IAR Systems enables secure code with updated MISRA C compliance in leading development tools

The static analysis tool C-STAT in IAR Embedded Workbench now has extended coverage for the MISRA C Coding Standard through complete support for the MISRA C:2012 Amendment 1

Uppsala, Sweden — June 15, 2020 — IAR Systems®, the future-proof supplier of software tools and services for embedded development, announces an update of its static code analysis tool C-STAT®, an add-on product completely integrated in the complete C/C++ compiler and debugger toolchain IAR Embedded Workbench®. The latest version of C-STAT adds coverage for MISRA C:2012 Amendment 1.

C-STAT performs advanced code analysis to find potential issues. The analysis provides code alignment with industry standards like MISRA C:2012, MISRA C++:2008 and MISRA C:2004, and also detects defects, bugs, and security vulnerabilities as defined by the Common Weakness Enumeration (CWE) and CERT C. In addition to this broad compliance, the updated version of C-STAT extends its coverage for the MISRA C:2012 Coding Standard through complete support for the MISRA C:2012, Amendment 1. This Amendment adds 14 additional rules to MISRA C:2012 with a focus on security concerns highlighted by the ISO C Secure Guidelines. Several of these rules address specific issues pertaining to the use of untrustworthy data, a well-known security vulnerability in many embedded applications.

“Since the launch of C-STAT five years ago, we have refined the technology according to customers’ requests, lately with a special focus on security through complete CERT C compliance launched earlier in 2020,” says Anders Holmberg, General Manager Embedded Development Tools, IAR Systems. “By adding coverage for MISRA C:2012, Amendment 1, we help our customers even further to ensure secure, high-quality code at an early stage of their projects.”

Fully integrated with the IAR Embedded Workbench IDE, C-STAT enables static analysis in a straightforward way and as a natural part of a developer’s daily development workflow. This helps developers to ensure their code is safe and of high quality at an early stage, which also aids companies to shorten their time to market as errors further down the line might be very time consuming and expensive to correct. More information about C-STAT is available at www.iar.com/cstat.

About IAR Systems

IAR Systems supplies future-proof software tools and services for embedded development, enabling companies worldwide to create the products of today and the innovations of tomorrow. Since 1983, IAR Systems’ solutions have ensured quality, reliability and efficiency in the development of over one million embedded applications. The company is headquartered in Uppsala, Sweden and has sales and support offices all over the world. Since 2018, Secure Thingz, the global domain expert in device security, embedded systems, and lifecycle management, is part of IAR Systems Group AB. IAR Systems Group AB is listed on NASDAQ OMX Stockholm, Mid Cap. Learn more at www.iar.com.