In 2017, C was recognized as the #1 growing language in the world. Despite the age of the language, C increased its footprint in multiple industries, including automotive, and, increasingly, edge devices in IoT. But despite C’s continued growth, it still remains a language prone to bugs and security vulnerabilities, and we continue to see increased customer interest in improving quality, safety, and security, year over year.
Similarly, the C++ language continues to advance in both usage and features. Unfortunately, industry coding standards for safety and security have lagged in supporting the latest features. For example, organizations relying on MISRA C++ 2008 are not addressing new features that were introduced to the language after 2008. With the release of AUTOSAR C++ 14, the situation has improved. Teams developing their products using modern C++ can now improve the safety, security, and quality of their code by following the AUTOSAR standard.
The Parasoft C/C++test 10.4.0 release focused on helping our users achieve security of C code by bringing the most comprehensive SEI CERT C solution to the market, with full coverage of CERT C rules together with dedicated compliance reporting. In addition, the new release includes support for the AUTOSAR C++ 14 and High Integrity C++ (HIC++) coding standard. On the unit testing side of things, we have enhancements in the stubbing framework, and new reports for documenting unit test execution for compliance with safety standards.
Read on for more details!
Parasoft C/C++test 10.4 introduces the most comprehensive compliance solution to the market for Security, Automotive, Aerospace, Railway, Medical Devices ,and Industrial Automation sectors, leveraging both the deep code analysis and unit testing capabilities of Parasoft C/C++test, as well as the powerful reporting and analytics of Parasoft DTP.
The Compliance Packs are available as add-on modules to Parasoft C/C++test and include compliance-specific rule categories, plus interactive dashboards and reports that can be used to streamline both auditing and achieving compliance with specific standards.
The Parasoft C/C++test Security Compliance Pack introduces support for the CERT C Security Coding Standard with a complete set of static analysis code checkers to cover CERT C rules, and dedicated compliance reporting. High accuracy of the code checkers assures low levels of false alarms, and compliance reporting helps minimize related costs and overhead. This powerful solution helps organizations detect security vulnerabilities in their code and manage the process of achieving compliance with the standard.
Along with the complete set of SEI CERT C rules, Parasoft’s unique compliance reporting provides a dynamic view into the development process. Interactive reports are available via Parasoft DTP to provide different views into the results of CERT C compliance analysis, and use the wording and categorizations that are defined by the standard, to make it easier to understand. Without the full coverage for CERT C rules, organizations have to fall back to tedious manual code review procedures or combine multiple static analysis tools to achieve the same level of security.
The Parasoft C/C++test Automotive Compliance Pack not only brings compliance reporting for MISRA standards but also includes new analysis rules for validating compliance of C++ source code with the AUTOSAR C++ 14 and High Integrity C++ standards. AUTOSAR C++ 14 was a long-awaited update in the field of automotive coding standards for the C++ language, and includes coding guidelines for the usage of the C++14 in the safety-related and critical systems. The main usage of AUTOSAR C++14 is for automotive applications, but it can be used in other embedded applications too.
Code isolation is one of the most time-consuming and challenging tasks for developers implementing a unit testing practice. With Parasoft C/C++test’s enhanced stubbing framework, users can now configure stubs via new “Stub Callbacks.” This functionality provides a flexible mechanism for defining the stub logic required for a test scenario, and users can program the desired behavior of stubbed functions or methods by simply typing the C/C++ code or using a graphical editor.
The graphical editor provides critical ease-of-use, enabling less experienced users to build the stub logic required for the test scenario, while the source code editor unleashes the full power of the framework, allowing advanced users to build even very complex logic for the stubbed code.
An additional benefit of the new approach to stub configuration is its ability to enable easy sharing and reuse of created stub assets. The enhanced stubbing framework improves the productivity of teams that are following a unit testing practice, including organizations developing safety-critical systems compliant with IEC 61508, ISO 26262 or DO 178B/C.
Teams that are required to document their unit testing practices for compliance with safety standards can also benefit from new, dedicated reports that document unit test execution. These new reports were developed in close cooperation with leading companies from the automotive and aerospace industries, and contain all the necessary details required by assessors when verifying compliance with standards such as ISO 26262 or DO-178B/C. The reports precisely document the test environment, with details about test configuration and full information about executed test cases, including initialization values for the tested code, stubs configuration, and information about all evaluated assertions.
The latest release of Parasoft C/C++test saw updates and improvements to static analysis, unit testing, reporting, and did we mention, support for over 20 new compilers? There was a lot going on this quarter and we were happy to improve the product to help software teams achieve their safety and security guidelines while supporting critical unit testing activities that form the cornerstone of high quality software. An enhanced stubbing framework increases unit testing productivity and asset sharing, while the new enhanced unit test reporting fine tunes reporting to help our customers achieve standards compliance in a way that is easier and cheaper.
If you’re an existing customer, head over to the Customer Portal to upgrade your software. If you’re new to Parasoft and would like a free trial of Parasoft C/C++test, head on over here to grab it.
Product Manager for Parasoft's embedded testing solutions, Miroslaw's specialties include C/C++, RTOSes, static code analysis, unit testing, managing software quality for safety critical applications, and software compliance to safety standards.