This topic describes the preconfigured "built-in" static analysis standard rules that are included with SOAtest.
SOAtest checks over 500+rules that check whether expectations for security, reliability, and compliance are met. Rules are organized into thematic categories such as:
To view descriptions of all the static analysis rules that are included with SOAtest, choose Parasoft> Help, open the SOAtest Static Analysis Rules book, then browse the available rule description files.
To view a list of all static analysis rules that a given Test Configuration is configured to check, as well as descriptions of these rules:
If you want to print the list of rules and all related rule descriptions, enable your browser’s Print all linked documents printer option before you print the main the list of rules.
Each rule is assigned a severity level. The severity level indicates the chance that a violation of the rule will cause a serious construction defect (a coding construct that causes application problems such as slow performance, memory leaks, security vulnerabilities, and so on). Possible severity levels (listed from most severe to least severe) are:
SOAtest can also check any number of custom rules that you design with the RuleWizard module. With RuleWizard, rules are created graphically (by creating a flow-chart-like representation of the rule) or automatically (by providing code that demonstrates a sample rule violation). By creating and checking custom rules, teams can verify unique project and organizational requirements, as well as prevent their most common errors from recurring.
RuleWizard can be used to modify built-in coding standards and to add additional ones. For more information about creating custom coding rules, see Creating Custom Static Analysis Rules.