Static code analysis tool guarantees safe software

November 21, 2012 // By Christoph Hammerschmidt
In order to guarantee the functional safety of embedded code in automotive control units, ISO26262 mandates stringent software development processes. A method to make sure the code does not exhibit unusual and potentially risky behaviour is static code analysis. Hitex Development tools now offers Goanna 2.9, a software tool that checks the code according to the MISRA set of rules.

Goanna can be applied to any software written in C++ or C. Version 2.9 now applies the MSRA C:2004 rules as well as MISRA-C++:2008 and CERT. The MISRA rules are defined by the Motor Industry Software Reliability Association and aim at safe operation whereas the CERT rules (Computer Emergency Response Team) focuses on security issues. Goanna 2.9 reflects the Secure Coding Standard for C and C++ developed by the CERT.

The current version 2.9 indicates to every error found in the program code the respective identification according to he Common Weakness Enumeration (CWE). CWE is a directory of potential weaknesses encountered in software.

Goanna is available in two versions: Goanna Central is command line oriented whereas Goanna Studio supports graphical IDEs such as Visual Studio and Eclipse/CDT. In addition, the release also supports new IEDs such as Atmel Studio 6, Atollic TrueStudio, IAR Embedded Workbench, Infineon DAVE, Keil uVision, Mentor Graphics Sourcery Code Bench, QNX Momentics, Texas Instruments Code Composer Studio and Wind River Workbench. The tool is available for Windows and Linux; licensing is either linked to a specific computer or as a floating license.

For further information visit