Perforce Static Analysis Tools have Been Trusted for 30+ Years
Perforce’s static analysis tools have been trusted code quality tools for over 30 years for their ability to deliver the most accurate and precise results to mission-critical project teams across a variety of industries.
Static Analysis
Perforce Static Analysis
For Safe, Secure, High-Quality Code. Faster.
Static analysis identifies defects, vulnerabilities, and compliance issues as you code. It finds issues that are often missed by other tools and methods, such as compilers and manual code reviews. With static analysis, you can fix coding issues earlier — lowering overall costs and enabling you to deliver a quality product on time.
- Improve Software Quality
- Comply with Coding Standards
- Code with Confidence
- Reduce Technical Debt
Helix QAC
Perforce Helix QAC
Enforce Compliance with Perforce Helix QAC
Helix QAC is the preferred static code analyzer for C and C++ in tightly regulated and safety-critical industries that need to meet rigorous compliance requirements.
- Accelerate compliance for functional safety and coding standards.
- Certified for TÜV-SÜD, ISO 9001 | TickIT plus Foundation Level.
Klocwork SAST
Perforce Klocwork
Accelerate Time-to-Market and Deliver Secure, Quality Code
Klocwork SAST for C, C++, C#, Java, JavaScript, Python, and Kotlin identifies security vulnerabilities and scales to projects of any size for the entire enterprise.
- Improve DevSecOps and AppSec across the organization.
- Boost speed, productivity, and compliance.
Validate Platform: Powered by Helix QAC and Klocwork
Perforce Validate
Control, Collaboration, and Reporting
Validate, the continuous security and code compliance platform, provides a centralized store of analysis data, trends, and configurations for codebases across the organization, providing a single pane of glass for all Perforce Static Analysis products.
- Easily produce compliance and security reports.
- Control access permissions and approval workflows.
- Manage and prioritize defects based on severity, location, and lifecycle.
- Streams functionality provides efficient management of variants, branches, and releases for a single codebase.
- Web/REST API functionality enables integration with other tools and processes across the SDLC
Perforce Static Analysis by the Numbers
Embedded Computing Design Best in Show Winner for Security at Embedded World North America 2024
Top 10
Our static analysis tools are used by the top 10 global automotive parts manufacturers.
Top 8
Our static analysis tools are used by the top 8 global defense contractors
Benefits of Perforce Static Analysis
Here are just a few of the many benefits of Static Analysis.
Coding Standards Compliance
Ensure your software is compliant with published, well-established coding standards, such as MISRA and CERT. Or, your own internal standard.
Code Quality Management
Automate reporting on code quality trends and compliance status to effectively measure code quality metrics and track defects.
Large-Scale Projects
Manual code reviews are time-consuming and often vulnerable to human error. Perforce’s static code analyzers quickly inspect millions of lines of source code, identifying vulnerabilities in both legacy and new code.
Developer Productivity
Perforce’s static analyzers provide developers with feedback as they code, which reduces the number of mistakes and time spent on rework — lowering overall project costs.
Coding Standards Compliance
Ensure your software is compliant with published, well-established coding standards, such as MISRA and CERT. Or, your own internal standard.
Code Quality Management
Automate reporting on code quality trends and compliance status to effectively measure code quality metrics and track defects.
Large-Scale Projects
Manual code reviews are time-consuming and often vulnerable to human error. Perforce’s static code analyzers quickly inspect millions of lines of source code, identifying vulnerabilities in both legacy and new code.
Perforce Static Analysis Coding Standard and Language Coverage
Perforce Static Analysis covers the following safety and security standards.
| Safety Standards |
|---|
| MISRA C:2004 |
| MISRA C:2012 |
| MISRA C:2023 |
| MISRA C++:2008 |
| MISRA C++:2023 |
| Barr-C |
| AUTOSAR C++14 |
| JSF AV C++ |
| High Integrity C++ (HIC++) |
| NASA's 10 Rules |
| Security Standards |
|---|
| CERT |
| CWE |
| CWE Top 25 |
| ISO/IEC TS 17961 (C Secure) |
| OWASP |
| HKMC Secure C/C++ |
| DISA STIG |
| PCI DSS |
| Programming Languages |
|---|
| C |
| C++ |
| C# |
| Java |
| JavaScript |
| Python |
| Kotlin |
Who Uses Static Analysis, Code Quality Tools?
The use of code quality tools is growing within every kind of industry. It is especially important for the development of mission-critical software in
Automotive
A typical passenger car runs more than 100 million lines of code. And, a vehicle has a wide range of software controlled sub-components – from braking systems to infotainment and communication systems. All this software requires careful review to ensure safety, reliability, and compliance
Aerospace and Defense
Aerospace, defense, and military organizations use embedded software every day. This software is often comprised of large code bases and complex systems. And developers have an obligation to ensure that the software is safe and secure, reliable, and free of any defects.
Medical Device
The quality of software embedded in medical devices can mean the difference between life and death. Because of this, there is increasing scrutiny for both safety and security in medical device software.
Energy Technology
Energy and utilities product development teams need to ensure functional safety compliance, meet industry regulations as well as mitigate potential security vulnerabilities and coding errors.
Automotive
A typical passenger car runs more than 100 million lines of code. And, a vehicle has a wide range of software controlled sub-components – from braking systems to infotainment and communication systems. All this software requires careful review to ensure safety, reliability, and compliance
Aerospace and Defense
Aerospace, defense, and military organizations use embedded software every day. This software is often comprised of large code bases and complex systems. And developers have an obligation to ensure that the software is safe and secure, reliable, and free of any defects.
Medical Device
The quality of software embedded in medical devices can mean the difference between life and death. Because of this, there is increasing scrutiny for both safety and security in medical device software.
See Why Perforce Static Code Analyzers Are the Most Trusted
Find out why thousands of developers choose Helix QAC and Klocwork to help them develop high-quality software that is safe and secure, reliable, and compliant.
Explore Static Analysis
Helix QAC and Klocwork are the most accurate code analyzers for C, C++, C#, Java, JavaScript, Python, and Kotlin programming languages.