...
- Install the Security Compliance Pack into DTP Extension Designer.
- Deploy the CERT C Compliance artifact into your DTP environment. This also deploys the CERT C Compliance extension assets.
- Analyze code with C/C++test using the SEI CERT C Standard test configuration and report violations to DTP. You can configure C/C++test to use the local test configuration or the test configuration shipped with the Security Compliance Pack.
- Add the CERT C Compliance dashboard and widgets to your DTP interface to view the reported violations within the context of CERT C guidelines.
- Interact with the widgets and reports to identify code that needs to be fixed, as well as print out the reports for auditing purposes.
Note | ||
---|---|---|
| ||
There are many CERT C guidelines (both rules and recommendations) that are not enforced by Parasoft static analysis. As a result, DTP will report 100% compliance against only those guidelines that are mapped to a Parasoft static analysis rule. |
CERT C Compliance Extension Assets
...
The CERT C Compliance artifacts are installed as part of the Security Compliance Pack (see Installation for instructions). After installing the artifact, you must deploy the assets to your DTP environment.
Info | ||
---|---|---|
| ||
If you are already using the CERT C++ Compliance artifact or CERT for Java Compliance artifact, you do not need to perform this step. Both All of these artifacts use the same DTP Workflow. |
...