Compile-Time Analysis Spots Quality and Security Problems

  • Page 1 of 1
    Bookmark and Share

An enhanced compile-time analysis tool identifies quality and security problems, helping companies to avoid failures in the field. CodeSonar 3.6 from GrammaTech provides a radically improved graphical user interface (GUI) to streamline developer interaction and boost productivity. In addition, CodeSonar 3.6’s analysis engine is more efficient. For large code bases, the analysis time has been reduced by as much as a third.

CodeSonar is an advanced static-analysis tool that performs a whole-program, interprocedural analysis on code and identifies complex programming bugs that can result in system crashes, memory corruption and other serious problems. Like a compiler, CodeSonar does a build of the code. However, instead of creating object code, CodeSonar creates an abstract model of the program, capturing information about the program’s control flow and the relationships between data. The program model is executed symbolically by CodeSonar’s analysis engine. Automated reasoning about feasible paths and program variables is used to identify tricky defects, including defects that result from complex interactions among procedures. CodeSonar 3.6 is available today starting at $18,000 for small projects. Licenses for larger projects are based on the size of the project. 

GrammaTech, Ithaca, NY. (607) 273-7340. [].