Standards Compliance 

Deliver Safe, Secure, and Compliant Software at the Speed of Innovation.

Deliver Safe, Secure, and Compliant Software at the Speed of Innovation

Safety-critical software plays a critical role in systems ranging from basic to highly sophisticated, from applications such as basic servo actuation in a public water delivery system to crash avoidance systems in the latest generation of automobiles to robotic surgery systems. This increased role of software means greater scrutiny of software development practices and industry standards that codify the best of these practices. 

Meet Functional Safety Certifications 

Given the increased use of software in mission-critical and safety-critical applications it’s critical that software follows standards that specify how developers should write code to increase its readability and reliability. CodeSonar automates both the detection and prevention of critical software defects. Some of the use cases include:

  • IEC 61508Functional Safety of Electric / Electrical / Programmable Electronic Safety-Related Systems
  • ISO 26262 (Automotive software) – Road Vehicles Functional Safety
  • DO 178C / DO 330 (Airborne systems) – Software Considerations in Airborne Systems and Equipment Certification / Software Tool Qualification Considerations
  • IEC 62443 (Industrial systems) – Security for Industrial Automation and Control Systems
  • IEC 62304 / ISO 13485 (Medical Devices) – Medical Device Software – Software Life Cycle Management / Medical Devices – Quality Management Systems. Requirements for Regulatory Purposes
  • EN 50128 (Railway systems) – Railway Applications. Communication, Signaling, and Processing Systems. Software for Railway Control and Protection Systems

Ensure Coding Standard Compliance and Enforcement 

Central to each of these functional safety standards are safe and secure coding. Static analysis is a crucial capability in supporting all standards. Static analysis simplifies the enforcement of coding standards across teams, improving the overall compliance for a required certification standard as well as code quality. CodeSecure supports the following standards:

  • AUTOSAR (AUTomotive Open System ARchitecture)
  • DISA-STIG (Security Technical Implementation Guide)
  • ISO/IEC TS 17961 (C Secure Coding Rules Technical Specification)
  • JPL (JPL Institutional Coding Standard for the C Programming Language)
  • Power of Ten (NASA Jet Propulsion Lab)
  • MISRA (Motor Industry Software Reliability Association)
  • MITRE CWE (Common Weakness Enumeration)
  • OWASP (Open Worldwide Application Security Project)
  • CERT (Software Engineering Institute Computer Emergency Response Team)
  • JSF++ (Lockheed Martin Corporation)

Click on a link to find out more.

CodeSonar Safety Documentation Kit

Using Static Analysis in Functional Safety Projects

What is a Functional Safety Documentation Kit

Many critical processes in our lives today are controlled by software systems, from airplanes to power grids, to nuclear power plants to self-driving cars, to infusion pumps to trains. The software in these devices is becoming ever more complex and development teams can use all the help they can get to develop these devices quicker while maintaining high safety standards. Static analysis is here to help.

Many functional safety standards such as IEC 61508, ISO 26262, CENELEC EN 50128, and DO178 B/C either recommend or mandate the use of static analysis to improve code quality and enforce coding standards. CodeSonar is specifically developed to assist software developers in building these safety and security-critical software systems. Its high levels of defect recall, its whole program, deep analysis using abstract execution, the elaborate explanations of warnings, including warning paths and code navigation, and the extensibility make it a favorite for developers of systems that cannot fail.

Static analysis is a great help during the software development phase, but it can also be a great time-saver in the functional safety process. This is where the CodeSonar Safety Documentation Kit comes in. This kit contains functional safety certificates issued by Exida that describe the qualification level that CodeSonar has reached for the various safety standards, complete with the report of that assessment. It also includes a Tool Safety Manual that has information as to how the team can best utilize CodeSonar in the functional safety process.

This Safety Documentation Kit is particularly useful for teams developing software that has to adhere to IEC 61508, ISO 26262, and CENELEC EN 50128.

CodeSonar is also frequently used in avionics-related projects that have to adhere to the DO178C safety standard. The DO-330 document describes how tools can be qualified for this standard. DO-178C is a lot more project-specific and CodeSecure has experience in working with customers on certification for this standard, together with our partner Afuzion. AFuzion provides DO-178C Training and Certification Services. Have a look at their free DO-178C Introduction whitepaper here. Cyber security is also rapidly becoming a requirement in avionics projects, these requirements are described in the DO-326A and ED202A document set. 

Download CodeSonar Functional Safety Documentation, Certified by Exida:

Our Customers

  • “CodeSonar does a better job of finding the more serious problems, which are often buried deep in the code and sometimes hidden by unusual programming constructs that are hard for other static analysis tools to parse.” GE Aviation

    GE Aviation

  • “The quality of our products starts with ensuring the quality of the software we develop. Good quality software is good for safety and security”


    Piotr Reczek

    Software Team Leader for Merit

Case Studies

Learn how customers gain value using CodeSecure’s solutions via case studies in medical, aerospace, tech, and more.

Browse all Case Studies
  • eLeapPower

    The Challenge: Finding a scalable Static Application Security Testing (SAST) solution to support a lean team of experienced software engineers as they innovate new solutions while adhering to strict software cybersecurity and functional safety requirements in the auto industry.

    Learn More
  • LeddarTech

    The Challenge: To build the LeddarVision software platform according to automotive industry requirements, starting in the design stage, and integrate checks in the development workflow in compliance with ISO26262 functional safety requirements for road vehicles, MISRA C, MISRA C++ and AUTOSAR C++ coding standards and security requirements such as CERT C++.

    Learn More
  • Telit

    CodeSecure Helps Telit Deliver Safety Faster. Telit is a global leader in cellular-based M2M and Internet of Things (IoT) solutions that have been connecting the world from the inside out for nearly 20 years.

    Learn More
  • Piper

    Transportation – CodeSecure Helps Optimize Smart Sensors and Technologies to Increase Transportation Throughput.

    Learn More
  • Petroleum Experts

    Industrial – CodeSecure Helps Deliver High Quality, Safe, Secure Software and Ensure Customer Satisfaction.

    Learn More
  • NASA-White Sands: The Benefit of Static Analysis

    Aerospace – CodeSecure Contributes to NASA Study Exploring the Benefits of Static Analysis.

    Learn More

Related Resources

View all blog posts
  • EU CRA: Good Intentions, Impossible Requirements

    Read More
  • Gen-AI Won’t Replace Humans – or SAST – In the SDLC

    Read More
  • What Lurks in Your SDK?!?

    Read More
  • Threat Modeling for Embedded Systems

    Read More
  • Can AI Help Fix Security Vulnerabilities?

    Read More
  • SBOMs for Medical Devices

    Read More
  • SBOMs Critical to Software Supply Chain Security

    Read More
  • I Have An SBOM, Now What ?!?

    Read More

Book a Demo

We’re ready to help you integrate SAST and BCA security into your DevSecOps flow. Get a personally guided tour of our solution offerings to ensure you are receiving the right solution for your development team. 

book now