Software Integrity Blog

Author Archive

Thomas M. Tuerke

ttuerke

Thomas M. Tuerke is a software development manager within Synopsys' Software Integrity Group. An evangelist for the cause of writing better code (though lamenting not being able to do as much of that since becoming a manager), he’s recently become a member of the MISRA C Working Group. In past lives, he’s developed industry-leading scientific graphics software, CAD systems, and even biometrics-capturing software for hardware that saw combat action. A technophile, but staunch Facebook non-user, away from work Thomas prefers the real over the virtual world, enjoying traveling, writing, photography, and various creative pastimes. A rail-fan and avid modeler, he remains fascinated by various specimens of twelve-inch-to-the-foot (and smaller) scales. Especially the really reliable ones.


Posts by Thomas M. Tuerke:

 

Let’s write more CodeXM checkers (second-stage ignition)

If you read the previous installment, you’ll recall that we boosted ourselves to low earth orbit using CodeXM to write a Coverity checker to help enforce a naming convention (which, of course, you can tweak to suit your needs). Our progress so far: local variables and function names (including method names). Now we’ll push higher up, […]

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on Let’s write more CodeXM checkers (second-stage ignition)

 

Let’s write a CodeXM checker (it’s not rocket science!)

All systems are go. We have liftoff. Let’s write some CodeXM. If you’ve read the previous two posts, you should come away with a sense that writing a CodeXM checker isn’t rocket science. Let’s put that to the test. In order to get this hands-on experience, you should have access to an installed version of […]

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on Let’s write a CodeXM checker (it’s not rocket science!)

 

CodeXM: Awesome code checker power (itty-bitty learning curve!)

What you need to know, and (more importantly) what you don’t, about the CodeXM checkers. When you develop your software, you may not be aware of what the compiler is doing to transform source into an executable. The neat thing is you don’t need to. Just know things like what a variable declaration is, what a […]

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on CodeXM: Awesome code checker power (itty-bitty learning curve!)

 

Don’t Panic: Write checkers using CodeXM

With apologies to the late Adams Douglas Adams, writing a checker is hard. You just won’t believe how vastly, hugely, mind-bogglingly hard it is. I mean, you may think it’s difficult to pull together a purchase order for a new bit of software, but that’s just peanuts to writing a checker. Truth be told, writing […]

Continue Reading...

Posted in Static Analysis (SAST) | Comments Off on Don’t Panic: Write checkers using CodeXM

 

Climbing Mount MISRA: Which route is right for you?

The director of software development comes into your office in a panic. “We’ve got to do MISRA… stat! Legal insists on it; our customers are demanding it.” Your heart sinks. If you’ve ever been to Yosemite, you’ll know there are two ways to the summit of Half Dome: one way has fairly gradual—or at least […]

Continue Reading...

Posted in Security Standards and Compliance | Comments Off on Climbing Mount MISRA: Which route is right for you?

 

Is your software MISRA clean?

“Scalpel.” “Scalpel.” “Let’s make the incision … There we go …  Spreader.” “Spreader.” “Good. A little wider. Like that. Metzenbaum.” “Metzenbaum.” “There we are. We’re at the DIVIDE_BY_ZERO site. As you can see, it starts here, and follows this path here. We’ll remove it … gently … nice, a clean extraction. Now, let’s graft in […]

Continue Reading...

Posted in Security Standards and Compliance, Software Architecture and Design | Comments Off on Is your software MISRA clean?

 

Meet Auntie MISRA

Seems we all have one: that distant aunt. You know the one I’m talking about. Always dressed to the nines. Always perfectly coiffured. Every detail just so. And that tiny Jack Russell that did tricks on command, never yapped (unless told to “speak”), and was always at her side, springing up to her lap when she pulled out […]

Continue Reading...

Posted in Security Standards and Compliance | Comments Off on Meet Auntie MISRA