Boston, MA. AdaCore, a provider of development and verification tools for critical software, chose the Embedded Systems Conference to release CodePeer 3.0, a major new version of its advanced static-analysis tool for the automated review and validation of Ada source code. CodePeer 3.0 includes a variety of enhancements that help developers detect potential run-time and logic errors early in the software life cycle, and its deep analysis can directly support formal certification against industry-specific safety standards.
Among the new benefits of CodePeer 3.0, tool qualification material for both the avionics and railway domains is available as a product option.
“With CodePeer 3.0, our customers can take advantage of the tool’s more robust capabilities for automated code review,” said Arnaud Charlet, CodePeer product manager at AdaCore. “By meeting stringent industry standards for tool usage in the aviation and rail industries, CodePeer has a proven track record in the most demanding systems and can help customers in any application domain. The tool simplifies the verification effort by detecting subtle bugs in both new code that is being developed, and in existing code bases that need to be analyzed for vulnerabilities.”
For avionics applications CodePeer has been qualified as a Software Verification Tool under DO-178B, a standard that is required by certification authorities such as the FAA in the U.S. In particular, CodePeer automates a number of verification activities defined in paragraph 6.3.4f (“Accuracy and consistency”) of the DO-178B standard. These activities include detecting errors such as values outside the bounds of an Ada type or subtype, buffer overflows, integer overflow or wraparound, division by zero, use of uninitialized variables, and floating point underflow. The DO-178B qualification material available as an option with CodePeer 3.0 demonstrates that the tool performs these activities.
CodePeer has also been qualified for EN50128, the highest international standard for safety integrity concerning software for railway control and protection, including communications, signaling, and processing systems. The EN50128 qualification material addresses the following:
- boundary value analysis to detect attempts to dereference a pointer that could be null, values outside the bounds of an Ada type or subtype, buffer overflows, integer overflow or wraparound, and division by zero;
- control flow analysis to detect suspicious and potentially incorrect control flows, such as unreachable code, redundant conditionals, loops that either run forever or fail to terminate normally, and subprograms that never return; and
- data flow analysis to detect suspicious and potentially incorrect data flows, such as variables that are read before they are written (uninitialized variables), variables written more than once without being read (redundant assignments), variables that are written but never read, and parameters with an incorrect mode (unread “in” parameter, unassigned “out” parameter).
CodePeer 3.0 also adds many new features, including support for precise IEEE 754 floating-point semantics, added flexibility in analyzing complex projects, improved support for legacy Ada compilers, more precise diagnostic messages, and a new check on parameter aliasing.
CodePeer is fully integrated into Adacore’s GNAT Pro development environment and comes with a number of complementary static analysis tools common to the technology—a coding standard verification tool (GNATcheck), a source code metric generator (GNATmetric), and a document generator.
A demo of the tool highlighting the new features introduced in CodePeer 3.0 will be available soon; for a demo of the previous version of the product visit http://www.adacore.com/knowledge/demos/codepeer-2-3/.
