Polyspace Bug Finder
Polyspace Bug Finder is a static code analysis tool used to analyze code components or entire embedded software projects. Polyspace Bug Finder uses fast static code analysis techniques including formal methods with low false positive rates to pinpoint numerical, dataflow, programming, and other bugs in C or C++ source code.
You can use it to quickly find, triage, and fix bugs. Polyspace Bug Finder performs bug detection and coding rules violations as soon as the code is written, modified, or generated. You can use it to iteratively debug and fix your code early in the development process. Polyspace Bug Finder supports command line invocation, use through a standalone user interface, and use with the Eclipse IDE. You can integrate it into build environments for automated use. Polyspace Bug Finder supports critical activities in a software development workflow, including:
With Polyspace Bug Finder, you can set up a project and perform static code analysis:
Polyspace Bug Finder works with Polyspace Code Prover to prove the absence of certain run-time errors in your source code. These products together offer an end-to-end static analysis capability for early-stage development use, that spans bug-finding, code rules checking, and proof. This capability ensures the reliability of embedded software that must operate at the highest levels of software quality and safety.
Polyspace Bug Finder detects a variety of defects such as numerical, programming, static memory, dynamic memory, and dataflow. These defects are identified in the source code, with traceback information to help identify the cause and source of the defect. Coding rules violations are identified directly in the source code, with informational messages about the rule violation.
The straightforward workflow enables developers and quality engineers to classify and triage defects. For each defect detected, Polyspace Bug Finder provides detailed information on what caused the defect. For example, in situations where an integer overflow occurs, Polyspace Bug Finder traces all line numbers in the code that lead to the overflow condition. Software developers can use this information to determine how best to fix the code. Quality engineers can use this information to classify the defect for further action. For example, the quality engineer can mark the defect for further investigation or indicate that the defect is low priority.
Polyspace Bug Finder supports the detection of MISRA-C:2004, MISRA-C++:2008, MISRA C:2012, MISRA-AC-AGC, JSF++, and custom naming coding rule violations. You can use Polyspace Bug Finder to enforce coding rules to improve the readability and quality of your code. You can configure Polyspace Bug Finder to focus on all the rules of the standard, only the rules required by the standard, or individually select the rules you want to enforce. You can also define your own configuration to ensure that the same coding rules are enforced within your team.
You can fix rule violations by tracing them to your source code editor, or you can justify the coding rule violations for the purpose of documentation or code comments. The Polyspace Bug Finder interface lets you focus on differences from the previous analysis to avoid reviewing a violation twice. Coding rules analysis results can be exported to a web dashboard to track results over time.
Polyspace Bug Finder generates project-level, file-level, and function-level metrics to evaluate the complexity of code. Polyspace Bug Finder supports generation of Hersteller Initiative Software (HIS) metrics, which can be exported to a web dashboard. Code complexity metrics include:
You can define a centralized quality model to track defects, code complexity, and coding rules violations. Using these metrics, you can track your progress toward predefined software quality objectives as your code evolves. By measuring the rate of improvement in code quality, Polyspace Bug Finder enables developers, testers, and project managers to target and deliver high-quality code.
You can use Polyspace Bug Finder to analyze generated code or mixed code, which contains both generated and handwritten code. Code-level defect results in the automatically generated code are traced back to the model in Simulink. You can identify which parts of the model are reliable and correct design problems that cause errors in the code. You can also identify potential problems between the interface of generated and handwritten code. For example, the mixing of handwritten S-Function code with generated code could result in a problem where incorrect ranges of signals in the interface cause a run-time error.
Polyspace Bug Finder also supports tracing results to dSPACE TargetLink blocks and IBM Rational Rhapsody models.
You can use Polyspace Bug Finder and Polyspace Code Prover with IEC Certification Kit (for IEC 61508 and ISO 26262) and DO Qualification Kit (for DO-178B) in the certification process for projects based on these industry standards.
Reports and artifacts show the final quality of the code, highlight sections that have been reviewed, generate code metrics, and document the application of coding rules and run-time error status. You can create these reports in PDF, HTML, RTF, and other formats.