Klocwork 2021.2 ISO 26262, IEC 61508, IEC 62304, and EN 50128
Klocwork 2021.2 is qualified to be used in safety-related software development according to the following standards:
- ISO 26262
- IEC 61508
- IEC 62304
- EN 50128
The Functional Safety standard IEC 61508 for Automotive Electric/Electronic Systems covers numerous activities and processes in the software development lifecycle. ISO 26262 is a Functional Safety standard published by the International Organization for Standardization (ISO), and is targeted at road vehicle safety. The ISO 26262 standard is based heavily on the Functional Safety standard IEC 61508.
IEC 62304 is a standard that specifies life cycle requirements for the development of medical software and software within medical devices.
EN 50128 is an industry standard that specifies the requirements for development of functional safety related software in railway applications.
Developers can use the certified set of Klocwork checkers to find and fix security vulnerabilities and critical defects with confidence, knowing they have been designed, developed, tested and released in an audited and certified manner. Klocwork also provides guidance to ensure that developers use our static analysis tool in a functionally safe way that supports their own applications for certification.
While software verification tools cannot, on their own, ensure compliance with standards, for example, ISO 26262, they can aid developers looking to demonstrate process compliance. Static Code Analysis tools can either fully or partially address many of the requirements found in Part 6 of the standard. This section covers “Product Development at the Software Level” for the functional safety of road vehicles and examines correctness of software design and implementation. Klocwork’s full-featured source code analysis solution helps developers find and fix security vulnerabilities and critical defects the moment they’re introduced. MISRA-C and MISRA-C++ coding standard violations can be reported automatically at the developer desktop, integration build, continuous integration build, and through the code review tool.
What do you need to know?
The Klocwork certification is documented in the Functional Safety Manual for Klocwork and related documents. These documents describe the conditions under which the use of Klocwork supports functional safety.
The qualification pack, as described in the Functional Safety Manual for Klocwork, is available from your account executive. The Qualification Pack test procedures check the requirements under normal operating conditions. Each procedure provides input data that generates a validated pass/fail report for each checker. The tool is deterministic in its execution and generates the same output results for a given set of input data parameters. To obtain the currently supported Qualification Pack for Klocwork 2021.2, contact email@example.com.
Checkers added between Klocwork 2021.1 and 2021.2
|CONC.DBL_LOCK||Object was locked twice.|
|CONC.DBL_UNLOCK||Object was unlocked twice.|
|CONC.NO_LOCK||Object was not locked.|
|CXX.ERRNO.INCORRECTLY_CHECKED||Errno was incorrectly checked.|
|CXX.ERRNO.NOT_SET||Errno was not set.|
|CXX.ERRNO.NOT_CHECKED||Errno was not checked.|
|CXX.SQL.INJECT||Potential for malicious SQL injection.|
|MISRA.BITFIELD.TYPE.2012||Type of bit-field is not signed/unsigned integer.|
|MISRA.CT.UNIQUE.ID.2012||Identifier clashes with type name.|
Checkers modified between Klocwork 2021.1 and 2021.2
|ABV.GENERAL||Fewer false positives are expected and new defects detected.|
|MISRA.BITFIELD.TYPE||Fewer false positives are expected.|
|MISRA.CAST.VOID_PTR_TO_INT.2012||Fewer false positives are expected.|
|MISRA.CT.UNIQUE.ID||Fewer false positives are expected.|
|MISRA.LOGIC.NOT_BOOL||Fewer false positives are expected.|
|MISRA.PTR.ARITH.NOT_SAME.2012||New defects detected.|
|MISRA.UMINUS.UNSIGNED||Fewer false positives are expected.|
|NNTS.TAINTED||Fewer false positives are expected.|
|SV.RVT.RETVAL_NOTTESTED||Fewer false positives are expected.|
|Improvements for TAINTED checkers||New defects detected.|
|UNINIT.CTOR.MUST||Fewer false positives are expected.|
|UNINIT.STACK.ARRAY.MUST||Fewer false positives are expected.|
|UNINIT.STACK.MUST||New defects detected.|
|Improvements for UNINIT checkers||New defects detected.|