Static code analysis tools are foundational to modern software development.

The advantages of a modern static analysis tool like PC-lint Plus are its swift execution and the immediate availability of results within your programming environment. This not only amplifies productivity but also reduces maintenance expenses and the need for corrections. The end result is enhanced reliability, security, and code quality.

PC-lint Plus comes with a comprehensive rule set covering widely recognized coding standards such as MISRA, CERT-C and AUTOSAR. With an unparalleled focus on seamless integration and automation, PC-lint Plus stands out as the definitive solution for consistent, reliable, and superior quality C and C++ source code analysis. Our latest version has been redesigned from the ground up to meet the demands of modern software development and prepare for future challenges.

Why Static Analysis?

Target Coding Risks

Analyze source code to pinpoint potential challenges before compiling, integrating, or porting. Target unusual constructs which might become sources of undetected errors.

Layer Your Analysis

Static code analysis tools for C/C++ offer a unique advantage alongside dynamic methods. They deliver an extra layer of code examination to identify issues that might otherwise go unnoticed.

Comply with Coding Standards used in Safety Critical Applications

Enforce compliance with industry coding standards including MISRA C and C++, AUTOSAR, and CERT C, customize detection of individual guidelines, and easily support guideline deviations with precise diagnostic suppressions. The PC-lint Plus Reference Manual includes a detailed coding guideline support matrix and a more detailed version breakdown for MISRA C 2004, MISRA C++ 2008, MISRA C 2012 including AMD-1 and AMD-2, CERT C, and AUTOSAR.

Identify Defects and Vulnerabilities

There are many different kinds of serious code flaws, and PC-lint Plus offers a diverse range of detection capabilities for improved software quality confidence. Detect pointer safety and memory lifetime issues like buffer overflows and use after free by using our Value Tracking data flow analysis engine and built-in Function Semantics for C and C++ standard libraries. Check stack usage and identify recursive functions and call chains. Find unreachable code indicating design inconsistencies.

Many famous software bugs could have been prevented through judicious static analysis. Identify defects during development instead of waiting for potentially catastrophic consequences in production.

Static Application Security Testing (SAST)

From a security point of view, an important aspect of implementing embedded software is the chosen programming language. Each has gaps in covering cybersecurity-related criteria, which can lead to undefined program behavior and exploitable vulnerabilities. Programmers must therefore apply appropriate coding standards.

For implementations in C and C++, MISRA C:2012 and CERT C have proven themselves and their application is required in standards like the ISO/SAE 21434:2021 (Road vehicles – Cybersecurity engineering). You can reliably check compliance with these guidelines using PC-lint Plus. The tool can be seamlessly integrated into your development environment. PC-lint Plus is certified for functional safety and is suitable as a Static Application Security Testing (SAST) tool to detect security vulnerabilities at an early stage.

Latest News

PC-lint Plus 2.0 Released

Best-in-class code metrics solution supporting reports, arbitrarily complex metric thresholds, natural language diagnostics, and custom

Company

Vector Informatik Acquires USA-Based Gimpel Software LLC

Vector Informatik has a long experience in providing dynamic testing solutions for embedded and distributed systems that extend from low level unit testing through system testing. This acquisition extends that testing portfolio by adding “PC-lint Plus”, a solution for code-centric static analysis.