Polyspace Bug Finder analyzes C/C++ embedded software code to report coding defects, coding rules deviations, and code metrics. It uses static analysis based on abstract interpretation to identify more than 350 types of coding defects, such as buffer overflows, divide-by-zero errors, concurrency issues, and other security flaws.
Polyspace Bug Finder checks compliance with coding rules such as MISRA C™:2023, MISRA C++:2023, AUTOSAR C++14, CERT® C/C++, and CWE™. It also computes code metrics like cyclomatic complexity. You can even create your own defects and coding standards to support your organization’s requirements.
You can integrate Polyspace Bug Finder with Polyspace Test to unify code verification and testing, sharing the same project configuration and leveraging the tool’s complementarity to ease triaging results. Simulink integration enables automated setup and traceability for generated code.
Support for industry standards is available through IEC Certification Kit (for ISO 26262 and IEC 61508) and DO Qualification Kit (for DO-178).
Find Bugs and Vulnerabilities
Detect more than 350 C/C++ defects—including security, memory, numerical, and concurrency defects—using static analysis. Extend built-in checkers with your own. Identify root causes of complex bugs with debugger-like views, event traces, and call graphs.
Comply with Coding Standards
Check compliance with MISRA C:2023, MISRA C++:2023, AUTOSAR C++14, CERT C/C++, CWE, and ISO/IEC TS 17961. Create custom coding standards to enforce team-specific rules.
Static Application Security Testing
Detect security weaknesses and identify the chain of events leading to the vulnerability. Enforce secure coding guidance with CERT C/C++, CWE, and ISO/IEC TS 17961 checks.
Certification Support
Create artifacts needed to complete the certification process for industry safety and security standards, such as IEC 61508, ISO 26262, ISO/SAE 21434, or DO-178C, up to the highest functional safety or security levels. Justify deviations and generate comprehensive analysis reports.
Simulink Integration
Analyze code generated by Embedded Coder or dSpace TargetLink® and trace findings back to Simulink blocks or Stateflow charts. Launch analyses from Simulink for streamlined setup and traceability.
Measure Code Metrics
Compute cyclomatic complexity and other metrics to improve the maintainability and testability of C/C++ code. Enforce code metric thresholds using Polyspace checkers.
Monitor Project Quality
Monitor project quality with project-level dashboards, including cards and charts for defects, coding rules, and code metrics. Drill down from the project level to individual files to focus on specific code analysis results.
Analyze Code Using Run-Time Behavior
Automatically create a Polyspace configuration from your build; set compiler, target, and RTOS options; and model interrupts, threads, and tasks to detect concurrency defects, including data races and deadlocks.
Unify Static Analysis and Dynamic Testing
Manage static analysis (with Polyspace Bug Finder and Polyspace Code Prover) and testing (with Polyspace Test)—including project configuration, execution, and review—in one interface. Combine testing and code-analysis workflows to identify unreliable tests, justify unreachable code branches, or support complex code coverage requirements.
Product Resources:
“With Polyspace, we can ensure software security and quality by identifying and fixing critical run-time errors before every code merge.”
Polyspace Product Family
Polyspace products make critical code safe and secure by testing and monitoring software quality throughout the development lifecycle.
Polyspace Access
Identify coding defects, review static analysis results, and monitor software quality metrics.
Polyspace Copilot
AI assistant optimized for Polyspace.
Polyspace Test
Develop, manage, and execute tests for C and C++ code in embedded systems.
Polyspace as You Code
Identify coding standard violations and software vulnerabilities from your IDE.
Polyspace Bug Finder
Check coding rules, security standards, and code metrics, and find bugs.
Polyspace Code Prover Server
Continuously and exhaustively verify critical C and C++ code statements into CI pipelines.
Polyspace Bug Finder Server
Identify software defects and enforce coding rules in your CI pipelines.
Polyspace Client for Ada
Exhaustively verify critical Ada statements units using formal methods.
Polyspace Code Prover
Exhaustively verify the most critical C and C++ statements using formal methods.
Polyspace Server for Ada
Continuously and exhaustively verify critical Ada code statements into CI pipelines.
