IAR Systems secure code with updated MISRA C compliance
IAR Systems has announced an update of its static code analysis tool C-STAT, an add-on product completely integrated in the complete C/C++ compiler and debugger toolchain IAR Embedded Workbench. The latest version of C-STAT adds coverage for MISRA C:2012 Amendment 1.
C-STAT performs advanced code analysis to find potential issues. The analysis provides code alignment with industry standards like MISRA C:2012, MISRA C++:2008 and MISRA C:2004, and also detects defects, bugs, and security vulnerabilities as defined by the Common Weakness Enumeration (CWE) and CERT C.
In addition to this broad compliance, the updated version of C-STAT extends its coverage for the MISRA C:2012 Coding Standard through complete support for the MISRA C:2012, Amendment 1. This Amendment adds 14 additional rules to MISRA C:2012 with a focus on security concerns highlighted by the ISO C Secure Guidelines. Several of these rules address specific issues pertaining to the use of untrustworthy data, a well-known security vulnerability in many embedded applications.
“Since the launch of C-STAT five years ago, we have refined the technology according to customers’ requests, lately with a special focus on security through complete CERT C compliance launched earlier in 2020,” said Anders Holmberg, General Manager Embedded Development Tools, IAR Systems. “By adding coverage for MISRA C:2012, Amendment 1, we help our customers even further to ensure secure, high-quality code at an early stage of their projects.”
Fully integrated with the IAR Embedded Workbench IDE, C-STAT enables static analysis in a straightforward way and as a natural part of a developer’s daily development workflow. This helps developers to ensure their code is safe and of high quality at an early stage, which also aids companies to shorten their time to market as errors further down the line might be very time consuming and expensive to correct.