CodeSonar

General

Name:	CodeSonar
Tool Provider:	GrammaTech Inc.
Supported Standards:	DO330 IEC61508 ISO26262
Description:	CodeSonar is a static code analysis tool. It is used to find and fix bugs and security vulnerabilities in source and binary code. It performs whole-program, inter-procedural analysis with abstract interpretation on C, C++, C#, Java, as well as x86 and ARM binary executables and libraries.
Use Cases:	Perform Analysis

Version 4.5

Description:	Version 4.5 of CodeSonar

Version 5.0

Description:	Version 5.0 of CodeSonar

Perform Analysis

Description:

Build and Analysis for C/C++ Projects

Build and analyze a project by observing the software build process invoked (if any), updating (or creating) the CodeSonar project file accordingly, performing the CodeSonar analysis, and outputting the result to a hub.

Safety-Impact:

yes

Inputs:

C/C++ Source Code:

Source code to be analyzed

Compiler Configuration File Template:

Compiler-dependent configuration file used for every CodeSonar project.

Configuration Presets:

Configuration which is pre determined

General Template:

Compiler-independent configuration file used for every CodeSonar project.

Outputs:

Analysis Results:

Results of the static C/C++ source code analysis

Supporting Information:

Explanatory text to the analysis results

Features:

Warning Class Groups :

ALLOC - An implementation of Alloc can allocate, reallocate, and deallocate arbitrary blocks of data

BADFUNC - Use of functions to detect a debugger and buffer overflows, to handle exceptions, control access, which have undefined behavior on failure, which require that certain precautions be taken, which are associated with temporary file vulnerabilities.

BADMACRO - Use of one of the macros from <stdarg.h> or input/output macros defined in <stdio.h> and <wchar.h> or the offset of preprocessor macro defined in <stddef.h>

BUILD - The compiler is either invoked with all warnings not enabled or with warnings not treated as errors.

CONCURRENCY - Warning classes of this category indicate how locks are acquired and released and whether it leads to deadlock or other undefined behavior.

HARDCODED - Warning classes of this category indicate if functions which have an authentication string, cryptographic key or cryptographic salt passed in a particular argument position have been passed a hardcoded string or hardcoded DNS name.

Potential errors:

#	Error	Safety-Impact	Mitigations for detections/avoidance	Final detection/avoidance probability
1	[Warning Class Groups ] False positive report in Warning Class Group A warning is issued by CodeSonar that does not correspond to a problem in the analyzed project.	impact_true	[Check] Analyze the generated report	HIGH
2	[Warning Class Groups ] Nothing other than false negatives in Warning Class Group CodeSonar does not detect any occurrences of rule violations	impact_true	[Test] TestSuite for CodeSonar	HIGH
3	[Warning Class Groups ] Some not user detectable false negatives in Addition Overflow of Allocation Size CodeSonar does not detect all occurrences of rule violations and user can not find all of them by other methods (like code coverage)	impact_true	[Check] Perform functional testing	HIGH
4	[Warning Class Groups ] Some user detectable false negatives in Addition Overflow of Allocation Size CodeSonar does not detect all occurrences of rule violations but user can find them by other methods (e.g. code coverage)	impact_true	[Check] Apply other method	HIGH
5	[Warning Class Groups ] Unintelligible report in Addition Overflow of Allocation Size Analysis result can't be understood (indistinct, unclear, indecipherable, unreadable, etc.)	impact_true	[Check] Analyze the generated report	HIGH

Qualifications

Validas QKit

Description:	The QKit is a standard Validas QKit using QST and TAU that automatically executes the qualification tests in the user environment. A qualification kit for the CodeSonar tool and the use case considered is: Perform Analysis Details on the planning and tests are removed for confidentiality reasons.
Qualfication method:	VALIDAS_QKIT
Identifications:	Version 4.5 Version 5.0
Use Cases:	Perform Analysis

Test suites and test cases

TestSuite for CodeSonar

Description:	This testsuite contains tests for use case described in the model
Flags:	Has Requirements Based Tests , Has Negative Tests , Has Boundary Tests , Has Equivalence Tests , Has Error Guessing Tests
# tests:	116
Errors:	Nothing other than false negatives in Warning Class Group

Mitigations

#	Mitigation	Detection/Avoidance probability	Detected/Avoided errors
1	[Check] Analyze the generated report Analyze the generated report for elimination of all rule violations Comment: This will detect false positives and unintelligible reports with a high probability.	HIGH	False positive report in Warning Class Group Unintelligible report in Addition Overflow of Allocation Size
2	[Check] Perform functional testing Perform functional testing to detect the related potential errors of CodeSonar Comment: Users of the QKit should always provide good functional test cases especially test cases that explore boundary conditions.	HIGH	Some not user detectable false negatives in Addition Overflow of Allocation Size
3	[Check] Apply other method Apply some other method, e.g. code coverage, to detect the related potential errors of CodeSonar	HIGH	Some user detectable false negatives in Addition Overflow of Allocation Size