Software Development Standards Compliance

FDA, DO-178B, MISRA, JSF, PCI-DSS, ISO, IEC, and more

The most comprehensive development compliance solution
Ingrain compliance tasks across the SDLC & into the team workflow
Find and fix issues rapidly, with minimal disruption
Achieve unparalleled process consistency, visibility & traceability
Leverage preconfigured templates for common industry standards

Capabilities

Software Development Management

Runtime Error Detection

Memory Error Detection

Web / RIA Functional Testing

SOA / Cloud Functional Testing

Load Testing

Manual Testing

Build Management

Service Virtualization

Solutions

Agile Project Management

Secure Application Development

Safety-Critical / Embedded Devel.

FDA / Medical Device

Geographically-Distributed

Standards

A Comprehensive Solution that Delivers Proven Results

Parasoft's integrated compliance solution is the most comprehensive available–automating mandated software validation practices from static analysis, to peer code review, to unit & component testing, to coverage analysis, to regression testing.

With 20+ years of experience helping over half of the Fortune 500 companies incorporate these practices into their environments, Parasoft knows what it takes to rapidly bring organizations into compliance with quality and security regulations and evolve a sustainable process for continued compliance.

Out-of-the Box Support for Key Standards

The solution can be applied to drive any policy or combination of policies that your organization needs to follow. It is preconfigured with templates for common regulatory compliance initiatives, including:

FDA
PCI DSS
OWASP
CWE/SANS
SAMATE
DO-178B
ISO 26262 & ASIL
IEC 61508 & SIL
MISRA
JSF
Web Accessibility (Section 508, WAI, WCAG)
Outsourcing SLAs

This enables teams to rapidly assess the level of compliance–without having to determine how the standards' requirements translate to code. Parasoft works with each organization to optimize the templates for the organization's unique demands. This jumpstarts compliance and establishes the foundation for continuous improvement.

Flexible Support for Custom Compliance Requirements

The solution can easily be configured to automatically monitor adherence to custom compliance policy requirements. The rule library includes hundreds of rules that deliver "out-of-the-box" monitoring of many common policy requirements. These static analysis rules can be customized as needed to match specific policy requirements, and the rule set can be rapidly extended to address even the most complex and unique requirements. Moreover, rule names, descriptions, and severities can be mapped to the organization's policies—establishing a fully-customized policy management and reporting interface.

End-to-End Quality Management

Parasoft provides out-of-the-box automation of the key validation practices named in FDA, PCI DSS, DO-178B and other key regulations, including:

Static analysis
Unit testing
Code review
Coverage analysis
Manual testing
More

Parasoft's technology suite extends from Java, C, C++, and .NET programming languages to SOA/Cloud, Web/RIA applications.

Continuous Compliance Process Integrates into the Workflow and Across the SDLC

Parasoft establishes a continuous compliance process that ensures compliance tasks begin early and are deployed across every stage of the SDLC, as recommended by the FDA, PCI DSS, and other regulations. We've learned that even the best tool eventually becomes shelfware if it is not integrated into a sustainable process. To ensure that the compliance process remains on track and does not disrupt project progress, Parasoft ingrains compliance tasks into the team's existing workflow and automates them so team members can focus on tasks that truly require human intelligence.

Unparalleled Process Consistency, Visibility & Auditability

Parasoft's policy-based approach to compliance establishes the organization's expectations, leverages an automated infrastructure to ensure consistent, unobtrusive policy application, and automatically monitors policy compliance for visibility and auditability. Parasoft's unique automated infrastructure orchestrates both automated and manual compliance tasks and tracks the execution of all policy-based tasks, analyses, and approvals/sign-off tasks.

Comprehensive Requirements Traceability

Requirements are correlated with automated and manual tests, source code, and development/testing tasks. The current level of verification for each requirement or task (including task pass/fail status and coverage) can be assessed at any time by back tracing to all associated tests. This correlation also enables change-based testing, which identifies exactly which tests are impacted by source code and requirement modifications. Teams know exactly which tests need to be rerun and which code needs to be re-reviewed.

In addition to tracking when the functionality for each requirement is implemented and tested, Parasoft also monitors compliance to non-functional requirements (e.g., coding standards, peer review, coverage, etc.) The system can be configured so that functionality is not considered "complete" unless it complies with the team's quality expectations.

Prevent Defects and Reduce Dev/QA Cycles

Regulations such as FDA and PCI DSS recommend preventing the introduction of defects by baking in quality tasks from the start of the SDLC rather than trying to test out defects later in the process. Parasoft is the industry leader in defect prevention–we wrote the book on it (Automated Defect Prevention, Wiley-IEEE, 2007).