IAR C-STAT support
IAR C-STAT is a comprehensive static analysis tool for C/C++ source code. It can find errors and vulnerabilities supporting a number of coding standards such as MISRA C, MISRA C++, CERT C/C++ and CWE.
Installing IAR C-STAT
IAR C-STAT comes pre-installed with the IAR Build Tools and with the IAR Embedded Workbench. Refer to your respective product’s documentation for details.
Building with IAR C-STAT
To run IAR C-STAT, you will need CMake 4.1.0 or later. When building with
west build append the additional parameter to select
IAR C-STAT -DZEPHYR_SCA_VARIANT=iar_c_stat
, e.g.
west build -b stm32f429ii_aca samples/basic/blinky -- -DZEPHYR_SCA_VARIANT=iar_c_stat
Configuring IAR C-STAT
The IAR C-STAT accepts parameters for customizing the analysis. The following table lists the supported options.
Parameter |
Description |
---|---|
|
The pre-defined ruleset to be used. (default: |
|
The number of threads to use in analysis. (default: <CPU count>) |
|
Arguments passed to the |
|
Override the default location of the C-STAT SQLite database. (e.g. |
|
Perform a cleanup of the C-STAT SQLite database. (e.g. |
These parameters can be passed on the command line, or be set as environment variables. Below you will find an example of how to enable and combine non-standard rulesets at will:
# From the root of the zephyr repository
west build -b stm32f429ii_aca samples/basic/blinky -- -DZEPHYR_SCA_VARIANT=iar_c_stat -DCSTAT_RULESET=misrac2012,cert