GNATcheck - Coding Standard Verification Tool
Coding standards checking is a ubiquitous part of the peer review activity in the typical software development lifecycle. Many times, these checks can uncover potential bugs and vulnerabilities that may have slipped through to production. The GNATcheck coding standard verification tool for Ada allows software developers and software reviewers to automatically check Ada applications for compliance with organizational and project specific coding standard requirements.
You can consider a coding standard as a “best practice” guideline, or the do’s and don’ts, that guide your application development towards the safest and most secure solution. GNATcheck allows developers to follow best practices by automatically checking code, beyond what the Ada compiler already offers, against a configurable set of rules ranging from feature restrictions, portability concerns, style guides, and more. When used with the GNAT Pro development tool suite, developers have the ability to check their software before code reviews, prior to code check ins, and during QA.
GNATcheck also allows software auditors and security professionals to analyze an application for potential safety and security vulnerabilities and check for coding standard compliance using a single, integrated user interface and reporting system via its integration with the CodePeer Advanced Static Analysis tool.
Configurable Rule Sets
The GNATcheck tool has a number of predefined rules that developers can choose from when creating a GNATcheck rule document. Rules fall into various categories:
- Style Related Rules - GNATcheck can check for the usage of non-portable features, certain object orientation or tasking features, program structures, readability, and other programming practices that may be unsatisfactory to your coding standard guidelines.
- Feature Related Rules - Certain Ada languages features might be outside of the acceptable set allowed by a program. GNATcheck can ensure that developers don’t accidentally introduce features such as anonymous subtypes, usage of numeric literals, float equality checks, and more.
- Metric Related Rules - In order to ensure readability and testability for long lived software projects, GNATcheck can enforce compliance with specific metrics by checking that metrics computed for a program lie within user-specified bounds. Metrics computations include Essential Complexity, Cyclomatic Complexity, and Logical SLOC per subprogram.
For a complete list of predefined rules, visit the GNATcheck documentation.
Software reviewers have the ability to apply these rules with as fine of a granularity as needed, making it easy to transition a legacy code base without an enforced coding standard to a compliant application with relative ease. Rules can also be mapped to aliases allowing a direct mapping between defined coding standards and GNATcheck results.
In addition, GNATcheck comes with a query language (called LKQL) which allows you to write your own custom checks easily. For more details, see Writing Your Own Rule in the GNATcheck documentation.
Coding standard enforcement is a key requirement of various software certification standards such as DO-178B/C and EN 50128 and industry standardizations such as FACE™. AdaCore’s team of certifications experts have helped teams navigate the complicated nature of software certification and tool qualifications by providing customized solutions that satisfy certification requirements. AdaCore can provide off-the-shelf qualification material for GNATcheck for DO-178B/C and EN 50128.
The GNATcheck tool has been qualified for DO-178B/C and EN 50128 applications to ensure the strictest compliance to application safety and security. To learn more about AdaCore’s certification expertise and GNATcheck tool qualification please contact us.