...
You can manually add the CERT C widgets to an existing dashboard. See Adding Widgets for generation instructions on how to add widgets to a dashboard. After deploying the artifact, widgets will appear in the SEI CERT category.
The following configurations are available:
...
Click on a rule to see the violation in the Violations Explorer.
...
CERT
...
Compliance
...
The CERT Compliance Report provides an overview of your CERT compliance status and serves as the primary document for demonstrating compliance.
You can perform the following actions:
...
by Priority
This widget is an implementation of the standard Compliance By Category widget shipped with DTP. It shows the number and percentage of rules in compliance grouped by rule categories.
Click on an entry in the table to open the Violations by Compliance Category report.
Top 5 CERT Categories
This widget is an implementation of the standard Categories - Top 5 Table Compliance widget shipped with DTP. It shows the five CERT guideline categories with the most violations.
Click on a link in the Name column or the more... link to open the Violations by Compliance Category report.
Top 5 CERT Guidelines
This widget is an implementation of the standard Categories - Top 5 Table widget shipped with DTP. It shows the five CERT guidelines with the most violations.
Click on a link in the Name column or the more... link to open the Violations by Compliance Category report.
CERT Analysis Compliance
This widget is an implementation of the standard Rules in Compliance - Summary widget shipped withe DTP. This widgets shows the following information:
- how many static analysis rules for the selected compliance standard were enabled during code analysis
- how many violations were reported
- the overall percentage of rules that did not report violations
- the change in number of violations from the baseline build to the target build as a percentage (if applicable)
Click on the widget to open the Violations by Compliance Category report.
Viewing CERT C Compliance Reports
The CERT Compliance Report provides an overview of your CERT compliance status and serves as the primary document for demonstrating compliance.
You can perform the following actions:
- Use the drop-down menus to sort by the following criteria:
- Guideline type: Rule, Recommendation, or All
- Priority level: L1, L2, L3, or All
- Compliance status: All, No Rules Enabled, Compliant, Compliant With Deviations, Compliant With Violations, Not Compliant, Missing Rule(s) in Analysis
- Click on a guideline link in the Guideline column to open the Conformance Enforcement Plan. The link goes directly to the specific guideline so that you can review the Parasoft code analysis rule or rules enforcing the guideline.
- Click on a link in the # of Violations, In-Code Suppression, or DTP Suppressions column to view the violations in the Violations Explorer.
- Open one of the CERT Compliance sub-reports.
- Click Download PDF to download a printer-friendly PDF version of the report data. If you added a custom graphic to DTP as described in Adding a Custom Graphic to the Navigation Bar, the PDF will also be branded with the graphic.
...
| Warning | ||
|---|---|---|
| ||
We strongly advise against altering the default CERT C 2018 profile because doing so will affect any reports you may need to generate for auditing purposes. |
If necessary, you can make a copy of the default profile and adjust the correlation between Parasoft code analysis rules and CERT C guidelines to achieve your software quality and compliance goals.
...