Micrel Medical Devices
CodeSonar Provides Superior Standards Support to Meet Coding Compliance Needs.
Download PDFMicrel Medical Devices
COMPLIANCE SUPPORT AND REPORTING FEATURES
With over 30 years of experience in the ambulatory infusion systems market, Micrel provides therapy-specific solutions that make medication infusion simpler and safer. In response to the evolving standards environment, and in line with their commitment to safety and quality, Micrel decided to incorporate static analysis in its software development life cycle. When it came time to choose a static analysis tool, Micrel chose CodeSonar.
“We were impressed by CodeSonar’s accuracy and quality of defect identification compared to the competition“
Mr. Achilleas Tsoukalis
R&D Director at Micrel
Micrel Medical Devices Chooses CodeSonar
Micrel started with its own internal coding standards, which had evolved over the years. Their standards were initially built by summarizing findings from code reviews and test results and integrating these along with additional factors such as safety, expandability, modularity, readability, and efficiency.
When Micrel chose to add an external coding standard to their development process, they carefully evaluated these standards and chose to adopt the NASA/JPL coding standards and the Power of 10 Rules, created by Gerard J. Holzmann of the NASA/JPL Laboratory for Reliable Software. The development team found them to be the best fit to match their internal coding standards and in addition to matching Micrel’s commitment to code safety, adopting this esteemed standard allowed Micrel to demonstrate to regulatory bodies a tangible reference point for the code compliance of its products.
Adopting a Static Analysis
Tool Driven by their commitment to continuous process improvement, Micrel set out to find a static analysis tool that would enable the organization with compliance metrics for its own coding standard within each software iteration, while also providing an additional robust layer of analysis on top of the development team’s standard practices.
So, Micrel’s R&D team devised an “extreme testing” regimen to identify the most advanced static analysis tool, capable of not only delivering the precision and depth of analysis necessary to support their product line, classified by the FDA as Class II B but also capable of supporting their internal and external coding standards.
During the evaluation phase, static analysis tools from major vendors were tested using the same code base. The tools were judged on many factors, including ease of use, compatibility with their coding standards, depth of analysis, and overall fit with Micrel’s development process.
Price, while important, was not the decisive factor because performance – as defined by the ability to assure the highest quality software – was ultimately the most important factor. After months of rigorous testing, Micrel chose CodeSonar from CodeSecure.
One of the reasons CodeSonar was a superior fit for their coding standard compliance needs was because it already had native support for the JPL standard and allowed Micrel to modify that was also judged to be a strong feature of CodeSonar because it was not restricted to a graphical compliance metric representation, providing text output that could be compared easily with previous outputs from earlier code versions.
Towards their goal of providing an additional robust layer of analysis on top of standard practices, Micrel determined that CodeSonar excelled at finding hard-to-track defects that were deeply hidden within the code structure and would take a huge amount of testing effort to identify manually. Static analysis, no matter how robust, will not replace testing at Micrel – but it now provides the organization with an additional, more efficient way of improving its safety practices.
“We were impressed by CodeSonar’s accuracy and quality of defect identification compared to the competition,” Mr. Achilleas Tsoukalis, Micrel’s R&D Director explained. “It performed extremely well in the tests and delivered the deepest analysis of our test code base. CodeSonar is now part of our software development process because it is a key tool for helping us deliver the most reliable code.”
Book a Demo
We’re ready to help you integrate SAST and BCA security into your DevSecOps flow. Get a personally guided tour of our solution offerings to ensure you are receiving the right solution for your development team.
book now