The Toolset

SCT Primer

A budget-priced educational toolset designed to teach programmers about the problems of C on their own code, reinforcing the principles of our well-known Safer C course.

Features:

  • State of the art C parsing engine, tracking C99 which, to our knowledge, is the only toolset to use FIPS160 (the official C validation test suite used by NIST, the US government standards body) as part of its acceptance test and it parses this with no syntax or constraint violations other than those which must be diagnosed.
  • Includes state of the art data-flow analysis including pointer tracking.
  • 'Quick look' at a very large variety of undefined or dangerous uses of the C language based on the most extensive knowledge base in the world.
  • Provides information not otherwise available on how a code fragment is expected to behave on a particular target, including conversions, operator precedence and a number of other well-known areas of difficulty identified in its Safer C training course.
  • Contains animations of notorious areas of C such as conversions.
  • Contains a reference section currently consisting of a complete MISRA compliance suite with code examples, explanation, assessments of enforceability and special notes.
  • Multi-lingual capability.
  • Allows both compiler and tool personalities to be defined.
  • Ability to save output in both text form and html form suitable for intranet posting.
  • Project based with most recently used project stack for rapid project switching.
  • Simple, standard, intuitive GUI with extensive switchable balloon help and keyboard accelerators typical of modern applications and identical on all supported platforms.

SCT Inspector

This includes SCT Primer but adds many state of the art static analysis and measurement capabilities based on our detailed research. Comprehensive MISRA C support is also included in this component.

Features: As above but includes additionally..

  • The ability to enforce important public domain standards such as MISRA C and ANSI/ISO, 'out of the box'. The MISRA C checking includes a very sophisticated system for handling deviations as well as many other options for viewing warnings.
  • Well-known C code inspection checklist items to help both authors and code inspectors to understand what is happening and to judge compliance and risk.
  • The ability to define the user's own standards based around the toolset's internal knowledge base for forensic analysis.
  • Detects components statistically likely to be error-prone using Oakwood Computing's comprehensive research on software fault and failure.
  • Testability and inspection metrics.
  • Stack analysis.
  • Single variable data-flow tracking.
  • Interface quality against large C populations.
  • Object type and value browser.
  • Additional messages associated with C fault modes.
  • New file differencing capability to allow engineers to see only those anomalies associated with changes in a source module. This greatly eases static analysis in a legacy environment.
  • New MISRA deviation subset management.
  • New function digraph visualisation.

SCT Auditor

This includes SCT Inspector but adds the ability to analyse systems for quality globally and produce detailed reports automatically suitable for posting on Intranets to facilitate group inspection.

Features: As above but includes additionally..

  • A global analysis mode where entire systems are checked for self-consistency.
  • A sophisticated Intranet reporting system with user-definable categories from a large range of inspection priorities.
  • Hyper-linked reports on entire systems with all anomalies linked to the individual source modules.
  • Calling trees of whole systems which include lists of functions which are not referenced to allow the removal of dead code when space is tight. Called functions are colour tagged with popups to see fan and other metrics.
  • Various graphical metric plots utilising our latest research in this area.

SCT Tester

This includes SCT Inspector but complements the static analysis by adding a unique dynamic analysis capability allowing many run-time failures to be detected as well as measuring coverage and detecting non robust arithmetic at run-time. This toolset component is only available as part of a consultancy agreement. Please contact us for details.

Features: As above but includes new run-time detection functionality..

  • The ability to detect approximately 200 forms of expression and library based run-time failures including overflows, division by zero, loss of precision, illegally dereferenced pointers, illegal file access and pointer abuse.
  • The ability to detect various forms of heap and stack abuse.
  • Can optionally measure coverage in various forms
  • Can detect non-robust use of arithmetic based on our research in computational physics.
  • Portable across a wide-range of architectures including some embedded architectures.
  • SCT Tester can also suggest unit test cases.

SCT Engine

The parsing engine of the Safer C Toolset is available for use in batch processing environments as part of a quality control system for example. It consists of four components which can be wired together in innumerable ways to access the full power of this FIPS 160 tested parsing engine. Documentation and script examples for both Windows and Unix platforms are included. Please contact us for more details.