Deliver Safe, Secure, and Compliant Software at the Speed of Innovation.
Deliver Safe, Secure, and Compliant Software at the Speed of Innovation
Safety-critical software plays a critical role in systems ranging from basic to highly sophisticated, from applications such as basic servo actuation in a public water delivery system to crash avoidance systems in the latest generation of automobiles to robotic surgery systems. This increased role of software means greater scrutiny of software development practices and industry standards that codify the best of these practices.
Meet Functional Safety Certifications
Given the increased use of software in mission-critical and safety-critical applications it’s critical that software follows standards that specify how developers should write code to increase its readability and reliability. CodeSonar automates both the detection and prevention of critical software defects. Some of the use cases include:
- IEC 61508 – Functional Safety of Electric / Electrical / Programmable Electronic Safety-Related Systems
- ISO 26262 (Automotive software) – Road Vehicles Functional Safety
- DO 178C / DO 330 (Airborne systems) – Software Considerations in Airborne Systems and Equipment Certification / Software Tool Qualification Considerations
- IEC 62443 (Industrial systems) – Security for Industrial Automation and Control Systems
- IEC 62304 / ISO 13485 (Medical Devices) – Medical Device Software – Software Life Cycle Management / Medical Devices – Quality Management Systems. Requirements for Regulatory Purposes
- EN 50128 (Railway systems) – Railway Applications. Communication, Signaling, and Processing Systems. Software for Railway Control and Protection Systems
Ensure Coding Standard Compliance and Enforcement
Central to each of these functional safety standards are safe and secure coding. Static analysis is a crucial capability in supporting all standards. Static analysis simplifies the enforcement of coding standards across teams, improving the overall compliance for a required certification standard as well as code quality. CodeSecure supports the following standards:
- AUTOSAR (AUTomotive Open System ARchitecture)
- DISA-STIG (Security Technical Implementation Guide)
- ISO/IEC TS 17961 (C Secure Coding Rules Technical Specification)
- JPL (JPL Institutional Coding Standard for the C Programming Language)
- Power of Ten (NASA Jet Propulsion Lab)
- MISRA (Motor Industry Software Reliability Association)
- MITRE CWE (Common Weakness Enumeration)
- OWASP (Open Worldwide Application Security Project)
- CERT (Software Engineering Institute Computer Emergency Response Team)
- JSF++ (Lockheed Martin Corporation)
CodeSonar Safety Documentation Kit
Using Static Analysis in Functional Safety Projects
What is a Functional Safety Documentation Kit
Many critical processes in our lives today are controlled by software systems, from airplanes to power grids, to nuclear power plants to self-driving cars, to infusion pumps to trains. The software in these devices is becoming ever more complex and development teams can use all the help they can get to develop these devices quicker while maintaining high safety standards. Static analysis is here to help.
Many functional safety standards such as IEC 61508, ISO 26262, CENELEC EN 50128, and DO178 B/C either recommend or mandate the use of static analysis to improve code quality and enforce coding standards. CodeSonar is specifically developed to assist software developers in building these safety and security-critical software systems. Its high levels of defect recall, its whole program, deep analysis using abstract execution, the elaborate explanations of warnings, including warning paths and code navigation, and the extensibility make it a favorite for developers of systems that cannot fail.
Static analysis is a great help during the software development phase, but it can also be a great time-saver in the functional safety process. This is where the CodeSonar Safety Documentation Kit comes in. This kit contains functional safety certificates issued by Exida that describe the qualification level that CodeSonar has reached for the various safety standards, complete with the report of that assessment. It also includes a Tool Safety Manual that has information as to how the team can best utilize CodeSonar in the functional safety process.
This Safety Documentation Kit is particularly useful for teams developing software that has to adhere to IEC 61508, ISO 26262, and CENELEC EN 50128.
CodeSonar is also frequently used in avionics-related projects that have to adhere to the DO178C safety standard. The DO-330 document describes how tools can be qualified for this standard. DO-178C is a lot more project-specific and CodeSecure has experience in working with customers on certification for this standard, together with our partner Afuzion. AFuzion provides DO-178C Training and Certification Services. Have a look at their free DO-178C Introduction whitepaper here. Cyber security is also rapidly becoming a requirement in avionics projects, these requirements are described in the DO-326A and ED202A document set.
Download CodeSonar Functional Safety Documentation, Certified by Exida:
Learn how customers gain value using CodeSecure’s solutions via case studies in medical, aerospace, tech, and more.