ECLAIR is a powerful platform for the verification of C and C++ programs. Applications range from coding rule validation, to the proof of absence of run-time errors, computation of metrics and enforcement of stylistic guidelines. The extreme flexibility of ECLAIR allows it to be tailored to any software development process.
ECLAIR is developed in a rigorous way and carefully checked also with extensive internal test suites and industry-standard validation suites, and it is fit for use in mission- and safety-critical software projects: it has been designed from the outset so as to exclude false negatives wherever this is concretely possible.
Supported Applications
Here are the main applications that run on top of ECLAIR.
Automatic Checking of Coding Standards
ECLAIR provides support for automatically checking compliance with respect to a number of widely used coding standards, in particular, all MISRA coding standards, BARR-C:2018, AUTOSAR C:2009 and others.
Coding rules are enforced using very general and accurate checkers, which operate on the precise sequences of tokens and abstract syntax trees that are manipulated by the compiler. Coupled with the fact that ECLAIR always checks each rule in the appropriate context (at the token, declaration, translation unit, whole program or whole project levels), this makes sure that the checkers for decidable rules are exact (neither false positives nor false negatives).
Bug Finder
ECLAIR contains a general-purpose, very fast static analyzer for C and C++. The ECLAIR Bug Finder is able to detect and report bugs and weaknesses that can lead to crashes, misbehaviors, and security vulnerabilities, including buffer overflows , use-after-free and other dynamic memory allocation issues, dereferences of null pointers, pointer arithmetic errors, lossy implicit conversions, use of uninitialized variables, excessive padding (memory waste), uninitialized or invalid return values, vararg functions mistakes, divisions by zero, string manipulation errors, undefined operations, library API violations, dead stores, insecure use of library functions, leaks of stack memory addresses, memory leaks, multithreading issues, unreachable code , dynamic type errors, double-free , plus a number of other common programming mistakes.
Metrics
For assessing the complexity, readability and maintainability of software, ECLAIR computes comprehensive metrics about the code including the fundamental set defined by the HIS Source Code Metrics document and many of the requirements of the SQALE Method quality model, plus other metrics that are required to satisfy the objectives of ISO 26262 and other functional safety standards.
ECLAIR Packages
Here are the available ECLAIR packages.
B |
MC2 |
|
MC3 |
MP1 |
Features Common To All Applications
Here are the features that are common to all ECLAIR applications.
Supported Platforms and Development Environments
ECLAIR can be used with just about any development environment. Thanks to its ability to intercept the toolchain components, it supports all sorts of makefile-based, script-based or hybrid build systems. ECLAIR can leverage the availability of computing resources by supporting parallel and distributed program analyses. Most popular C/C++ compilers and cross compilers are supported, including ARM®, CodeWarrior™, Cosmic Software, CrossWorks™, Emscripten, GCC, Green Hills®, HighTec, IAR™, Intel®, Keil Software®, MPLAB®, Microsoft®, QNX™, Renesas Electronics, SOFTUNE™, TASKING®, Texas Instruments™, Wind River®, as well as clang/LLVM and its derivatives.
Proper Integration with the Toolchain
ECLAIR intercepts every invocation of the toolchain components (compilers, linker, assembler, archive manager) and it automatically extracts and interprets the options that the build system has passed to them. This allows for the seamless integration with any build system. Moreover, the user does not need to engage in error-prone activities such as:
specifying which files compose the application and where the right header files are located;
configuring the static analyzer so that the analysis parameters match the options given to the compilers (several options do affect the program semantics).
All this is automatic and supports build processes that involve the automatic generation of source files that depend on the configuration, without requiring the development and maintenance of a separated analysis procedure: with ECLAIR the existing build procedure can be used verbatim.
One of the key properties of ECLAIR is that it understands all the analysis-relevant options of the supported compilers. The language used to abstractly model such options is so powerful that adding support for a new compiler is not a problem.
Advanced Reporting Facilities
ECLAIR produces all sorts of reports:
for immediate or later browsing using any web browser, or from within popular IDEs like Eclipse, Microsoft Visual Studio, Visual Studio Code, or any suitable editor;
for the automatic insertion into issue-tracking systems or any other database;
for the automatic production of compliance reports required to meet industrial standards and guidelines such as IEC 61508, ISO 26262 (automotive), CENELEC EN 50128 (railway), DO-178B/C (aerospace), IEC 60880 (nuclear power), IEC 62304 and FDA norms (medical).
Detailed reports are interactive and support advanced filtering techniques that allow each individual users to define their own views. Summary reports are available in a number of formats including printable ones (Microsoft Word and Libreoffice Writer), those that can be manipulated with common spreadsheet software (Microsoft Excel and Libreoffice Calc), HTML and, of course, pure text.