Audience
Professionals and organizations seeking a static analysis tool to ensure code quality in their applications
About C-STAT
Static analysis helps you to find potential issues in your code by doing an analysis on the source code level. C-STAT includes almost 700 checks in total, some comply with rules as defined by MISRA C:2012, MISRA C++:2008 and MISRA C:2004 and more than 250 checks mapping to issues covered by CWE. In addition, it checks compliance with the coding standard CERT C for secure coding. C-STAT executes fast and provides you with comprehensive and detailed error information. You don't need to worry about complex tool setup and struggle with language support and general build issues. C-STAT is completely integrated in the IAR Embedded Workbench IDE and enables you to easy ensure code quality in your daily development flow. It's available for most IAR Embedded Workbench products. Static analysis finds potential issues in code by doing an analysis on the source code level. In addition to raising the code quality, the analysis also aids alignment with industry coding standards.
Other Popular Alternatives & Related Software
Helix QAC
For over 30 years, Helix QAC has been the trusted static code analyzer for C and C++ programming languages. With its depth and accuracy of analysis, Helix QAC has been the preferred static code analyzer in tightly regulated and safety-critical industries that need to meet rigorous compliance requirements. Often, this involves verifying compliance with coding standards, such as MISRA and AUTOSAR, and functional safety standards, such as ISO 26262. Helix QAC is certified for functional safety compliance by TÜV-SÜD, including IEC 61508, ISO 26262, EN 50128, IEC 60880, and IEC 62304. In addition, it is also certified in ISO 9001 | TickIT plus Foundation Level, which is one of the most widely adopted standards to ensure that your requirements are not only met but exceeded as well. Prioritize coding issues based on the severity of risk. Helix QAC helps you to target the most critical defects using filters, suppressions, and baselines.
Learn more
DoubleCheck Code Analysis
When it comes to ensuring software quality, reliability, and security in today's sophisticated code bases, traditional debugging and testing methods simply fall short. Automated tools such as static source code analyzers are more effective in finding defects that could result in buffer overflows, resource leaks, and other security and reliability issues. This class of defects are often not detected by compilers during standard builds, run-time testing, or typical field operation. While other source code analyzers run as separate tools, DoubleCheck is an integrated static analyzer, built into the Green Hills C/C++ compiler. DoubleCheck leverages accurate and efficient analysis algorithms that have been tuned and field-proven in 30+ years of producing embedded development tools. DoubleCheck can be used as a single integrated tool to perform compilation and defect analysis in the same pass.
Learn more
Klocwork
Klocwork static code analysis and SAST tool for C, C++, C#, Java, and JavaScript identifies software security, quality, and reliability issues helping to enforce compliance with standards. Built for enterprise DevOps and DevSecOps, Klocwork scales to projects of any size, integrates with large complex environments, a wide range of developer tools, and provides control, collaboration, and reporting for the entire enterprise. This has made Klocwork the preferred static analyzer that keeps development velocity high while enforcing continuous compliance for security and quality. Use Klocwork static application security testing (SAST) for DevOps (DevSecOps). Our security standards identify security vulnerabilities, helping to find and fix security issues early and proving compliance to internationally recognized security standards. Klocwork integrates with CI/CD tools, containers, cloud services, and machine provisioning making automated security testing easy.
Learn more
Kiuwan Code Security
Security Solutions For Your DevOps Process.
Automatically scan your code to identify and remediate vulnerabilities. Compliant with the most stringent security standards, such as OWASP and CWE, Kiuwan Code Security covers all important languages and integrates with leading DevOps tools.
Effective static application security testing and source code analysis, with affordable solutions for teams of all sizes. Kiuwan includes a variety of essential functionality in a single platform that can be integrated directly into your internal development infrastructure.
Fast Vulnerability Detection: Easy and instant setup. Start scanning and get results in just minutes.
DevOps Approach To Code Security: Integrate Kiuwan with your Ci/CD/DevOps pipeline to automate your security process.
Flexible Licensing Options: Plenty of options, one time scans or continuous scanning. Kiuwan also offers a Saas or On-Premise model.
Learn more
Pricing
Free Trial:
Free Trial available.
Company Information
IAR Systems
Founded: 1983
Sweden
www.iar.com/products/c-stat/
Videos and Screen Captures
You Might Also Like
Relax: PRTG Monitors Your IT for You
You’re the go-to IT person, always putting out fires and keeping things running. With PRTG, you get reliable alerts to monitor your entire IT infrastructure, without the noise. Our intuitive setup gives you a clear overview of your network, devices, and applications in real time. Get instant alerts only when something needs your attention, whether you’re at your desk or on the move. Spend less time worrying about outages and more time focusing on what matters. Set up PRTG once and let it work for you - PRTG has you covered.
Product Details
Platforms Supported
Cloud
Training
Documentation
Live Online
Webinars
In Person
Videos
Support
Phone Support
Online