GNATcheck is available as part of the GNAT Static Analysis Suite
GNATcheck makes the task of reviewing code against best practices less time-consuming and less tedious.
GNATcheck is an automated coding standard verification tool. It automatically checks Ada applications for compliance with organizational and project-specific coding standard requirements.
You can think of GNATcheck as your best-practice shepherd, diligently keeping your code within the safe boundaries of your coding rules. It helps guide your code toward its most secure solution.
GNATcheck has been qualified for use in DO-178B/C and EN 50128 environments for our customers who must comply with those standards.
Greater Software Security with Less Effort
According to the Software Engineering Institute, 90% of software security breaches result from exploits against design or coding defects. Adherence to security best practices like secure coding standards can help minimize these defects.
Enforcing those standards through manual code reviews, however, is no longer a viable option. Not only is the practice tedious and time-consuming; it's also error-prone due to the fatigue reviewers experience over the long hours the task requires.
By automating coding standards compliance review, GNATcheck saves developers, reviewers, auditors and security professionals time, aggravation and headaches. Best of all, it frees them to focus their attention and expertise where they are needed most: verifying and correcting coding errors before they slip through to production.
Keeps Code Clean, Uniform, and Up to Standard
When used with the GNAT Pro development tool suite, GNATcheck allows developers to quickly check and clean up their code ahead of code reviews, code check-ins, and QA reviews.
Using GNATcheck helps you keep code uniform across the organization. That makes your code easier to read and interpret by other members of your team, which helps improve collaboration.
A Learning Tool for Assimilation of Best Practices
Regular use of GNATcheck helps developers learn and ingrain the best practices enumerated in their coding standards. Assimilation of coding best practices reduces the number of errors young developers put in their code and speeds up their contribution to the organization.
The fewer defects developers put in their code, the fewer they will have to correct later.
A Wide-Ranging Library of Predefined Coding Rules
GNATcheck helps developers follow best practices by automatically checking code—beyond what the Ada compiler already offers—against a configurable set of rules.
The GNATcheck tool has a number of predefined rules that developers can choose from when creating a GNATcheck rule document. Rules fall into various categories:
- qualifiedStyle rules – GNATcheck can check for the usage of non-portable features, certain object orientation or tasking features, program structures, readability, and other programming practices that may be unsatisfactory to your coding standard guidelines.
- qualifiedFeature restriction rules – Certain Ada language features might be outside of the acceptable set allowed for a specific project. GNATcheck can ensure that developers don’t accidentally introduce features such as anonymous subtypes, usage of numeric literals, float equality checks, and more.
- qualifiedMetric compliance rules – To ensure readability and testability for long-lived software projects, GNATcheck can enforce compliance with specific metrics by checking that metrics computed for a program lie within user-specified bounds. Metrics computations include Essential Complexity, Cyclomatic Complexity, and Logical SLOC per subprogram.
For a complete list of predefined rules, visit the GNATcheck documentation.
Configurable Rule Sets
Users can choose from the rule library to create a GNATcheck rule document for their organization and modify it for specific projects as needed.
Reviewers can apply these rules with as fine a granularity as needed. You can thus transform a legacy code base lacking an enforced coding standard into a fully compliant one with relative ease.
Rules can also be mapped to aliases to facilitate direct mapping between defined coding standards and your GNATcheck results.
Coding standard enforcement is a key requirement of various software certification standards such as DO-178B/C and EN 50128 and industry standardizations such as FACE™. AdaCore’s team of certification experts has helped teams navigate the complicated nature of software certification and tool qualifications by providing customized solutions that satisfy certification requirements. AdaCore can provide off-the-shelf qualification material for GNATcheck for DO-178B/C and EN 50128.
The GNATcheck tool has been qualified for DO-178B/C and EN 50128 applications to ensure the strictest compliance with the latest safety and security standards. To learn more about AdaCore’s certification expertise and GNATcheck tool qualification, please contact us.