Download Free Whitepapers


TERA-Labs Comparison of Static Analysis Tools Performance and Effectiveness

Key findings from independent evaluation of leading static analysis tools and their performance when testing MISRA C compliance, How do tools perform under typical “real-life” conditions? And why do some tools perform better than others.

{+} Download now


VDC Industry Survey and Analysis of Automated Test Tool Use and Effectiveness

Why the increasing value and complexity of software calls for the reevaluation of development and testing practices

{+} Download now


The PRQA Developers’ Challenge

Is automated code inspection better than manual code reviews? What errors do developers miss when checking code manually? Test your team’s proficiency

{+} Download now


Improving Code Optimization: Abstract Interpretation of C language with Bit-Vector SMT

More accurate abstract interpretation methods enable aggressive code optimization. A traditional method is compared to one utilizing translation to quantifier-free fixed size bit-vector logic.

{+} Download now


How Good is Your Compiler?

If you are you relying too heavily on your compiler to identify coding defects, you may find your code isn’t maintainable or transferable. Even code that compiles without warnings may have errors associated with the implementation of the requirements.

{+} Download now


Continuous Code Inspection

Rigorous Code Inspections (as supposed to ad hoc reviews) are one of the most effective ways to identify and remove defects. Three key areas that need to be considered in order to make Code Inspections practical and even more effective.

{+} Download now


Software Metrics: Friend or Foe?

Opinions differ concerning the necessity of software metrics and whether their use actually improves software quality.  Learn why you should collect metrics and how to effectively leverage them to produce higher quality software.

{+} Download now


Using Static Analysis and Continuous Integration To Ensure Code Quality

Enabling Continuous Delivery to deliver fully tested and of releasable quality code requires the proper tools and processes. Learn how static analysis and CI are used together to achieve higher quality code, reduce development costs and improve project predictability.

{+} Download now


The Best Coding Standards Eliminate Bugs

How coding standards prevent the misuse of the C language. The case for coding standards to prevent bugs, security vulnerabilities and other errors from occurring during the software development process

{+} Download now


Understanding The Overlap Between Coding Standards

A primer on the rules used in HICPP, JSF++ and MISRA C++ standards and how to implement effective code compliance.

{+} Download now


Secure Coding Institute Research Report: Evaluating Software Security

An empirical study of how using static analysis to detect CERT-C secure coding violations in an open source software library improves security.

{+} Download now


A Guide to the MISRA Coding Standard: What you need to know

An overview of the MISRA coding standard, how its applicable to a broad range of industries and applications and the role of static analysis tools in standards enforcement and verification.

{+} Download now


A Primer on MISRA-C 2012

How will changes in MISRA impact your development process and supplier relationship?  We outline what is new in the MISRA C:2012 coding guidelines and how it will affect you.

{+} Download now


Guide to Achieving ISO 26262 Compliance Using Static Analysis

ISO 26262 is an automotive standard that places requirements on the quality of software, which static analysis tools are ideally positioned to enforce.

{+} Download now


Guide to Achieving IEC 61508 Compliance Using Static Analysis

Safety critical applications are being required to incorporate best practice development processes and use coding standards to demonstrate software quality. Static analysis tools are critical to this process.

{+} Download now


Guide to Achieving EN 50128 Compliance Using Static Analysis

Explore how EN 50128 compares with other process standards, the key differences and similarities and how static analysis tools can be deployed to help to comply with EN 50128 Functional Safety for Railway applications

{+} Download now


Achieving machinery functional safety according to IEC 61508, ISO 13849 and IEC 62061

Explore how these standards compare with other process standards, and how static analysis tools can be deployed to help to comply with comply with functional safety requirements in industrial automation applications

{+} Download now


The Business Case for Static Code Analysis Tools

10 key drivers that impact static analysis ROI. Explore scenarios based on code analysis of an actual open source project that demonstrates and quantifies ROI impact.

{+} Download now


Addressing Security Vulnerabilities at the Source

Learn about the need for application-level security in embedded systems software and connected device applications. Explore the inherent risks of certain programming languages, and how to find and remediate defects.

{+} Download now


Developing Secure Embedded Software: Quality Doesn't Equal Security

Embedded development presents the challenge of coding in a language that’s inherently insecure; and quality assurance does little to ensure security.  

{+} Download now


Addressing Security Vulnerabilities in Embedded Applications Using Best Practice Software Development Processes and Standards

Learn how to incorporate the CERT secure coding standard into your software development lifecycle. And leverage the CWE vulnerability database to protect against know vulnerabilities.

{+} Download now


How IoT is Making Security Imperative for All Embedded Software

To keep up with new demands posed by the Internet of Things (IoT), developers are under pressure to write and reuse more code than ever. And increases the likelihood that embedded devices are released with security vulnerabilities,

{+} Download now


Using Static Analysis to Overcome the Challenges of Reusing Code for Embedded Software

The broad range of hardware platforms, diversity of compilers, and intense global competition are making it increasingly infeasible to build embedded applications from scratch that are reliable, safe, and secure.

{+} Download now


Static Source Code Analysis: A Buyer’s Guide

Key decision criteria for selecting tools to develop embedded software that is more reliable, safe, and secure

{+} Download now


Succeeding With Static Code Analysis: An Implementation Guide

Lessons Learned: Avoiding Pitfalls and Following Best Practice Planning

{+} Download now


High Integrity C++ Coding Standard V4.0: An Overview

High Integrity C++ (HIC++), is one of the most respected, longest established and widely adopted C++ coding standards, more than 30,000 copies of this coding standard have been downloaded.

{+} Download now