Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space DTPDEVEL and version 2020.1

...

You can manually add the CERT C widgets to an existing dashboard. See Adding Widgets for generation instructions on how to add widgets to a dashboard. After deploying the artifact, widgets will appear in the SEI CERT category.

Image RemovedImage Added

The following configurations are available:

...

Click on a rule to see the violation in the Violations Explorer.

...

CERT

...

Compliance

...

The CERT Compliance Report provides an overview of your CERT compliance status and serves as the primary document for demonstrating compliance.

Image Removed

You can perform the following actions:

...

by Priority

This widget is an implementation of the standard Compliance By Category widget shipped with DTP. It shows the number and percentage of rules in compliance grouped by rule categories.

Image Added

 Click on an entry in the table to open the Violations by Compliance Category report. 

Top 5 CERT Categories

This widget is an implementation of the standard Categories - Top 5 Table Compliance widget shipped with DTP. It shows the five CERT guideline categories with the most violations.

Image Added

Click on a link in the Name column or the more... link to open the Violations by Compliance Category report.

Top 5 CERT Guidelines 

This widget is an implementation of the standard Categories - Top 5 Table widget shipped with DTP. It shows the five CERT guidelines with the most violations.

Image Added

Click on a link in the Name column or the more... link to open the Violations by Compliance Category report.

CERT Analysis Compliance

This widget is an implementation of the standard Rules in Compliance - Summary widget shipped withe DTP. This widgets shows the following information:

  • how many static analysis rules for the selected compliance standard were enabled during code analysis
  • how many violations were reported
  • the overall percentage of rules that did not report violations
  • the change in number of violations from the baseline build to the target build as a percentage (if applicable)

Image Added

 Click on the widget to open the Violations by Compliance Category report. 

Viewing CERT C Compliance Reports

The CERT Compliance Report provides an overview of your CERT compliance status and serves as the primary document for demonstrating compliance.

Image Added

You can perform the following actions:

  • Use the drop-down menus to sort by the following criteria:
    • Guideline type: Rule, Recommendation, or All 
    • Priority level: L1, L2, L3, or All
    • Compliance status: All, No Rules Enabled, Compliant, Compliant With Deviations, Compliant With Violations, Not Compliant, Missing Rule(s) in Analysis
  • Click on a guideline link in the Guideline column to open the Conformance Enforcement Plan. The link goes directly to the specific guideline so that you can review the Parasoft code analysis rule or rules enforcing the guideline. 
  • Click on a link in the # of Violations, In-Code Suppression, or DTP Suppressions column to view the violations in the Violations Explorer.
  • Open one of the CERT Compliance sub-reports.
  • Click Download PDF to download a printer-friendly PDF version of the report data. If you added a custom graphic to DTP as described in Adding a Custom Graphic to the Navigation Bar, the PDF will also be branded with the graphic. 

...

Warning
titleDo not modify the CERT profile

We strongly advise against altering the default CERT C 2018 profile because doing so will affect any reports you may need to generate for auditing purposes.

 Image RemovedImage Added

If necessary, you can make a copy of the default profile and adjust the correlation between Parasoft code analysis rules and CERT C guidelines to achieve your software quality and compliance goals

...