CodeSonar, produced by GrammaTech, is source and binary code analysis software that finds critical defects that can crash systems, result in unexpected operations, threaten security, and more.
- Employs advanced algorithms to analyze entire programs of million of lines of code
- Complies with coding standards
- Provides efficiency tools that enhance team collaboration, quality metrics, architecture visualization
- Reduces development costs by identifying defects earlier in the process
- Provides custom checks and metrics
- Identifies hard-to-track defects that reside in deep parts of code structures
- The powerful interface allows developers to easily navigate through code, compare elements, and identify issues
- Provides native support for JPL
- Contains strong report generation features, including text-only output and an advanced static analysis engine
- Trusted to inspect some of the most sensitive software applications in use today
- Since static code analysis is performed, this software may not be able to identify defects found by a dynamic analysis
- The tool is dependent on test scaffolds, and it may not notice defects that aren’t part of the scaffold
- It generates a large amount of data which consumes resources and affects hardware performance
CodeSonar is a leading code analysis tool. It is popular among major research entities, governments, and commercial enterprises to validate important software applications. For example, CodeSonar has been used to inspect software for NASA space missions, implantable medical devices, critical military applications, and more. CodeSonar claims to find more defects than any other tools due to GrammaTech’s recent advancements in concurrency and tainted dataflow analysis. When placed head-to-head with competing software in benchmarking tests, CodeSonar performs best in resource management, identifying static memory, and analysis of concurrency. CodeSonar is effective in analyzing whole programs aside from incremental updates. It first uses a baseline analysis to inspect the entire program, and then it applies a parallel and incremental inspection process to validate daily changes. CodeSonar identifies fatal, critical, and innocuous defects, all of which have varying degrees of impact to a software system. Overall, this tool is designed for validating large-scale application development efforts. Its analysis engine can consume large amounts of resources, so it is recommended that analyses are completed on high-performance machines. Aside from its higher level of consumption, it is a dependable and leading software quality tool.