Software Assurance            Software Hardening            Autonomic Computing

CodeSonar Binary Analysis External Library Demonstration


INTRODUCTION:

Static analysis is an important part of developing high quality software. It finds problems before code is even testable - problems that may get overlooked during testing. By finding problems earilier in the software development life cycle, static analysis helps businesses save time and money by eliminating the magnified costs associated with problems encountered downstream. 

Most static analysis tools only look at source code, while many projects contain not just source code, but also binaries or libraries to link against. This leaves a possibly big area of problems overlooked.

CodeSonar for Binary fixes this problem. CodeSonar for Binary can find problems that cross the source-to-library boundary. It performs deep analysis of the library or object code and then combines that with the source code analysis. The result is a mixed-mode-analysis, a comprehensive analysis of both source and binary combined. 

A video demonstration of GrammaTech CodeSonar binary analysis follows.