Coding Standards Compliance

Parasoft’s comprehensive development Testing solution delivers proven results. It provides out-of-the-box support for achieving compliance with FDA, DO-178B/C, MISRA, JSF, PCI-DSS, ISO, IEC, and more. It automates static analysis, peer code review, unit testing, coverage analysis, traceability, and other software validation practices.

Efficiently and consistently drive any required policy or group of policies. Our solution provides templates for common regulatory compliance initiatives, including:

FDA
PCI DSS
OWASP
CWE/SANS
SAMATE
DO-178B/C
ISO 26262 & ASIL
IEC 61508 & SIL
MISRA
JSF
Web Accessibility (Section 508, WAI, WCAG)
Outsourcing SLAs

Pre-configured settings for industry and regulatory standards enable teams to rapidly assess compliance without having to determine how the requirements translate to code. Parasoft works with each organization to optimize the templates for their unique demands. This jumpstarts the process and establishes the foundation for continuous improvement.

Parasoft provides out-of-the-box automation of the key validation practices named in FDA, PCI DSS, DO-178B/C and other key regulations, including:

Parasoft’s technology suite extends from Java, C, C++, and .NET programming languages to SOA/Cloud, Web/RIA applications.

Robust and easily configurable reporting capabilities help you to document applications compliance with mandatory test coverage requirements (FDA, DO-178B/C, safety-critical, etc.).Along with a clear report of each test’s pass/fail status, we can indicate:

Coverage percentages by file, class, function/method
Annotated source code
Coverage for individual test cases
Files with coverage below a specified threshold

Automatically monitor compliance to custom policy requirements. A library of hundreds of rules designed to check common industry best practices can be customized to match and address even the most complex and specific policy requirements. Map rule names, descriptions, and severities to your organization’s policies to establish a fully-customized policy management and reporting interface.

Integrated Continuous Compliance Process into the Workflow and Across the SDLC

Parasoft establishes a continuous compliance process to ensure compliance tasks begin early and are deployed across every stage of the SDLC. This is as recommended by the FDA, PCI DSS, and other regulations. To ensure that quality is unobtrusively built into the development process, Parasoft integrates compliance tasks into the team’s existing workflow and automates them so team members can focus on work that truly require human intelligence.

Comprehensive Requirements Traceability

For traceability, requirements are correlated with automated and manual tests, source code, and development/testing tasks. The current level of verification for each requirement or task (including task pass/fail status and coverage) can be assessed at any time by back tracing to all associated tests. This correlation also enables change-based testing, which identifies exactly which are impacted by source code and requirement modifications. Teams know exactly which tests need to be rerun and which code needs to be re-reviewed.
In addition to tracking when the functionality for each requirement is implemented and tested, Parasoft also monitors compliance to non-functional requirements (e.g., coding standards, peer review, coverage, etc.) The system can be configured so that functionality is not considered complete unless it complies with the team’s quality expectations.