Coding Standard Verification

GNAT SAS makes the task of reviewing code against best practices less time-consuming and less tedious.

GNAT SAS features an automated coding standard verification tool. It automatically checks Ada applications for compliance with organizational and project-specific coding standard requirements.

You can think of GNAT SAS as your best-practice shepherd, diligently keeping your code within the safe boundaries of your coding rules. It helps guide your code toward its most secure solution.

Coding Standard verifications have been qualified for use in DO-178B/C, EN 50128 and ISO-26262 environments for our customers who must comply with those standards.

Greater Software Security with Less Effort

According to the Software Engineering Institute, 90% of software security breaches result from exploits against design or coding defects. Adherence to security best practices like secure coding standards can help minimize these defects.

Enforcing those standards through manual code reviews, however, is no longer a viable option. Not only is the practice tedious and time-consuming; it's also error-prone due to the fatigue reviewers experience over the long hours the task requires.

By automating coding standards compliance review, GNAT SAS saves developers, reviewers, auditors and security professionals time, aggravation and headaches. Best of all, it frees them to focus their attention and expertise where they are needed most: verifying and correcting coding errors before they slip through to production.

Keeps Code Clean, Uniform, and Up to Standard

When used with the GNAT Pro development tool suite, GNAT SAS allows developers to quickly check and clean up their code ahead of code reviews, code check-ins, and QA reviews.

GNAT SAS helps you keep code uniform across the organization. That makes your code easier to read and interpret by other members of your team, which helps improve collaboration.

A Learning Tool for Assimilation of Best Practices

Regular use of GNAT SAS helps developers learn and ingrain the best practices enumerated in their coding standards. Assimilation of coding best practices reduces the number of errors young developers put in their code and speeds up their contribution to the organization.

The fewer defects developers put in their code, the fewer they will have to correct later.

A Wide-Ranging Library of Predefined Coding Rules

GNAT SAS helps developers follow best practices by automatically checking code—beyond what the Ada compiler already offers—against a configurable set of rules.
The Coding Standard Verification tool has a number of predefined rules that developers can choose from when creating a rule document. Rules fall into various categories:

qualifiedStyle rules – The usage of non-portable features can be checked, such as certain object orientation or tasking features, program structures, readability, and other programming practices that may be unsatisfactory to your coding standard guidelines.
qualifiedFeature restriction rules – Certain Ada language features might be outside of the acceptable set allowed for a specific project. The GNAT Static Analysis Suite can ensure that developers don’t accidentally introduce features such as anonymous subtypes, usage of numeric literals, float equality checks, and more.
qualifiedMetric compliance rules –To ensure readability and testability for long-lived software projects, the GNAT Static Analysis Suite can enforce compliance with specific metrics by checking that metrics computed for a program lie within user-specified bounds. Metrics computations include Essential Complexity, Cyclomatic Complexity, and Logical SLOC per subprogram.

For a complete list of predefined rules, visit the GNATcheck documentation.

Add Rules of Your Own

GNAT SAS comes with a query language (called LKQL) so you can easily write your own checks for any in-house rules you may have developed. This allows you to customize GNAT SAS to meet your organization’s specific needs, processes and procedures.

Configurable Rule Sets

Users can choose from the rule library to create a Coding Standard Verification rule document for their organization and modify it for specific projects as needed.

Reviewers can apply these rules with as fine a granularity as needed. You can thus transform a legacy code base lacking an enforced coding standard into a fully compliant one with relative ease.

Rules can also be mapped to aliases to facilitate direct mapping between defined coding standards and your Coding Standard Verification results.

GNAT SAS is used by…

Developers to quickly and easily check their code against industry and internal coding standards, to make sure it's in compliance at critical junctures, and to hone their proficiency with coding best practices throughout the development cycle.

Reviewers to avoid the tedium and fatigue of manual code reviews and to avoid becoming a bottleneck in the development schedule.

Auditors to save themselves time. They can simply review the Coding Standard Verification reports rather than conduct manual reviews themselves.

Qualification

Coding standard enforcement is a key requirement of various software certification standards such as DO-178B/C and EN 50128 and industry standardizations such as FACE™. AdaCore’s team of certification experts has helped teams navigate the complicated nature of software certification and tool qualifications by providing customized solutions that satisfy certification requirements. AdaCore can provide off-the-shelf qualification material for GNATcheck for DO-178B/C and EN 50128.

GNAT SAS coding standard verification capability has been qualified for DO-178B/C and EN 50128 applications to ensure the strictest compliance with the latest safety and security standards. To learn more about AdaCore’s certification expertise and Coding Standard Verification tool qualification, please contact us.