SlideShare a Scribd company logo

Beyond Static Analysis: Integrating C and C++ Static Analysis with Unit Testing and More

Erika Barron
Erika Barron

The document discusses multiple error detection techniques for C/C++ software development. It outlines the strengths and weaknesses of code structure analysis, runtime memory monitoring, unit testing, and flow-based static analysis. It concludes that Parasoft C++test provides a comprehensive solution by applying these complementary techniques in an integrated tool, allowing it to be the most comprehensive quality solution for embedded C/C++.

TechnologyBusiness
1 of 8
Downloaded 14 times
1
2
3
4
5
6
7
8
Multiple Error Detection Techniques in C/C++ Software Development September 2009 Wiktor Grodowski Wiktor.Grodowski@parasoft.com
Introduction There is no silver bullet for software quality improvement Multiple error detection techniques exist—each with their own strengths and weaknesses Parasoft C++test provides a comprehensive solution to make software quality assurance effective and accurate Parasoft Proprietary and Confidential
Code Structure Analysis Strengths Facilitates coding standard compliance (MISRA C, MISRA C 2004, MISRA C++ 2008, JSF, HIS, and others) Exposes typical errors Prevents error-prone or dangerous constructs Low introduction cost Weaknesses No recognition of actual versus potential errors Parasoft Proprietary and Confidential
Runtime Memory Monitoring Strengths Detects actual severe errors with high accuracy Easy-to-use and natural way of software testing Makes a noticeable impact in a short time Weaknesses Covers only execution paths forced by the provided input and conditions to the application Parasoft Proprietary and Confidential
Unit Testing Strengths Provides means of extending coverage—especially for error/interrupt handlers Good for regression tests Weaknesses Relatively high creation and maintenance cost Problem with reproducing proper application state Parasoft Proprietary and Confidential
Flow-Based Static Analysis Strengths Examines code without actually executing it Uncovers real bugs Tests execution paths that are difficult to reach with traditional testing Weaknesses Requires additional human verification Parasoft Proprietary and Confidential
Summary C++test can apply various techniques for comprehensive error detection Code structure analysis Runtime memory monitoring Unit testing Flow-based static analysis C+test runs tests on the host and target With these complementary error detection methods well-integrated into a single tool, C++test is most comprehensive embedded C/C++ quality solution Parasoft Proprietary and Confidential
Q&A Contact: Wiktor.Grodowski@parasoft.com Parasoft Proprietary and Confidential

More Related Content

What's hot (20)

PPTX
Top 10 static code analysis tool
scmGalaxy Inc
 
DOCX
Resume
Senthil Ramamoorthy
 
PDF
Practical Guide To Software System Testing
vladimir zaremba
 
PDF
DevSecOps
Spv Reddy
 
ZIP
Epitech industrialisation 2012.key
Damien Seguy
 
PDF
Spring Framework Core Technologies
Dmitriy Gorban
 
PPT
TEA Presentation V 0.3
Ian McDonald
 
PDF
Static code analysis
Prancer Io
 
PPTX
Static Code Analysis
Obika Gellineau
 
DOC
RajeswaraRao_Resume_3years
Rajeswara K
 
DOCX
Ranjith kumar Nagisetty(AndiordApp and PostSiliconTest Engineer)_Resume
ranjith nagisetty
 
DOCX
John Emmanuel Nieves
John Emmanuel Nieves
 
PDF
How Virtual Compilation Transforms Static Code Analysis
Checkmarx
 
PPTX
Does static analysis need machine learning?
Andrey Karpov
 
PDF
An Antivirus API for Android Malware Recognition
Fraunhofer AISEC
 
PPT
Software coding and testing
Sandeep Kumar Nayak
 
PPTX
Static Code Analysis
Geneva, Switzerland
 
DOCX
Sandeep_Ingle_Embedded_Test_Engineer
Sandeep Ingle
 
DOCX
Resume_raviprakash singh
Raviprakash singh
 
PDF
Software Architecture: Test Case Writing
Sitdhibong Laokok
 
Top 10 static code analysis tool
scmGalaxy Inc
 
Resume
Senthil Ramamoorthy
 
Practical Guide To Software System Testing
vladimir zaremba
 
DevSecOps
Spv Reddy
 
Epitech industrialisation 2012.key
Damien Seguy
 
Spring Framework Core Technologies
Dmitriy Gorban
 
TEA Presentation V 0.3
Ian McDonald
 
Static code analysis
Prancer Io
 
Static Code Analysis
Obika Gellineau
 
RajeswaraRao_Resume_3years
Rajeswara K
 
Ranjith kumar Nagisetty(AndiordApp and PostSiliconTest Engineer)_Resume
ranjith nagisetty
 
John Emmanuel Nieves
John Emmanuel Nieves
 
How Virtual Compilation Transforms Static Code Analysis
Checkmarx
 
Does static analysis need machine learning?
Andrey Karpov
 
An Antivirus API for Android Malware Recognition
Fraunhofer AISEC
 
Software coding and testing
Sandeep Kumar Nayak
 
Static Code Analysis
Geneva, Switzerland
 
Sandeep_Ingle_Embedded_Test_Engineer
Sandeep Ingle
 
Resume_raviprakash singh
Raviprakash singh
 
Software Architecture: Test Case Writing
Sitdhibong Laokok
 

Viewers also liked (7)

PPTX
Tutorial 7: Advanced Functions and Conitional Formating
cios135
 
DOC
Microsoft excel shortcut keys
skftboy
 
PDF
Tally shortcut keys
Accounts Arabia
 
PDF
Advanced voucher entry tutorial in Tally ERP 9
Accounts Arabia
 
PDF
Tally assingment book
batle18
 
PDF
Tally 9-voucher-entry-questions
Sahub
 
PPTX
Ppt of tally
Vinod Sharma
 
Tutorial 7: Advanced Functions and Conitional Formating
cios135
 
Microsoft excel shortcut keys
skftboy
 
Tally shortcut keys
Accounts Arabia
 
Advanced voucher entry tutorial in Tally ERP 9
Accounts Arabia
 
Tally assingment book
batle18
 
Tally 9-voucher-entry-questions
Sahub
 
Ppt of tally
Vinod Sharma
 
Ad

Similar to Beyond Static Analysis: Integrating C and C++ Static Analysis with Unit Testing and More (20)

PDF
Java Defects
Erika Barron
 
PDF
Parasoft fda software compliance part2
Engineering Software Lab
 
PPT
Introduction to Parasoft C++TEST
Engineering Software Lab
 
PDF
Best Practices of Static Code Analysis in the SDLC
Parasoft_Mitchell
 
PPTX
Static Analysis Primer
Coverity
 
PDF
Secure Programming With Static Analysis
ConSanFrancisco123
 
PPTX
Zero-bug Software, Mathematically Guaranteed
Ashley Zupkus
 
PDF
Detection of vulnerabilities in programs with the help of code analyzers
PVS-Studio
 
PPTX
Static-Analysis-in-Industry.pptx
ShivashankarHR1
 
PDF
Embedded software static analysis_Polyspace-WhitePaper_final
TAMILMARAN C
 
PDF
Mathematically Guaranteeing Code Correctness with TrustInSoft
Ashley Zupkus
 
PDF
Software Security - Static Analysis Tools
Emanuela Boroș
 
PDF
Difficulties of comparing code analyzers, or don't forget about usability
Andrey Karpov
 
PDF
Difficulties of comparing code analyzers, or don't forget about usability
PVS-Studio
 
PDF
Difficulties of comparing code analyzers, or don't forget about usability
PVS-Studio
 
PDF
Beyond Breakpoints: A Tour of Dynamic Analysis
C4Media
 
PDF
Stale pointers are the new black - white paper
Vincenzo Iozzo
 
PDF
talk_2015_07_01_Imperial_College_slides
Nikolay Kosmatov
 
PPTX
Automating The Process For Building Reliable Software
guest8861ff
 
PPT
Verifcation &validation
ssusere50573
 
Java Defects
Erika Barron
 
Parasoft fda software compliance part2
Engineering Software Lab
 
Introduction to Parasoft C++TEST
Engineering Software Lab
 
Best Practices of Static Code Analysis in the SDLC
Parasoft_Mitchell
 
Static Analysis Primer
Coverity
 
Secure Programming With Static Analysis
ConSanFrancisco123
 
Zero-bug Software, Mathematically Guaranteed
Ashley Zupkus
 
Detection of vulnerabilities in programs with the help of code analyzers
PVS-Studio
 
Static-Analysis-in-Industry.pptx
ShivashankarHR1
 
Embedded software static analysis_Polyspace-WhitePaper_final
TAMILMARAN C
 
Mathematically Guaranteeing Code Correctness with TrustInSoft
Ashley Zupkus
 
Software Security - Static Analysis Tools
Emanuela Boroș
 
Difficulties of comparing code analyzers, or don't forget about usability
Andrey Karpov
 
Difficulties of comparing code analyzers, or don't forget about usability
PVS-Studio
 
Difficulties of comparing code analyzers, or don't forget about usability
PVS-Studio
 
Beyond Breakpoints: A Tour of Dynamic Analysis
C4Media
 
Stale pointers are the new black - white paper
Vincenzo Iozzo
 
talk_2015_07_01_Imperial_College_slides
Nikolay Kosmatov
 
Automating The Process For Building Reliable Software
guest8861ff
 
Verifcation &validation
ssusere50573
 
Ad

More from Erika Barron (19)

PDF
Parasoft PIE infographic
Erika Barron
 
PDF
Parasoft Case Study: Wipro
Erika Barron
 
PDF
Are Your Continuous Tests Too Fragile for Agile?
Erika Barron
 
PDF
Real World Static Analysis Boot Camp
Erika Barron
 
PPTX
Service Virtualization: Delivering Complex Test Environments on Demand
Erika Barron
 
PDF
How the Cloud Shifts the Burden of Security to Development
Erika Barron
 
PPTX
Static Analysis and the FDA Guidance for Medical Device Software
Erika Barron
 
PPTX
Creating Complete Test Environments in the Cloud
Erika Barron
 
PPTX
How To Avoid Continuously Delivering Faulty Software
Erika Barron
 
PPTX
12 Days of Coding Errors
Erika Barron
 
PDF
APIs Gone Wild - Star West 2013
Erika Barron
 
PPTX
Cloud migration slides
Erika Barron
 
PPT
Complex End-to-End Testing
Erika Barron
 
PDF
How the Grinch Stole Software Testing
Erika Barron
 
PDF
Service Virtualization
Erika Barron
 
PPT
Beyond Static Analysis: Integrating .NET Static Analysis with Unit Testing a...
Erika Barron
 
PPT
Beyond Static Analysis: Integrating Java Static Analysis with Unit Testing an...
Erika Barron
 
PDF
Software Development Graveyard
Erika Barron
 
PPT
The Development Graveyard: How Software Projects Die
Erika Barron
 
Parasoft PIE infographic
Erika Barron
 
Parasoft Case Study: Wipro
Erika Barron
 
Are Your Continuous Tests Too Fragile for Agile?
Erika Barron
 
Real World Static Analysis Boot Camp
Erika Barron
 
Service Virtualization: Delivering Complex Test Environments on Demand
Erika Barron
 
How the Cloud Shifts the Burden of Security to Development
Erika Barron
 
Static Analysis and the FDA Guidance for Medical Device Software
Erika Barron
 
Creating Complete Test Environments in the Cloud
Erika Barron
 
How To Avoid Continuously Delivering Faulty Software
Erika Barron
 
12 Days of Coding Errors
Erika Barron
 
APIs Gone Wild - Star West 2013
Erika Barron
 
Cloud migration slides
Erika Barron
 
Complex End-to-End Testing
Erika Barron
 
How the Grinch Stole Software Testing
Erika Barron
 
Service Virtualization
Erika Barron
 
Beyond Static Analysis: Integrating .NET Static Analysis with Unit Testing a...
Erika Barron
 
Beyond Static Analysis: Integrating Java Static Analysis with Unit Testing an...
Erika Barron
 
Software Development Graveyard
Erika Barron
 
The Development Graveyard: How Software Projects Die
Erika Barron
 

Recently uploaded (20)

PDF
[Newgen] NewgenONE Marvin Brochure 1.pdf
darshakparmar
 
PDF
The Rise of AI and IoT in Mobile App Tech.pdf
IMG Global Infotech
 
PPTX
Seamless Tech Experiences Showcasing Cross-Platform App Design.pptx
presentifyai
 
PPTX
Digital Circuits, important subject in CS
contactparinay1
 
PDF
CIFDAQ Market Wrap for the week of 4th July 2025
CIFDAQ
 
PDF
“Squinting Vision Pipelines: Detecting and Correcting Errors in Vision Models...
Edge AI and Vision Alliance
 
PDF
Newgen Beyond Frankenstein_Build vs Buy_Digital_version.pdf
darshakparmar
 
PDF
Automating Feature Enrichment and Station Creation in Natural Gas Utility Net...
Safe Software
 
PDF
“Voice Interfaces on a Budget: Building Real-time Speech Recognition on Low-c...
Edge AI and Vision Alliance
 
PDF
What’s my job again? Slides from Mark Simos talk at 2025 Tampa BSides
Mark Simos
 
PPTX
Mastering ODC + Okta Configuration - Chennai OSUG
HathiMaryA
 
PDF
Transforming Utility Networks: Large-scale Data Migrations with FME
Safe Software
 
PDF
How do you fast track Agentic automation use cases discovery?
DianaGray10
 
PDF
“Computer Vision at Sea: Automated Fish Tracking for Sustainable Fishing,” a ...
Edge AI and Vision Alliance
 
PPTX
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
PDF
NLJUG Speaker academy 2025 - first session
Bert Jan Schrijver
 
PPTX
Designing_the_Future_AI_Driven_Product_Experiences_Across_Devices.pptx
presentifyai
 
PDF
“NPU IP Hardware Shaped Through Software and Use-case Analysis,” a Presentati...
Edge AI and Vision Alliance
 
PDF
NASA A Researcher’s Guide to International Space Station : Physical Sciences ...
Dr. PANKAJ DHUSSA
 
PDF
The 2025 InfraRed Report - Redpoint Ventures
Razin Mustafiz
 
[Newgen] NewgenONE Marvin Brochure 1.pdf
darshakparmar
 
The Rise of AI and IoT in Mobile App Tech.pdf
IMG Global Infotech
 
Seamless Tech Experiences Showcasing Cross-Platform App Design.pptx
presentifyai
 
Digital Circuits, important subject in CS
contactparinay1
 
CIFDAQ Market Wrap for the week of 4th July 2025
CIFDAQ
 
“Squinting Vision Pipelines: Detecting and Correcting Errors in Vision Models...
Edge AI and Vision Alliance
 
Newgen Beyond Frankenstein_Build vs Buy_Digital_version.pdf
darshakparmar
 
Automating Feature Enrichment and Station Creation in Natural Gas Utility Net...
Safe Software
 
“Voice Interfaces on a Budget: Building Real-time Speech Recognition on Low-c...
Edge AI and Vision Alliance
 
What’s my job again? Slides from Mark Simos talk at 2025 Tampa BSides
Mark Simos
 
Mastering ODC + Okta Configuration - Chennai OSUG
HathiMaryA
 
Transforming Utility Networks: Large-scale Data Migrations with FME
Safe Software
 
How do you fast track Agentic automation use cases discovery?
DianaGray10
 
“Computer Vision at Sea: Automated Fish Tracking for Sustainable Fishing,” a ...
Edge AI and Vision Alliance
 
New ThousandEyes Product Innovations: Cisco Live June 2025
ThousandEyes
 
NLJUG Speaker academy 2025 - first session
Bert Jan Schrijver
 
Designing_the_Future_AI_Driven_Product_Experiences_Across_Devices.pptx
presentifyai
 
“NPU IP Hardware Shaped Through Software and Use-case Analysis,” a Presentati...
Edge AI and Vision Alliance
 
NASA A Researcher’s Guide to International Space Station : Physical Sciences ...
Dr. PANKAJ DHUSSA
 
The 2025 InfraRed Report - Redpoint Ventures
Razin Mustafiz
 

Beyond Static Analysis: Integrating C and C++ Static Analysis with Unit Testing and More

  • 1. Multiple Error Detection Techniques in C/C++ Software Development September 2009 Wiktor Grodowski [email protected]
  • 2. Introduction There is no silver bullet for software quality improvement Multiple error detection techniques exist—each with their own strengths and weaknesses Parasoft C++test provides a comprehensive solution to make software quality assurance effective and accurate Parasoft Proprietary and Confidential
  • 3. Code Structure Analysis Strengths Facilitates coding standard compliance (MISRA C, MISRA C 2004, MISRA C++ 2008, JSF, HIS, and others) Exposes typical errors Prevents error-prone or dangerous constructs Low introduction cost Weaknesses No recognition of actual versus potential errors Parasoft Proprietary and Confidential
  • 4. Runtime Memory Monitoring Strengths Detects actual severe errors with high accuracy Easy-to-use and natural way of software testing Makes a noticeable impact in a short time Weaknesses Covers only execution paths forced by the provided input and conditions to the application Parasoft Proprietary and Confidential
  • 5. Unit Testing Strengths Provides means of extending coverage—especially for error/interrupt handlers Good for regression tests Weaknesses Relatively high creation and maintenance cost Problem with reproducing proper application state Parasoft Proprietary and Confidential
  • 6. Flow-Based Static Analysis Strengths Examines code without actually executing it Uncovers real bugs Tests execution paths that are difficult to reach with traditional testing Weaknesses Requires additional human verification Parasoft Proprietary and Confidential
  • 7. Summary C++test can apply various techniques for comprehensive error detection Code structure analysis Runtime memory monitoring Unit testing Flow-based static analysis C+test runs tests on the host and target With these complementary error detection methods well-integrated into a single tool, C++test is most comprehensive embedded C/C++ quality solution Parasoft Proprietary and Confidential
  • 8. Q&A Contact: [email protected] Parasoft Proprietary and Confidential