Merit Automotive

CodeSonar Supports the Delivery of Quality Products to Meet Safety and Security Requirements.


Download PDF

Merit Automotive

Merit Automotive Electronics Systems is a global supplier of complex mechatronics modules and switches for the automotive industry. Merit’s customers include many of the world’s leading passenger and commercial vehicle manufacturers.

City street at night with long exposure light trails from traffic, against a backdrop of illuminated office buildings.

“The quality of our products starts with ensuring the quality of the software we develop. Good quality software is good for safety and security”

Man with short hair and glasses wearing a checkered shirt against a plain background.

Piotr Reczek

Software Team Leader for Merit

CodeSonar Integrates with Merit’s DevSecOps Process to Address Security and Functional Safety, Improve Code Quality, and Accelerate Projects.

It is highly likely that many of us have driven a vehicle with products installed from Merit Automotive Electronics Systems. The company’s switches and modules are designed to provide control steering column, seat, instrument panel, mirror, and window functions. Merit also develops the software embedded in these devices that enables how they function, conduct diagnostics, and communicate with the vehicle’s subsystem and network.

For Merit, delivering quality products that meet safety and security requirements is both integral to its success and that of its customers as they manufacture vehicles their drivers depend upon. “The quality of our products starts with ensuring the quality of the software we develop. Good quality software is good for safety and security,” stated Piotr Reczek, software team leader for Merit Merit’s software team is based in its research and development center in Krakow, Poland.

This is where the team develops and integrates the software embedded in the switches and modules the company manufactures. To meet quality, safety, and security requirements, the team follows guidelines and standards for developing code for automotive devices including Automotive SPICE (ASPICE), ISO 26262, and MISRA.

“To prove that we follow these standards, we need to run static analysis to generate a report for each project,” said Reczek. “If non-conformity is identified, we then need to show justification that the issue was fixed”

Merit chose CodeSonar as its static analysis testing solution for its development team as they were no longer satisfied with the tool they had been using. When evaluating CodeSonar, the development team found it easy to use, better for managing multiple projects, and provided the necessary integration capabilities to make the team more efficient.

With a development environment that includes Jenkins and GitHub, CodeSonar was able to seamlessly integrate into the developer workflow to automate static analysis testing. The development team now uses Jenkins to run static analysis testing with CodeSonar on every code commitment which is a more efficient process to generate testing results. Having CodeSonar integrated into its development process enables its developers to analyze all of the software they are developing.

This is especially important for Merit as static analysis testing is required by ASPICE, a standard for automotive software best practices. With over 100,000 lines of software code per switch and module, automating static analysis testing on a total code base of millions of lines of code was a must to fulfill the ASPICE requirement.

By testing regularly for the rules with CodeSonar, the development team can meet the rules requirement from the very beginning of a project. “CodeSonar gives us the ability to test our software code to a scope of hundreds of rules and metrics to ensure we are following the ASPICE best practices. Following ASPICE guidance and proving it with CodeSonar helps us ensure we are developing quality software,” added Reczek.

The next steps for the development team will be to start using CodeSonar for functional safety and security testing of software code. Automating more of the static analysis testing will enable more efficiencies for the development team to accelerate projects and take on more.

“Fulfilling quality, safety, and security requirements of our products gives our customers confidence in using Merit products in their vehicles,” stated Reczek.

Book a Demo

We’re ready to help you integrate SAST and BCA security into your DevSecOps flow. Get a personally guided tour of our solution offerings to ensure you are receiving the right solution for your development team. 

book now