Latest Blog Posts

Assessing C and C++ toolchains used in robotics
The traditional industrial robot consists of an arm with multiple degrees of freedom and a specialized gripper. To prevent accidental injury to humans, it is typically incarcerated in a protective cage. However, next-generation...

Automation saves time and is more accurate
As we pointed out in the previous blog, before we qualify a compiler for a safety-critical project, it’s essential we know all the compiler options that the project intends to use. With typical projects being highly complex, like a...

Before compiler qualification comes use case analysis
Compilers comprise a complex pipeline of analysis and transformation stages. Changes in one stage are frequently amplified by subsequent stages. It makes compilers very sensitive to configuration, with a seemingly minor change to the...

SuperTest and Frama-C: a clash of titans
CEA List and Solid Sands entered into a partner agreement to make SuperTest available to the Frama-C team. Frama-C is a platform for source-code analysis of C software. The Frama-C analyzers assist with various source-code-related...

C++ library qualification: cherry picking functions versus full headers
We are pleased to see many companies in the automotive, industrial, medical, aviation, robotics and railway industries taking the safety of critical C++ applications seriously. With the latest safety-critical applications handling...

The disadvantages of undefined behavior
In the previous blog I argued in favor of undefined behavior in C. The behaviors I was talking about, such as integer overflow, would be inefficient or counter-intuitive if they were defined. Nevertheless, it does mean that in their...

The advantages of leaving it undefined
Undefined behavior remains an elusive subject. On the one hand, it potentially exposes your program to dangerous situations and exploitations. On the other hand, it enables the speed and portability that the C programming language is...

Let’s talk about library qualification – in person this time
Library qualification is key, because code from the library is linked into the application and installed onto the target device. Over the last few years, we have spoken many times about this topic in our blogs and webinars. We are...

We need to talk about security
A study by the University of Turku, Finland (A Large-Scale Security-Oriented Static Analysis of Python Packages in PyPI) showed that 46% of 224,651 open source Python Packages displayed one or more security issues. Is that good news,...

A multitool for test generation
For me as a software engineer, it is difficult to suppress the urge to automate. Regardless the complexity of a task, in my ideal world everything would be automated. Generating tests is no exception to this rule, so naturally we...