Polyspace Support for Coding Standards
Polyspace® Bug Finder and Polyspace as You Code support various coding standards. Check the compliance of your code with these standards by analyzing your individual translation units in the IDE, and then analyzing your entire source code during integration. Polyspace as You Code supports a subset of rules that Bug Finder supports. See Checkers Deactivated in Polyspace as You Code Analysis (Polyspace Access).
Summary of Polyspace Support
| Standard | Release | Statically Enforceable Rules | Required or Mandatory Rules |
|---|---|---|---|
| MISRA C++:2023 | October 2023 | 156 out of 156 decidable rules in the standard |
|
| AUTOSAR C++14 | 10-31-2018 | 349 out of 349 rules in the standard | 337 out of 362 rules in the standard |
| MISRA C++:2008 | June 2008 | a | 195 out of 198 rules in the standard |
| MISRA C:2012 |
| 141 out of 149 rules in the standard | 146 out of 160 rules in the standard |
| MISRA C:2023 | April 2023 | 141 out of 149 rules in the standard | 146 out of 160 rules in the standard |
| CERT C | 2016 | 120 out of 120 rules in the standard | 120 out of 120 rules in the standard |
a MISRA C++:2008 standard does not categorize rules based on their static enforceability | |||
Coding standards categorize the rules based on their obligation level or their static enforceability. Polyspace supports rules that are considered nonenforceable or partially enforceable by the standards. Enforcing these rules require a manual review process, which can be assisted by the Polyspace results.
AUTOSAR C++14
The AUTOSAR C++14 standard categorizes the rules based on their obligation level and enforcement by static analysis.
Obligation Level
| Category | Rules Implemented in Bug Finder | Rules in the Standard |
|---|---|---|
| Required: The code must follow these rules. | 337 | 362 |
| Advisory: The code is advised to follow these rules to a reasonable practical extent. | 33 | 35 |
| Total: 370 |
Enforcement by Static Analysis Tool
| Category | Rules Implemented in Bug Finder | Rules in the Standard |
|---|---|---|
| Automated: Static analysis tools can detect all violation of these rules. | 327 | 327a |
| Partially automated: Static analysis tools cannot detect all possible violations of these rules. You need manual code review or other tools to completely enforce these rules. Polyspace shows the subset of all possible issues. For details about which issues Polyspace detects for a particular rule, see the Polyspace Implementation section in the reference page of the rule. | 22 | 22 |
| Nonautomated: Static analysis tools cannot detect all possible violations of these rules. You need manual code review or other tools to completely enforce these rules. Polyspace shows the subset of all possible issues. For details about which issues Polyspace detects for a particular rule, see the Polyspace Implementation section in the reference page of the rule. | 21 | 46 |
a The AUTOSAR C++14 standard contains 329 Automated rules. The rules A0-4-3 and A1-4-3 are not enforceable by a static analysis tool. These rules might be enforced by a compiler. | ||
The Automated and Partially automated rules are statically enforceable. In total, Polyspace supports 349 statically enforceable rules and 337 required rules. See:
MISRA C++:2008
The MISRA C++:2008 standard categorizes the rules based on their obligation level.
| Category | Rules Implemented in Bug Finder | Rules in the Standard |
|---|---|---|
| Required: The code must follow these rules. | 195 | 198 |
| Advisory: The code is advised to follow these rules to a reasonable practical extent. | 18 | 18 |
| Document: These rules are associated with different features including #pragmas, floating-point arithmetic, or bit fields. Whenever these features are used, the code must follow the associated rule. | 1 | 12 |
| Total: 214 |
See Required or Mandatory MISRA Coding Rules Supported by Polyspace Bug Finder.
MISRA C:2012
The MISRA C:2012 standard classifies the guidelines as either a rule or a directive. Polyspace supports the original MISRA C:2012 standard, technical corrigenda 1 and 2, and amendments 1, 2, 3, and 4. See Polyspace Support for MISRA C: 2012 Technical Corrigenda and Amendments.
MISRA C:2012 Rules
A rule is a guideline that can be described completely. Compliance with a rule can be checked statically with some limitation. The rules are further categorized based on different properties.
Obligation Level
| Category | Rules Implemented in Bug Finder | Rules in the Standard |
|---|---|---|
| Mandatory: These are guidelines that compliant C code must follow. The standard does not permit deviations from these guidelines. | 18 | 23 |
| Required: These are guidelines that compliant C code must follow. The standard permits only the deviations that you formally record and authorize. | 128 | 137 |
| Advisory: These are recommended guidelines. The standard permits deviation from these guidelines without any formal record. It is a best practice to follow these guidelines to a reasonably practical degree and record the deviations. | 39 | 40 |
| Total: 185 |
Compliant C code must follow the Mandatory and Required rules. Polyspace supports all such rules.
Static Enforceability
| Category | Rules Implemented in Bug Finder | Rules in the Standard |
|---|---|---|
| Decidable: A rule is decidable if a static analysis tool can check compliance with the rule in every possible case. | 141 | 149 |
| Undecidable: A rule is undecidable if a static analysis tool can check compliance to it only in certain cases. Polyspace shows the subset of all possible issues. For details about which issues Polyspace detects for a particular rule, see the Polyspace Implementation section in the reference page of the rule. | 44 | 51 |
Analysis Scope
| Category | Rules Implemented in Bug Finder | Rules in the Standard |
|---|---|---|
| Single Translation Unit: You can find all violations of these rules by checking each translation unit of a project individually. | 128 | 135 |
| System: You can find all violations of these rules only by analyzing the entire project or system. | 57 | 65 |
For details about Polyspace support of decidable MISRA C:2012 rules, see Decidable MISRA Coding Rules Supported by Polyspace Bug Finder.
MISRA C:2012 Directives
Directives are guidelines that cannot be completely described. Checking compliance with these directives requires more information in addition to the code. Static analysis might assist in checking compliance with directives. The directives are categorized based on obligation level.
Obligation Level
| Category | Directives Implemented in Bug Finder | Directives in the Standard |
|---|---|---|
| Required: These are guidelines that compliant C code must follow. The standard permits only the deviations that you formally record and authorize. | 12 | 14 |
| Advisory: These are recommended guidelines. The standard permits deviation from these guidelines without any formal record. It is a best practice to follow these guidelines to a reasonably practical degree and record the deviations. | 6 | 7 |
Static Enforceability
| Category | Directive Implemented in Bug Finder | Directive in the Standard |
|---|---|---|
| Decidable: A directive is decidable if a static analysis tool can check compliance with the directive in every possible case. | 0 | 0 |
| Undecidable: A directive is undecidable if a static analysis tool can check compliance to it only in certain cases. Polyspace shows the subset of all possible issues. For details about which issues Polyspace detects for a particular directive, see the Polyspace Implementation section in the reference page of the directive. | 18 | 21 |
See Undecidable MISRA C:2012 Rules and Directives Supported by Polyspace Bug Finder.
MISRA C:2023
The MISRA C:2023 standard classifies the guidelines as either a rule or a directive.
MISRA C:2023 Rules
A rule is a guideline that can be described completely. Compliance with a rule can be checked statically with some limitation. The rules are further categorized based on different properties.
Obligation Level
| Category | Rules Implemented in Bug Finder | Rules in the Standard |
|---|---|---|
| Mandatory: These are guidelines that compliant C code must follow. The standard does not permit deviations from these guidelines. | 18 | 23 |
| Required: These are guidelines that compliant C code must follow. The standard permits only the deviations that you formally record and authorize. | 128 | 137 |
| Advisory: These are recommended guidelines. The standard permits deviation from these guidelines without any formal record. It is a best practice to follow these guidelines to a reasonably practical degree and record the deviations. | 39 | 40 |
| Total: 185 |
Static Enforceability
| Category | Rules Implemented in Bug Finder | Rules in the Standard |
|---|---|---|
| Decidable: A rule is decidable if a static analysis tool can check compliance with the rule in every possible case. | 141 | 149 |
| Undecidable: A rule is undecidable if a static analysis tool can check compliance to it only in certain cases. Polyspace shows the subset of all possible issues. For details about which issues Polyspace detects for a particular rule, see the Polyspace Implementation section in the reference page of the rule. | 44 | 51 |
Analysis Scope
| Category | Rules Implemented in Bug Finder | Rules in the Standard |
|---|---|---|
| Single Translation Unit: You can find all violations of these rules by checking each translation unit of a project individually. | 128 | 135 |
| System: You can find all violations of these rules only by analyzing the entire project or system. | 57 | 65 |
MISRA C:2023 Directives
Directives are guidelines that cannot be completely described. Checking compliance with these directives requires more information in addition to the code. Static analysis might assist in checking compliance with directives. The directives are categorized based on obligation level.
Obligation Level
| Category | Directives Implemented in Bug Finder | Directives in the Standard |
|---|---|---|
| Required: These are guidelines that compliant C code must follow. The standard permits only the deviations that you formally record and authorize. | 12 | 14 |
| Advisory: These are recommended guidelines. The standard permits deviation from these guidelines without any formal record. It is a best practice to follow these guidelines to a reasonably practical degree and record the deviations. | 6 | 7 |
Static Enforceability
| Category | Directive Implemented in Bug Finder | Directive in the Standard |
|---|---|---|
| Decidable: A directive is decidable if a static analysis tool can check compliance with the directive in every possible case. | 0 | 0 |
| Undecidable: A directive is undecidable if a static analysis tool can check compliance to it only in certain cases. Polyspace shows the subset of all possible issues. For details about which issues Polyspace detects for a particular directive, see the Polyspace Implementation section in the reference page of the directive. | 18 | 21 |
CERT C
Polyspace supports all statically enforceable rules in the CERT C standard. The standard categorizes the guidelines into rules and recommendations. Polyspace does not support rules that are being removed or under construction.
| Category | Checks Implemented in Bug Finder | Checks in the Standard |
|---|---|---|
| Rule: These guidelines are required. Violation of these guidelines might compromise the safety, security, or reliability of a system. Static analysis tools can enforce compliance with these guidelines. | 120 | 120 |
| Recommendation: These guidelines are meant to improve the readability, safety, and security of a system. Static analysis can only detect a subset of violations of these guidelines. Polyspace shows the subset of all possible issues. For details about which issues Polyspace detects, see the reference page of these rules. | 94 | 183 |
Other
Polyspace also supports these coding rule standards.
| Standard | Rules Implemented in Bug Finder |
|---|---|
| MISRA C:2004 | 132 out of 142 rules in the standard |
| MISRA AC AGC | 130 out of 142 in the standard |
| ISO/IEC TS 17961 | 46 out of 46 in the standard |
| JSF AV C++ | 160 out of 234 in the standard |
| CERT C++ | 163 out of 163 in the standard |
| CWE | 192 (version 4.12), including:
|
See Also
Check AUTOSAR C++ 14
(-autosar-cpp14) | Check MISRA C++:2008 (-misra-cpp) | Check SEI CERT-C++
(-cert-cpp) | Check MISRA C:2012 (-misra3) | Check MISRA C:2004 (-misra2) | Check SEI CERT-C
(-cert-c) | Check CWE
(-cwe)
Related Topics
- Checkers Deactivated in Polyspace as You Code Analysis (Polyspace Access)
- Polyspace Support for MISRA C: 2012 Technical Corrigenda and Amendments
- Decidable MISRA Coding Rules Supported by Polyspace Bug Finder
- Undecidable MISRA C:2012 Rules and Directives Supported by Polyspace Bug Finder
- Required AUTOSAR C++14 Coding Rules Supported by Polyspace Bug Finder
- Statically Enforceable AUTOSAR C++14 Rules Supported by Polyspace Bug Finder
- Required or Mandatory MISRA Coding Rules Supported by Polyspace Bug Finder
- Required and Statically Enforceable CERT C Rules Supported by Polyspace Bug Finder
You can also select a web site from the following list
Americas
- América Latina (Español)
- Canada (English)
- United States (English)
Europe
- Belgium (English)
- Denmark (English)
- Deutschland (Deutsch)
- España (Español)
- Finland (English)
- France (Français)
- Ireland (English)
- Italia (Italiano)
- Luxembourg (English)
- Netherlands (English)
- Norway (English)
- Österreich (Deutsch)
- Portugal (English)
- Sweden (English)
- Switzerland
- United Kingdom (English)
Asia Pacific
- Australia (English)
- India (English)
- New Zealand (English)
- 中国
- 日本Japanese (日本語)
- 한국Korean (한국어)