Static Analysis for .NET

Parasoft Static Analysis for .NET applications analyzes code against the industry’s deepest and broadest set of static and flow analysis rules. The raw analysis data can also be merged with test results, metrics analysis, coverage analysis, and other quality findings in Parasoft Development Testing Platform (DTP) to highlight systemic issues in the development process and prevent defects from happening again.

Capabilities

static-analysis-featured-dtp-430

Static Analysis

  • Broad support for languages and standards: Security | C/C++ | Java | .NET | FDA | Safety-critical
  • Static analysis tool industry leader since 1994
  • Simple out-of-the-box integration into your SDLC
  • Prevent and expose defects via multiple analysis techniques
  • Find and fix issues rapidly, with minimal disruption
  • Integrated with Parasoft's suite of development testing capabilities, including unit testing, code coverage analysis, and code review
READ MORE

Software Development Standards Compliance

Parasoft's comprehensive development Testing solution delivers proven results. It provides out-of-the-box support for achieving compliance with FDA, DO-178B/C, MISRA, JSF, PCI-DSS, ISO, IEC, and more, by automating static analysis, peer code review, unit testing, coverage analysis, traceability, and other software validation practices.
READ MORE
security

Static Analysis for Secure Application Development (SAST)

  • Out-of-the-box test configuration for MISRA, ISO 26262, JSF, FDA, more
  • Analyzes C, C++, Java, and .NET languages
  • Direct integration into embedded development environments
  • Also includes peer code review, unit testing, coverage analysis, and runtime error detection
READ MORE

Supported environments

Custom Messages

Defects Detected

  • Exceptions
  • Initialization
  • Logical errors
  • Performance degradation
  • Portability problems
  • Resource and memory leaks
  • Security vulnerabilities
  • Threads and synchronization

Out-of-the-box Test Configurations

  • CERT
  • CWE SANS Top 25
  • Effective C++ (Meyers)
  • Effective STL (Meyers)
  • OWASP
  • PCI DSS
  • CWE
  • SANS
  • NIST
  • Critical Rules
  • Effective C#
  • Metrics
  • ICE 62304

Static Code Analysis Rules

  • Ensure that method return values are used
  • Do not use floating point variables as loop indices
  • Avoid assignment within a condition
  • Do not compare value types to null
  • Avoid calling Finalize directly
  • Avoid throwing exceptions in Equals
  • Avoid infinite recursive method calls

Data Flow Rules

  • Do not modify a collection while iterating over it
  • Avoid division by zero
  • Ensure resources are deallocated

Metrics Analysis

  • Cyclomatic Complexity
  • Essential Complexity
  • Class Inheritance Level
  • Halstead Complexity
  • Fan Out
  • Coupling Between Objects

Resources

Inomed Case Study

Download »

Trane Case Study

Trane decided to migrate their legacy systems to C++ and .NET to enable more rapid and agile responses to business demands. Discover how Parasoft reduced the learning curve, helped them ensure code met uniform expectations around reliability, performance, and maintainability, and helped them achieve nearly 100% coverage on unit tests.
Download »

Bovie Medical Case Study

Bovie Medical had been using an outside vendor to perform the software validation required for FDA compliance, but they wanted to improve the effectiveness of testing while at the same time reduce testing costs. Learn how Parasoft helped them move verification and validation testing in-house—cutting costs approximately in half and getting to market 6 months sooner.
Download »

Integrated Error-Detection Techniques Find More Bugs in .NET Applications

Demonstrates how to automate and synchronize error-detection techniques including static code analysis, data flow analysis, and unit testing to more effectively find defects in .NET applications.
Download »

Static Analysis Maturity Model

Discover how to set realistic expectations for adopting Static Analysis. This maturity model details the five levels of adoption to help make informed decisions about the right static analysis strategy for your organization.
Download »

First Things First – Getting Started with Static Analysis

Parasoft static analysis expert shares tips and tricks for implementing static analysis the right way - including the range of implementation methods and how to avoid common pitfalls.
Watch »

How to Avoid Security Vulnerabilities with Static Analysis

This Power Hour Webinar explores how to implement static analysis as a mechanism for preventing defects. You’ll learn how to leverage security standards (OWASP, PCI DSS, & CWE) and evolve development policies from static analysis findings.
Watch »