Take a faster, smarter path to AI-driven C/C++ test automation. Discover how >>
Whitepaper
Curious what’s in the guide? Start with the preview below.
Continuous integration and continuous delivery (CI/CD) form the foundation of continuous software development. CI merges smaller build units frequently into applications, while CD requires extensive testing and may include software certification before field deployment.
This whitepaper provides best practices for integrating automated testing into CI workflows to detect defects early and deliver high-quality code through continuous testing (CT)—where software development combines with testing as part of the build process.
“Continuous Integration is a software development practice where members of a team integrate their work frequently, usually each person integrates at least daily—leading to multiple integrations per day. Each integration is verified by an automated build (including test) to detect integration errors as quickly as possible.”
—Martin Fowler
Without automation of the build process and processes connected to creating deployment artifacts and build verification, CI/CD would be tedious and time-consuming—the antithesis of continuous.
Continuous integration relies on a shared repository and automated software build tools. It’s important to immediately identify integration issues and broken builds. The most critical step is integrating continuous testing into the CI/CD pipeline to ensure that code changes are automatically and continuously tested throughout the development lifecycle.
When developers commit changes to the codebase, this triggers the build process, including compiling code and preparing the environment for testing. Developers can perform static analysis, unit testing, code coverage, and other test methods quickly with immediate feedback.
Failing tests force code fixes early in the development cycle, and when all tests pass, deployment to the main branch occurs. This continuous workflow ensures that code changes are constantly verified through automated tests, providing rapid feedback and maintaining the overall health and quality of the software throughout its lifecycle.
CI/CD is popular and a best practice in embedded software development, which faces unique constraints. Solutions like Parasoft C/C++test CT accommodate continuous testing by integrating with popular open source unit testing frameworks like GoogleTest, Boost.Test, CppUnit, and custom solutions, enhanced with code coverage, requirements traceability, and reporting capabilities.
Besides physical and computational constraints of target hardware platforms, embedded software markets have unique requirements for safety, security, privacy, and extremely long lifecycles. Products can remain in the market for decades.
At the development level, embedded software requires IDEs, compilers, static and dynamic analysis, and build tools—similar to typical application development. However, tools often target different architectures (host versus target environment), requiring homogeneous development environments across teams.
Automating testing for embedded software is challenging due to complexity of initiating and observing tests on embedded targets and limited target hardware access. Software test automation is essential to make embedded testing workable on a continuous basis from host to target systems.
A high level view of deploying, executing, and observing tests from host to target.
Testing embedded software is particularly time-consuming. Automating the regression test suite provides significant time and cost savings. Test results and code coverage data collection from target systems are essential for validation and standards compliance. Traceability between test cases, test results, source code, and requirements must be recorded and maintained, making data collection critical.
C and C++ testing solutions like Parasoft’s offer test harnesses optimized for minimal binary footprint, provided as source code for platform-specific customization if needed.
One major benefit of Parasoft C/C++test is dedicated integrations with embedded IDEs and debuggers that make test case execution smooth and automated. Supported IDE environments include Eclipse, VS Code, Green Hills Multi, Wind River Workbench, IAR EW, ARM MDK, ARM DS-5, TI CCS, Visual Studio, and many others.
C/C++test supports creating regression testing baselines as organized collections of tests with automatic outcome verification. Teams can automatically run tests regularly to verify if code modifications change or break functionality captured by regression tests, receiving alerts when test cases fail.
When managing complex development environments in safety-critical software development, teams typically struggle with:
All these problems are easy to solve with containers.
An example deployment of Parasoft C/C++test with Docker build and run containers
Parasoft C/C++test Professional works with compilation toolchains and execution environments deployed in containers, supporting deployments based on Linux and Docker containers.
The biggest benefit of CI/CD is reducing project risk. In the past, too many projects relied on “big bang” software integration efforts where teams attempted to integrate software too near product development end, encountering huge integration issues under massive ‘crunch’ schedules.
Testing gets pushed to project end where it becomes too little too late. Using continuous integration, teams always have full product builds ready for testing, delivery, and release. Rather than one big bang, teams work through smaller integration steps continuously, finding issues early and reducing late-cycle integration risk.
Additional benefits include:
DevOps and DevSecOps methodologies share the use of automation and continuous processes for establishing collaborative cycles of development. While DevOps prioritizes delivery speed, DevSecOps shifts security to the left, which is more important in software that’s classified as embedded safety- and security-critical.
Software test automation plays an important role but it’s just one piece of the DevSecOps puzzle. Testing is often one of the greatest constraints in the software development lifecycle (SDLC), so optimizing security processes that allow testing to begin earlier—and shrink the amount of testing required—has a significant impact on the security of the software and development efficiency.
Adopting a continuous testing process helps promote the 6 Pillars of DevSecOps: collective responsibility, collaboration and integration, pragmatic implementation, compliance and development, automation and measurement, and monitoring and reporting.
The drive to shift-left security in the SDLC comes from the desire to find and fix bugs and security vulnerabilities as early as possible. Issues are much easier, cheaper, and less risky to fix earlier, not later.
Essential requirements to shift-left security center around the need to incorporate security into any and all applications at the very beginning. Security can’t be added on. It must be built in.
Requirements traceability is defined as “the ability to describe and follow the life of a requirement, in both a forwards and backwards direction (i.e. from its origins, through its development and specification, to its subsequent deployment and use, and through periods of on-going refinement and iteration in any of these phases).”
In the simplest sense, requirements traceability is needed to keep track of exactly what you’re building when writing software. This means making sure the software does what it’s supposed to and that you’re only building what’s needed.
Traceability works both to prove you satisfied the requirements and to identify what doesn’t. If there are architectural elements or source code that can’t be traced to a requirement, then it’s a risk and shouldn’t be there. The benefits go beyond providing proof of the implementation. Disciplined traceability is an important visibility into development progress.
It’s important to realize that many requirements in embedded software are derived from safety analysis and risk management. The system must perform it’s intended functions, of course, but it must also mitigate risks to greatly reduce the possibility of injury. Moreover, in order to document and prove that these safety functions are implemented and tested fully and correctly, traceability is critical.
Maintaining traceability records on any sort of scale requires automation. This is particularly important in a CI/CD pipeline since manual maintained traceability would slow down each iteration.
Integrated software testing tools can complete the verification and validation of requirements by providing an automated bidirectional traceability to the executable test case, which includes the pass or fail result and traces down to the source code that implements the requirement.
Parasoft integrates with market-leading requirements management and Agile planning systems like IBM DOORS Next, Intland, Codebeamer, Polarion from Siemens, Jama Connect, Atlassian Jira, CollabNet, VersionOne, and TeamForge. Traceability is managed through a central reporting and analytics dashboard, Parasoft DTP.
Bidirectional traceability from work items to test cases and test results. Traceability reports are displayed, and results are sent back to the requirements management system.
The bidirectional correlation between test results and work items provides the basis of requirements traceability. Parasoft DTP adds test and code coverage analysis to evaluate test completeness. Maintaining this bidirectional correlation between requirements, tests, and the artifacts that implement them is an essential component of traceability.
Continuous integration and delivery have become standard practices in embedded development, helping teams migrate from traditional waterfall processes to more agile, efficient workflows. This transition reduces risk and enhances both quality and security. As security remains a top concern, CI/CD provides a foundation for DevSecOps by embedding security requirements and controls throughout the pipeline. Containerized development environments further strengthen this approach, supporting portability, versioning, and centralized control while enabling reproducible, secure application environments.
Continuous testing plays a vital role in maintaining a smooth CI/CD pipeline, especially since testing is often the most time- and resource-intensive activity in embedded development. By strategically automating tests and focusing on high-risk areas, teams can accelerate feedback loops and reduce delays. The effectiveness of continuous testing increases with tools that enhance automation, boost code coverage, enable smart test execution, and maintain full bidirectional traceability across the software life cycle.
Ready to dive deeper?
