DEVOPSdigest

Parasoft announced the newest release of Parasoft C/C++test, the unified C and C++ development testing solution for enterprise and embedded applications.

The 10.4.3 release continues the product focus on streamlining safety-critical and security coding standards compliance and reporting, bringing to the market the most complete coverage for AUTOSAR C++14 and updated rule sets for detecting security weaknesses listed in the latest editions of CWE, including both the Top 25 and On The Cusp lists that have been updated for 2019.

This release positions Parasoft C/C++test as the market leader in AUTOSAR C++14 compliance, as the only tool supporting 100% of the required/automated guidelines. This completeness of guidelines coverage enables organizations to confidently adopt the AUTOSAR C++14 standard according to their needs without compromising the quality of their compliance process.

"Modern C++ is widely adopted and applied in the area of AI-based safety-critical systems, such as autonomous driving. The pressure for compliance is growing as the autonomous driving systems are becoming more mature and closer to the release. AUTOSAR C++ has become the primary choice for many organizations. The main challenge in implementing AUTOSAR C++ is the sheer volume of the standard with almost 400 guidelines," stated Mark Lambert, VP of Products at Parasoft. "To implement a compliance process, organizations have been trying to settle on a custom subset of AUTOSAR C++ guidelines which are selected based on their specific organization and projects. For this process to be effective, organizations need to leverage a tool that ideally supports all the guidelines that can be detected by static analysis, so there is no limitation to their compliance process."

"Our recent interactions with customers clearly show the growing maturity of compliance processes. Teams understand now that coding standards compliance is more than just a mandatory check-in the certification documentation and want to get the most value from the time and money invested in the process," said Miroslaw Zielinski, Product Manager at Parasoft. "We frequently see organizations building their own coding standards by extending a primary compliance target like AUTOSAR C++ with guidelines from other standards, for example, to create a more security-oriented ruleset. For this process to be effective, static analysis vendors must assure complete and up-to-date coverage for the most critical sets of guidelines defined by the industry."

With the 10.4.3 release, Parasoft C/C++test is the first tool on the market to support the latest edition (version 3.4) of CWE Top 25, and On The Cusp, that was released by MITRE on September 18, 2019. In the security world, the short turnaround time is critical to react to the always-changing landscape of threats. Parasoft C/C++test 10.4.3 includes static analysis checkers that detect the weaknesses from the newest CWE Top 25, and On The Cusp enumerations, enabling organizations to find and eliminate the most frequent and severe security issues.

Parasoft C/C++test's automotive and security compliance packs offer these rules in ready-to-use test configurations, along with dedicated compliance reporting that automatically generates the required documentation to reduce the manual overhead of compliance activities significantly. Parasoft offers compliance packs for a variety of safety-critical and security coding standards, including CERT C/C++, JSF, CWE, and more, enabling customers to achieve the required level of safety and security in their systems with a single static analysis tool, profoundly impacting productivity and reducing the cost of the compliance process.