MISRA standards, speed up testing, and achieve higher quality.

TAGS: CODING STANDARDS, EMBEDDED PROGRAMMING, LANGUAGE: C, MEDICAL DEVICES, MISRA, SOFTWARE QUALITY, STATIC ANALYSIS

Feeling that powerful analysis techniques are often overshadowed by testing and review when it comes to creating high quality software, representatives at Lawrence Livermore National Labs wrote this article which makes a compelling business case for the use of static analysis tools. The article contains results from two case studies where automated source code analysis tools were run on C++ code.

TAGS: BUG IDENTIFICATION, DEFECT DETECTION, SOFTWARE QUALITY, SOURCE CODE ANALYSIS, STATIC ANALYSIS

Creating Code Modules and Using View Filters in Klocwork Review

TAGS: CODE REVIEW, INSIGHT 9.5, SOFTWARE METRICS, SOFTWARE QUALITY

Video Demonstration: See how to use Klocwork to refactor code in C/C++ code, specifically looking at the Extract Function and Inline Function refactor

TAGS: INSIGHT, LANGUAGE: C, REFACTORING, VISUAL STUDIO, INSIGHT 9.5

Video Demonstration: See how command line users can use Klocwork Desktop to find and fix defects before they check-in their code.

TAGS: COMMAND LINE, SOFTWARE QUALITY, STATIC ANALYSIS, INSIGHT 9.5

With the types of security attacks, what they're targeting, and where they're coming from continuing to grow, the problem of software security can seem overwhelming. But with an alarming number of security vulnerabilities starting within the software code itself, writing clean code becomes an important weapon in your defense against security attacks. This article from SD Times solicits input from industry experts on the reality of software security, the common security mistakes being made, and how to avoid ... More

TAGS: SOFTWARE SECURITY, STATIC ANALYSIS

Sencore needed a static analysis tool to help catch software defects to ensure high-reliability video transmissions to its customers. Sencore used Klocwork Insight to analyze its software builds for memory leaks and critical issues that might compromise the quality of the video stream its solutions deliver.

TAGS: CONTINUOUS ANALYSIS, INSIGHT, LANGUAGE: C, SOFTWARE QUALITY, SOFTWARE SECURITY, SOFTWARE VERIFICATION, SOURCE CODE ANALYSIS, STATIC ANALYSIS

The complexity of porting or developing for multicore or multiprocessor architectures can lead to increased project expenses and timelines. In this ready-to-watch webinar, learn about Klocwork's tools-oriented approach to overcoming these challenges which equips developers with a personal mentor to detail critical concurrency and endian incompatibility issues as they're introduced.

TAGS: CONCURRENCY ANALYSIS, DEADLOCK, ENDIAN, MULTI-CORE DEVELOPMENT, MULTICORE, STATIC ANALYSIS

Peer code reviews are a vital step in the software development cycle but everyone knows the challenges involved. Learn how a tools-based approach to peer code reviews can unleash the benefits of this important development milestone by incorporating social media concepts, enabling collaboration and communication amongst reviewers, and combining static analysis with code reviews.

TAGS: CODE REVIEW, SOFTWARE VERIFICATION, SOURCE CODE ANALYSIS, STATIC ANALYSIS

Demanding more sophisticated feature sets, advanced user interfaces, and perpetual connectivity, the next-generation of embedded devices are driving the accelerated adoption of multicore and multiprocessor architectures. This exclusive report, using data from VDC Research's 2010 Embedded Engineering Survey, highlights the new realities of developing software for these advanced platforms. Get the report and learn how the growth in multicore and multiprocessor architectures is introducing a new set of challenges for ... More

TAGS: EMBEDDED PROGRAMMING, MULTI-CORE DEVELOPMENT, SOURCE CODE ANALYSIS, STATIC ANALYSIS

A pioneer in source code analysis, Klocwork offers a portfolio of software development productivity tools that ensure the security, reliability and maintainability of complex code bases.

TAGS: DEVELOPER PRODUCTIVITY, INSIGHT, SOURCE CODE ANALYSIS, STATIC ANALYSIS, TRUEPATH

In this on-demand webinar hosted by Klocwork, learn where source code analysis can be used in your development process, the problems that it solves, and how the technology can be used to streamline a number of productivity bottlenecks in your development process.

TAGS: DEVELOPER PRODUCTIVITY, SOURCE CODE ANALYSIS, STATIC ANALYSIS

Software coding defects increase the cost of development and support, tarnish a company's reputation, and limit revenue opportunities. This research report from the New Rowley Group discusses how investing in a defect detection and prevention solution enables companies to catch defects early, limit their financial impact, and institute a proactive approach to defect prevention.

TAGS: DEFECT DETECTION, SOFTWARE QUALITY

In an Agile context where software production is performed in short, feature-driven iterations, it's critical that bugs are found and removed from code as early as possible. In this session, we examine the evolution of source code analysis technology and discuss why and how it should be deployed for maximum benefit within an Agile development process.

TAGS: AGILE DEVELOPMENT, SOURCE CODE ANALYSIS, STATIC ANALYSIS