1 / 21

Klocwork Overview

Introducing Qualicurity ALM™ Klocwork - Tool Chain for Static Error Detection Qualicurity ALM, Static Analysis Module. By: Seungwoo Yu Territory Manager of SDS Unit yusw@arctgroup.com / TEL +82 2 555 4847 / www.arctgroup.com. Klocwork Overview. Confidential. What We Do:

anthea
Download Presentation

Klocwork Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introducing Qualicurity ALM™ Klocwork - Tool Chain for Static Error DetectionQualicurity ALM, Static Analysis Module By: Seungwoo YuTerritory Manager of SDS Unityusw@arctgroup.com / TEL +82 2 555 4847 / www.arctgroup.com

  2. Klocwork Overview Confidential • What We Do: • Enable software development organizations to write better code • Our Technology: • Static source code analysis tools for C, C++, Java and C# developers • What Makes Us Unique: • Connected Desktop Analysis that provides powerful static analysis before code check-in • Breadth of analysis from one solution: • Bugs & security vulnerabilities • Architecture analysis and re-engineering • Software metrics and trending • Our vision: Source code analysis will be on every professional developer’s desktop • Enabling effective developer use of SCA in their environment is the key to the success of the technology within your organization

  3. Over 500 customers, including: Computer Software Computer Software Safety-Critical Software Safety-Critical Embedded Computer Hardware Computer Hardware Network & Telecom Network & Telecom Finance & Insurance Finance & Insurance Spotlight Success: 75% reduction in bugs making it into the wild 50% reduction in QA reported defects 30% reduction in costs directly related to defects Spotlight Success: Confidential

  4. Klocwork Customer and Market Momentum • Who uses Klocwork : • 3 of the top 5 NA networking equipment companies have standardized on Qualicurity ALM • 3 of the top 5 computer and internet software companies • 5 of the top 7 global chip makers have deployed Qualicurity ALM globally • 5 of the top 7 US aerospace and defense firms • 5 of the top 10 medical device manufacturers • Technology Leadership • Pioneers in source code analysis with many patented innovations • First to market (2008) with connected desktop analysis environment • First to market (2004) to provide both bugs and security vulnerability analysis • First to market (2003) with architecture solution integrated with bug detection • First to market (2003) with a single source code analysis solution for C, C++ and Java Confidential

  5. The Big Picture – Find bugs early “Finding bugs early in the SDLC has been a goal of software development organizations for many years. The earlier that automated software validation and testing techniques can be moved in the process, the better. Ideally, programming errors should be caught before code check-in to reduce problems downstream in the SDLC. Delivering good quality tools directly to the developer desktop, can serve as a key driver in making this process improvement goal a reality.” Tom Murphy, Gartner research director, quote from Klocwork Insight press release “With the alternative solution we were stuck having to check in code in order to find out there’s a bug or vulnerability, which meant waiting hours or even days to find out if the code change actually fixed the problem! With Klocwork, our developers could run ‘on the fly’ checking of source which made the use of this technology much more efficient”. Samuel Dillon, Lead Developer BMC Software

  6. Introduction to Source Code Analysis

  7. Source Code Analysis (SCA) – The Basics Confidential • Automated code analysis technology used to identify weaknesses in source code • Logic errors and implementation defects (e.g. memory management issues, NULL pointer dereference, etc) • Security vulnerabilities • Concurrency violations and rare boundary conditions • Architecture validity • Software metrics generation and management • Distinct from more traditional dynamic analysis techniques, such as unit or penetration tests • Underlying technology is called static analysis • Work is performed at build time using only the source code of the program or module • Complete view of every possible execution path, rather than an aspect of observed runtime behavior • Tool can be used at: • Build time • Developer desktop

  8. The Big Picture: Source code analysis today • A bedrock process improvement (e.g. CMMI) principle is “in-phase” defect containment to ensure bugs are found and fixed before they impact anyone else • Source code analysis has moved the industry towards that goal by increasing the number of coding defects found prior to system test (QA) • Opportunity is to move bug detection before code check-in… Confidential

  9. The Big Picture: In-Phase Bug Containment • Organizations can realize the full benefits of SCA by moving their defect detection to the earliest phase in the SDLC, prior to code check-in • SCA should be delivered to developers right within their standard working environment • Check in bug free code!! Next Generation Source Code Analysis Confidential

  10. Qualicurity ALM Klocwork – Real integration with codeBeamer ALM

  11. Screenshot – set up

  12. Screenshot – integrated space for K9

  13. Screenshot – project view Confidential

  14. Screenshot – mapping to trackers Confidential

  15. Screenshot – mapping added project Confidential

  16. Screenshot – database updated Confidential

  17. Screenshot – items in the tracker Confidential

  18. Screenshot – real ALM with static analysis tool Confidential

  19. Product Demo

  20. Real Snapshot # Confidential

  21. For more information visit www.arctgroup.com

More Related