Static Analysis with

QA-C - industy-leading static analysis solutions for the C language - prevent bugs and identify coding issues extremely early - Logo QA-C++ - industy-leading static analysis solutions for the C++ language - prevent bugs and identify coding issues early - Logo

Benefit from faster and cheaper
code analysis.

Static analyzers continuously detect and report on dataflow problems, software defects, language implementation errors, inconsistencies, dangerous usage, coding standard violations, and security vulnerabilities. 

Prevent costly mistakes - detect defects early

QA-C/QA-C++ identifies software defects at the first stage in the development cycle. By catching bugs as they occur, the cost and effort needed to resolve them is significantly reduced.


C/C++ source code is analyzed and more than 1,700 potential problems are reported on. Static analysis with QA-C/QA-C++ automatically identifies dangerous structures, problems with reliability, maintainability and portability.

QAC Static Analysis - Avoid Expensive Mistakes and recalls by identifying errors early
QAC Static Analysis - Produce clean code - identify unpredictable behaviour others miss

Produce clean code - no unpredictable behavior

There are many problems, that are not classified as incorrect by ISO standards, but which can result in unpredictable software behavior.


Static analysis, with QA-C/QA-C++, identifies issues that are often easy for developers and compilers to miss. Automatically picking up these defects reduces the time developers spend manually solving problems that are not even technically mistakes.  

Improve security - avoid code vulnerabilities

Some constructs in the C language can cause vulnerabilities that expose applications to attack. Static analysis can help you to avoid these risks:


  • Dangerous use of functions for dynamic memory management. 
  • Problems resulting from incorrect use of integers e.g. truncation errors, signed integer overflows and unsigned integer wrapping. 
  • Buffer overruns and stack smashing.
  • Format string attacks.
  • Exploitable vulnerabilities when developing concurrent code e.g. race conditions. 
QAC Static Analysis - Avoid code vulnerabilites - imporve overall security of Appliction
QAC Static Analysis - Monitor your codebase - comprhensive configurable reporting - compliance report - code review report - metric data report - suppression report

Monitor your codebase - comprehensive configurable reporting

Comprehensive reporting helps you to find problems, showing where to take a closer look and identifying areas where the most work is needed.


Compliance Report 

Identifies areas that need more work to attain a higher compliance level


Code Review Report

Useful for peer-review enabling design, optimization and meeting requirements


Metric Data Report

Provides an XML file as a source of quality metrics data


Suppression Report

Gives details of message diagnostics suppressed during analyis

Guarantee portability - consistency across platforms

By monitoring implementation defined language features and language extensions, QA-C/QA-C ++ ensures that code works constantly across different platforms and compilers.

QAC Static Analysis - ensure and guarantee Portability - consistency across platforms
QA-C/QA-C++ Jenkins plugin - easy sharing and integratin of contributions

Continuous integration - Jenkins plugin

The QA-C/QA-C++ Jenkins plugin makes it easy developers and teams to share and integrate their contributions.  


QA-C can also be used with any other continuous integration tool using a comprehensive command line interface (QACLI).


For more information see Continuous Integration