Synopsys expands Coverity support for new programming languages, secure coding standards, and DevOps toolchain integrations
Synopsys, Inc. announced its Coverity® 2018.01 release, the newest version of its industry-leading static analysis tool, which analyses source code to detect critical quality and security defects early in the software development life cycle. Coverity 2018.01 extends the tool’s support for new programming languages, coding standards, and development tool integrations.
Coverity 2018.01 highlights:
- Introduces support for Scala and VB.NET
- Provides full support for SEI CERT C coding standard rules (2016 edition)
- Includes enhanced plugins for Jenkins continuous integration (CI) server to enable automated testing in DevOps environments
“Secure, high quality software is becoming increasingly an imperative for business success and the well-being of end users in the face of the growing threat landscape,” said Andreas Kuehlmann, general manager of the Synopsys Software Integrity Group.
“In parallel, the pace and process by which software is developed are changing dramatically. For this reason, the tools used to find defects and potential security vulnerabilities throughout the development life cycle need to evolve as well.
By supporting new programming languages, secure coding standards, and out-of-the-box integrations with modern development tools, Synopsys enables organisations to expand their software portfolios and embrace new development paradigms like DevOps with the assurance that their code is high quality and secure.”
The new enhancements and features of Coverity 2018.01 include these:
- Support for secure coding standards: Coverity enables organisations to comply with coding standards that promote the security, reliability, and safety of critical embedded software. With the latest 2018.01 release, Coverity fully supports SEI CERT C (2016 edition), an industry standard for secure coding. In addition to CERT C, Coverity also supports all versions of the MISRA coding standard and is ISO 26262 certified.
- Integration with modern development toolchains: Coverity is designed to support rapid and automated development workflows, with support for and integration with many of the popular development tools. Coverity 2018.01 provides plugins for the latest IDEs, including Visual Studio, Eclipse, IntelliJ, Android Studio, and many others. For streamlined security testing, the latest release also supports out-of-the-box integration with Jenkins continuous integration (CI) server. Coverity’s new Jenkins plugin has improved Jenkins Pipeline support, which enables retrieval of found issues by project and has enhanced data-filtering capabilities.