RSSAutomated source code analysis locates and describes areas of weakness in source code. Those weaknesses might be security vulnerabilities, logic errors, implementation defects, concurrency violations, rare boundary conditions, or many other types of problem-causing code. The name of the associated research field is static analysis and while the technology has been around for decades - primarily in the form of lint tools - modern static analysis has little in common with its well known but much maligned ... More
Not used
Browse Categories
Browse Tags
Resources
Video
Short demo on how to use Klocwork to help developers refactor in C/C++ code, specifically looking at the Extract Function and Inline Function refactorings.
Case Study
As a market-leading provider of healthcare technology, Schiller has deployed Klocwork tools, including the Connected Desktop, to help the company meet its MISRA standards, speed up testing, and achieve higher quality.
Case Study
As a provider of payment software for banks and merchants worldwide, ACI Worldwide puts a great deal of emphasis on code quality and security. Given the nature of their business and need for PCI compliance, ensuring ... More
White Paper
White Paper
The value of peer code review is undeniable. But despite this, it continues to be a much-maligned milestone in the software development cycle. Code reviews are difficult to implement consistently, the review is often left incomplete, and let’s be honest, developers generally don’t like doing them. In this latest white paper, Klocwork provides specific recommendations on how organizations can implement a simple, effective code review process that takes advantage of the latest tools and technologies.
White Paper
This report quantifies the costs of low quality software for customers and uses benchmark data to illustrate the magnitude of these costs. The basic conclusion is that the cost of low quality to customers can be substantial, and customers would do well to seek out more capable vendors. For the software developers themselves, by demonstrating the financial burden of low quality on their customers, they can differentiate themselves from the competition by focusing on improving the quality of their software. The ... More
White Paper
To keep pace with ever-increasing customer demands on software functionality and time-to-market expectations, software developers have had to evolve the way they develop code to be both faster and higher quality. As part of this trend, Agile development practices are becoming more commonplace. However, to fully realize the benefits of Agile development, it is critical to have a repeatable process for ensuring code is as free of defects and security vulnerabilities as possible. This paper examines how the use of ... More
White Paper
Producing high-quality, feature-rich software while meeting regulatory guidelines presents a unique set of challenges for those developing medical device software. In this paper for medical device software managers, learn how an effective verification process can help achieve FDA compliance and meet productivity goals.
White Paper
This Tips and Tricks guide breaks down the topic of software security assurance into a series of questions that fall into these four key areas: Managing for Software Security Developing for Software Security Auditing for Software Security Testing for Software Security
White Paper
No one wants to be on the hot seat when a critical vulnerability is exploited in the field or when a coding mistake causes product recalls, brand damage, or revenue losses. Automated source code analysis helps developers and development teams avoid this exposure by performing the most rigorous form of automated code review possible. This paper discusses what issues can be found with source code analysis tools, why developers should use them when they have other tools to choose from, and why the technology should ... More
White Paper
Given the complexity of today's airborne software systems, the use of automated tools can assist in the successful on-time and on-budget delivery of these projects. Automated source code analysis tools locate and describe areas of weakness in source code, and can help address key areas of the DO-178B guidance related to the Software Verification and Software Lifecycle Data requirements. In this white paper, learn how the defect, architecture, and metrics analysis capabilities of Klocwork Insight can be used to ... More
White Paper
With the adoption of Agile, the need to create high-quality software code in less time has never been greater. In this paper, developers will learn how to maintain velocity and eliminate bug debt with automated tools.
White Paper
This white paper highlights the results from an analysis of multiple open source projects that are commonly used in embedded development, including: uClinux - widely used operating system for embedded development Quagga - popular routing software suite Scratchbox - cross compilation toolkit HSQLDB - relational database management system written in Java Discover the defects associated with each of these projects (including memory management, efficiency, null pointer dereference and reliability defects, and ... More
White Paper
Today's developers of mission-critical software are using automated source code analysis (SCA) to locate and describe critical bugs and security vulnerabilities in their source code at system build time. However, system build-time analysis suffers from an inherent weakness: bugs impact the main code stream before they are even detected. This paper proposes a solution: move high-quality SCA to the developer's desktop and perform it at the earliest point in the development cycle - before code check-in. This approach ... More
RSS