Scan your Code for Security Vulnerabilities
The Software Engineering Institute estimates that 90% of reported security incidents are a result of exploits against software design or coding defects. To help developers eliminate coding defects during the development cycle—long before they can be exploited by malevolent attackers —AdaCore has put together the GNAT Static Analysis Suite.
Through automated processes, the GNAT Static Analysis Suite helps developers achieve clean, secure, high-quality Ada code. Its tools were designed specifically for Ada and have been refined through decades of experience. The GNAT Static Analysis Suite allows you to automatically scan for a number of known security vulnerabilities, allowing you to concentrate manual code review of the most complex problems.
The premier Ada source code analyzer
CodePeer helps you find logic and run-time errors quickly, so you can eliminate them early in development when they’re far less expensive to correct.
An automated coding standard verification tool
GNATcheck automatically checks Ada applications for compliance with organizational and project-specific coding standard requirements. It allows developers to quickly check and clean up their code ahead of code reviews, code check-ins and QA reviews.
A utility for reporting source code metrics
GNATmetric takes your Ada source file and generates a report of the metrics you’ve selected. It saves you time and effort in meeting the reporting requirements of your software development standard. You can then use the results to help you improve the quality of your code.
Integration with Synopsys’ Coverity
Synopsys markets the Coverity® static analysis tool, which improves the reliability, safety, and security of applications written in a number of programming languages, including C and C++. To support Coverity customers needing static analysis for the Ada programming language, Synopsys is partnering with AdaCore. Synopsys customers will be able to use AdaCore’s GNAT Static Analysis Suite for Ada, integrated within the Coverity solution, providing a common interface to navigate static analysis results for all languages.