Polyspace Products and Software Development Workflows
Polyspace® products use static analysis to check code for run-time errors, coding standard violations, security vulnerabilities, and other issues:
Polyspace Code Prover™ can cover all possible execution paths through a program and track data flow along these paths following certain mathematical rules. The exhaustive control and data flow analysis can complement dynamic testing and expose potential run-time errors that might not be otherwise found in regular robustness testing.
Polyspace Bug Finder™ can scan a program for more obvious defects, security vulnerabilities, coding standard violations and other issues that potentially lead to run-time errors or unexpected results.
Using Polyspace Products in Software Development
The Polyspace suite of products supports all phases of a software development process:
Prior to code submission:
Developers can run the Polyspace desktop or IDE-focused products to check their code during development or right before submission to meet predefined quality goals.
The products can be integrated into IDEs such as Visual Studio Code, Visual Studio, or Eclipse™, or run with scripts during compilation. The analysis results can be reviewed in the IDEs or in the graphical user interface of the desktop products.
Polyspace provides the following products for desktop usage. These products are meant to run on complete projects or smaller code modules (up to a single source file).
Polyspace Bug Finder to check code for semantic errors that a compiler cannot detect (such as use of
=instead of==), concurrency issues, security vulnerabilities and other defects in C and C++ source code.Polyspace Code Prover to perform a much deeper check and prove absence of overflow, divide-by-zero, out-of-bounds array access and other run-time errors in C and C++ source code.
After code submission:
The Polyspace server products can run automatically on newly committed code as a build step in a continuous integration process (using tools such as Jenkins). The analysis runs on a server and the results are uploaded to a web interface for collaborative review.
Polyspace provides these products for server usage:
Polyspace Bug Finder Server™ to run Bug Finder automatically on a server and upload the results to a web interface for review, and Polyspace Access™ to review the uploaded results.
Polyspace Code Prover Server to run Code Prover automatically on a server and upload the results to a web interface for review, and Polyspace Access to review the uploaded results.
Typically, Polyspace Bug Finder Server (or Polyspace Code Prover Server) runs on a few build servers and checks newly committed code as part of software build and testing. Each reviewer (developer, quality assurance engineer or development manager) has a Polyspace Access license to review the uploaded analysis results.
In addition, if developers have access to Polyspace Access for web review of post-submission results, they can also install Polyspace as You Code in their IDEs for pre-submission analysis. When installed as an IDE extension, Polyspace as You Code performs a file-scope Bug Finder-like analysis and provides near-instant feedback to developers while coding.
This diagram shows one possible deployment of Polyspace products:
When you use both the desktop and server products, your pre-submission workflow can transition smoothly to the post-submission workflow.
Coordinating Pre-Submit and Post-Submit Usage of Polyspace
When you run more than one Polyspace products at separate stages in your software development workflow, the later runs can benefit from the earlier usage, and vice versa. In particular:
Developers using Polyspace as You Code in their IDEs can easily fix defects and coding standard violations that can be found and resolved within a single file. A later Polyspace Bug Finder Server analysis after code submission no longer shows these issues.
The results of a Polyspace Bug Finder Server analysis can act as a baseline for Polyspace as You Code runs. Developers using the latest Polyspace Bug Finder Server result as baseline for their IDE runs can focus only on issues that result from their code changes.
Polyspace Products for Ada Code
Polyspace provides these products for verifying Ada code:
Polyspace Client™ for Ada to check Ada code for run-time errors on a desktop.
Polyspace Server for Ada to check Ada code for run-time errors on a server.
You can either use the desktop product to run the analysis on your desktop, or a combination of the desktop and server products to run the analysis on a server. The analysis results are downloaded to your desktop for review.
If you have a Polyspace Code Prover Access license and have set up the web interface of Polyspace Code Prover Access, you can upload each individual Ada result from the Ada desktop products to the web interface for collaborative review.
See also https://www.mathworks.com/products/polyspace-ada.html.
Related Topics
You can also select a web site from the following list
Americas
- América Latina (Español)
- Canada (English)
- United States (English)
Europe
- Belgium (English)
- Denmark (English)
- Deutschland (Deutsch)
- España (Español)
- Finland (English)
- France (Français)
- Ireland (English)
- Italia (Italiano)
- Luxembourg (English)
- Netherlands (English)
- Norway (English)
- Österreich (Deutsch)
- Portugal (English)
- Sweden (English)
- Switzerland
- United Kingdom (English)
Asia Pacific
- Australia (English)
- India (English)
- New Zealand (English)
- 中国
- 日本Japanese (日本語)
- 한국Korean (한국어)