When should you start using PVS-Studio? What can PVS-Studio detect? Supported standards: MISRA, CWE, CERT, OWASP, AUTOSAR. What about analysis options? What about legacy code?
2. PVS-Studio 7.12
905 Diagnostics
guards quality, security (SAST), and code
safety
13 years on the market
2
🔍 404 for C++
🔍 171 for C#
🔍 106 for Java
🔍 … и 224 specific ones
5. For a developer 🔥 You make occasional mistakes during
development
🔥 Debugging when searching for errors is time
consuming
🔥 Errors get into the version control system
🔥 Once an error is found by QA specialists, it’s
diicult to debug that code
5
6. For a manager 💡 You frequently return to old tasks due to bugs
💡 Users report errors in your products
💡 You hire more developers but notice a decline in
code quality
💡 With the increasing amount of code, it
becomes diicult to assess its quality and
reliability
6
7. For a security
professional
🔒 You experience diiculties with external code
audit
🔒 Clients require to use security and safety
standards in development
🔒 Potential customers require the use of such
tools
7
9. memory access
errors
typos
array index
out of bounds
buer
overflow
incorrect method
handling
serialization /
deserialization errors
unreachable
code
security issues
and much more...
incorrect type handling
synchronization
errors
Types of problems
9
21. Code quality
IDE
Visual Studio
IntelliJ IDEA
Rider
CLion
Qt Creator
Eclipse
Game engines
Build systems
MSBuild
CMake
Make
Ninja
Gradle
Maven
Unreal Engine
Unity
SonarQube
21
22. CI
Embedded
Keil µVision, DS-MDK
IAR Embedded Workbench
Platform.io
QNX Momentics
TI ARM Code Generation
Virtualization
Docker
WSL
Cloud CI
CircleCI
Travis CI
GitLab
Azure DevOps
Jenkins
TeamCity
22
Distributed build
IncrediBuild