Static Code Analysis
DevOps
Static Code Analysis
Obfuscation Tool
Testing Solution
Embedded Stack
Others

Culture shift or movement that encourage great collaboration to foster building better quality software more quickly with more reliability. Whenever you are a large enterprise or a fresh start-up, time to market becomes more and more critical in regard to the ever increasing pace of innovation. By embraching a DevOps Culture, using Cloud Computing and building Continuous Delivery into your software delivery process, we can help you to — often dramatically — shorten your time to market while you can stay focused on innovation. Learn about some of the core principles and techniques that Meteonic use to help our customers to win the race by getting new ideas out faster, with less problems and at reduced costs.

Meteonic is partnered to some world class DevOps tools to extend the continuous development goals.

Clarive

Clarive Software is a strong new performer within the DevOps market. Clarive is Headquartered in Spain since 2010, Clarive has been rated as “Cool vendor in DevOps in 2015” by Gartner. Clarive provides you with a SINGLE-TOOL DevOps solution that will support your Development and Operations teams on ALL your Platforms. Clarive is a 3-in-1 single-tool solution, combining ALM topic process orchestration, release and deploy automation, and configuration management. As a result Clarive has end-to-end real-time operational data available in a single database for reporting and analytical purposes.

Docker

Docker provides a completely open platform for developing distributed applications. Customers turn to Docker to build, run, and deploy, portable cloud ready applications. Docker is a tool that can package an application and its dependencies in a virtual container that can run on any Linux server. Docker uses the resource isolation features of the Linux kernel such as groups and kernel name spaces, and a union-capable file system such as aufs and others to allow independent "containers" to run within a single Linux instance, avoiding the overhead of starting and maintaining virtual machines.

Chef

Chef is a powerful automation platform that transforms complex infrastructure into code, bringing your servers and services to life. Whether you’re operating in the cloud, on-premises, or a hybrid, Chef automates how applications are configured, deployed, and managed across your network, no matter its size.

Chef is built around simple concepts: achieving desired state, centralized modeling of IT infrastructure, and resource primitives that serve as building blocks. These concepts enable you to quickly manage any infrastructure with Chef. These very same concepts allow Chef to handle the most difficult infrastructure challenges on the planet. Anything that can run the chef-client can be managed by Chef.

Puppet

Automate. Move Faster.Increase Reliability

It's not easy being in IT operations today. The volume and complexity of infrastructure you manage is growing and getting smarter. On top of that, you've got demands from the business to do more and faster, without sacrificing security and reliability. How do you strike that balance?

Get More Done in Less Time

With Puppet, you define the state of your IT infrastructure, and Puppet automatically enforces the desired state. Puppet automates every step of the software delivery process, from provisioning of physical and virtual machines to orchestration and reporting; from early-stage code development through testing, production release and updates.

  • Free up time to work on projects that deliver more business value
  • Ensure consistency, reliability and stability
  • Facilitate closer collaboration between sysadmins and developers

Static Code Analysis is a technique employed in software development for checking on the source code without giving any external inputs to the code. The code is checked out for defects caused due to programming errors which can cause a security issue or a complete crash of the code during it’s actual execution.

It is to be noted that “Static Code Analysis” is normally taken up with the help of some automated tool which helps to do a complete branch coverage and path coverage, making it sure that all the parts of the software is checked on before the code is pushed to the next stage.

Statically the code can be checked in terms of security vulnerabilities, architectural flaws and compliance to some specific coding standards. Specialized software tools are available to take up these checks and certification is also given by these tool vendors to certify the software accordingly.

Meteonic is proud partners to some of the world leading Static Code Analysers.

Klocwork

KlocworkTM is a niche Static Code Analyser tool which is capable of finding critical security vulnerabilities, checking on reliability issues of the software and checking on whether a particular coding standard like MISRA, DO-178C, CWE, DISA STIG, CERT, OWASP on C, C++, Java and C# codes.

KlocworkTM is also having the capability of taking up some levels of code refactoring for the C, C++ codes. It has a very well defined online peer code review portal which can help development teams to trigger a code review at any point in time during the development phase. This code review process is very effective as it is aimed at not finding out the coding defects and security vulnerabilities but to find ways to resolve them and to address some more innovative ways to tackle functional problems.

KlocworkTM is a product from “Roguewave Systems Inc.” which is headquartered in Louisville, CO, US. KlocworkTM started into operation in 2002 and since then it has more than 3000 customers globally.

Understand

UnderstandTM is a Static Code Analysis tool aiming to achieve a complete code navigation, control flow graph generation, Metrics generation, code comparison, checking on the adherence of a code to some specific coding standards like MISRA and code reengineering for an array of programming languages like C, C++, Java, Jovial, Pascal, ADA, .NET and more.

UnderstandTM is a tool from “Scientific Tools Inc.” and based out of St. George, Utah, US. This tool has been used since long in leading automotive, aerospace, defence and loads of other critical industries for understanding large legacy codes and take up Static Code Analysis on them.

UnderstandTM as a tool has also a well developed command line interface which allows this tool to be integrated with any of the existing tool chain that the software companies normally use. Since the commencement of the company

( Scientific Tools Inc.) in 1996 UnderstandTM has been used by more than 200 companies world wide to understand their codes and development further on them.

lattix

LattixTM is one unique tool which is capable to taking up architectural analysis of code to a different level. This is a Static Code Analyser tool specializing on finding our dependencies between the routines and sub routines of a code base. LattixTM is the only tool available commercially to employ a concept known as “Dependency Structured Matrix” popularly known as DSMTM to depict the dependencies across all the elements in a code base.

The beauty of the LattixTM tool lies in the very fact that not only it would allow one to check on all the dependencies of a code base but it depicts the entire dependency of a code in a mathematical model which can very well be employed to work on some dependency algorithm which will be able to show all the good and bad dependencies of the code in the DSMTM.

LattixTM allows to only to find out the dependencies in a code base but also to create some dependency rule sets that can be implemented through this tool enabling some control on adherence to a particular architectural rule for the entire development team. It has a very well developed impact analysis capability which can allow the team to do a “what if” analysis on a code base with ease.

LattixTM is a product from Lattix Inc. which is headquartered in North Reading, MA, US. LattixTM is available commercially to clients from the year 2004 and since then more than 300 companies across various industry domains use LattixTM for conquering software architectural challenges.

In software development, obfuscation is the deliberate act of creating obfuscated code, i.e. source or machine code that is difficult for humans to understand. Like obfuscation in natural language, it may use needlessly roundabout expressions to compose statements

Programmers may deliberately obfuscate code to conceal its purpose (security through obscurity) or its logic, in order to prevent tampering, deter reverse engineering, or as a puzzle or recreational challenge for someone reading the source code.

Programs known as obfuscators transform readable code into obfuscated code using various techniques.

Dotfuscator

Dotfuscator is a post-development recompilation system for .NET applications developed by PreEmptive Solutions. It analyzes applications and supposedly makes them smaller, faster and harder to reverse-engineer.

DashO

Reverse engineering Java and Android code is a common practice and, with the right tools, it is extremely easy to do. DashO provides enterprise-grade protection for all your Java and Android applications, greatly reducing the risk of piracy, intellectual property theft and tampering.

Through a combination of technology, processes and effective controls, we offer material risk mitigation lowering the likelihood of damage and transferring risk entirely out of your organization

No code analysis is complete without testing. Testing of software is taken up by various ways and software is tested at various stages of development. Software testing is an investigation conducted to provide stakeholders with information about the quality of the product or service under test. Software testing can also provide an objective, independent view of the software to allow the business to appreciate and understand the risks of software implementation. Test techniques include the process of executing a program or application with the intent of finding software bugs (errors or other defects).

Software testing involves the execution of a software component or system component to evaluate one or more properties of interest. In general, these properties indicate the extent to which the component or system under test:

  • meets the requirements that guided its design and development
  • responds correctly to all kinds of inputs,
  • performs its functions within an acceptable time,
  • is sufficiently usable,
  • can be installed and run in its intended environments, and
  • achieve the general result its stakeholders desire.

As the number of possible tests for even simple software components is practically infinite, all software testing uses some strategy to select tests that are feasible for the available time and resources. As a result, software testing typically (but not exclusively) attempts to execute a program or application with the intent of finding software bugs (errors or other defects). The job of testing is an iterative process as when one bug is fixed, it can illuminate other, deeper bugs, or can even create new ones.

Meteonic is partnered with some niche software testing tool companies across globe bringing the all important testing solutions for clients.

Cantata

CantataTMis a very well known automated unit and integration testing suite for C and C++ languages. CantataTM is a unique tool which also includes code coverage as a part of the automated unit and integration testing. It is one of the few tools available commercially which is capable of taking up testing based on some specific coding standards of IEC, ISO, MISRA, DO-178C and so on. CantataTM also provides a certification for the testing that it takes up which is a requirement for all the clients who are using any kind of testing tool on their code.

CantataTM is a complete test suite which not only enables team to take up unit and integration testing, but also allows to create test plans, import existing written test cases into the tool and also do white box, black box and structural testing for C, C++ codes.

CantataTM seamlessly integrates with complex embedded system target environment like KEIL, IAR, Renesas and so on making this tool as one of the kind of tool that is very easy to use and also dependable. CantataTM is a product from “QA-Systems” which is a company head quartered in Germany. However the entire team of development of CantataTM is stationed in Bath, UK.

Froglogic

Functional GUI testing is an essential part of Development and QA when testing creating shophisticated modern GUI application. Manual testing alone cannot review an application of regressions within an acceptable time frame. Automated GUI tests quickly produce reliable and reproducible result, and execute in a fraction of the time. Automated GUI testing enables test engineers to expanded testing coverage and rapidly find regressions so fixes can be make early. saving both time and money.

The creation of maintainable and time-proven automated GUI testing framework requires an automation tool that embodies a deep knowledge of the underlying GUI technologies being tested.

Froglogic's popular cross-platform multi-technology GUI testing tool, Squish support automating testing for all kind of modern GUI applications, with dedicated and comprehensive support for:

  • QT. QML, QtQuick and QtWebkit
  • Java GUIs
  • Native Windows Controls
  • Mac OS X Cocoa and Carbon
  • IOS Native and Web GUIs
  • Android Native and Web GUIs
  • Web and Flex in multiple browsers
  • ... and more...
  • Software companies working on Embedded Systems use re-usable embedded software components for Flash, File Systems and Communication. These components are normally purchased from a separate third party vendor as normally embedded companies do not want invest their resources to generate these components and they are best to be taken from some vendors who have strong experience in creating such stacks and also provide support for them.

    These software stacks are extremely important components in working of the entire embedded component so getting the right stack from a proper is very critical.

    Meteonic is partnered to some world class embedded stack providers to empower the clients working on the Embedded technologies with fail safe stacks with support.

    HCC - Embedded

    For more than a decade HCC has been entirely focused on developing re-usable embedded software components for Flash, File Systems and Communications. Many of the leading RTOS vendors in the industry re-sell HCC software under their own brand, giving engineers access to excellent middleware regardless of the RTOS or processor they use. As a consequence, HCC is now one of the leading experts in deployment of platform software independently of the processor, software, peripherals or tools used in the project.

    HCC was founded in 2000 and is headquartered in Budapest, and it provides support to hundreds of engineers around the world. Amongst many significant milestones in the company’s history are the release of the world’s first MISRA compliant TCP/IP stack and the first verifiable embedded DICOM stack for portable medical applications. Currently more than half of the industry’s leading RTOS vendors integrate HCC technology with their core product portfolio.

    A modern solution for product development

    Jama is software for better, faster requirements definition, management, verification and validation, from inception to production.

    Jama

    Better, Faster Product Definition

    Author requirements and create cross-team review groups with a sophisticated solution that removes the overhead of preparing content for a review.

    • Prioritize requirements validation, problem statements, engineering responses, negotiation and reviews.
    • Share robust, contextual information about your specs.
    • Orchestrate work across multiple teams delivering a single complex product.

    Collaboration

    Shorten milestone phases, improve efficiency, identify risk and find opportunities to innovate with purposeful collaboration.

    • Coordinate stakeholders, engineers, partners, data, conversations and decisions.
    • Unlock valuable product information from documents and email.
    • Store work in progress and archives in the same place for ongoing iteration, real-time reporting and clarity across the organization.

    Validation, Verification and Test

    Maintain traceability evidence to visually confirm every requirement, system and component spec has been tested.

    • Configure and customize your traceability structure.
    • Create, maintain and relate test cases, validate and verify product specs in one place.
    • Create relationships between—and manage the configuration of—engineering design and requirements.

    Compliance

    Easily show auditors the connections between regulations, requirements, and tests, as well as related changes and discussions. Regulators can easily see impact and validation of change.

    • Evaluate and mitigate risks across multiple product dimensions.
    • Ensure life- and economy-critical product safety.
    • Have confidence your release meets every standard.
    • Meet compliance and regulatory approval simply by doing your work in Jama.

    Product Variants

    Jama lets you structure product variants from requirements for accelerated new product development.

    • Easily define and manage alternative data in parallel, and compare versions.
    • Develop branch releases and variants simultaneously.
    • Reuse entire IP blocks, or update specs, across product lines.
    • Create a searchable, centralized IP library.

    Workflow Governance

    Configure Jama to your process for structured systems development across process milestones, from concept to production

    • Support efficient V-model execution.
    • Keep all valuable product IP in a secure system of action.
    • Appeal to modern workforce with intuitive, easy to adopt interface.
    • Construct and enforce organizational workflows.

    Krugle

    Since 2008, Krugle has been the #1 choice for federated search of software development assets.

    Krugle combines semantic search of over 50 software language types and related artifacts with support for popular application development repositories - from Git and SVN to Microsoft Team Foundation and IBM Rational.

    Krugle can instantly pinpoint the code structures, dependencies and integrations - across all of your organization's software asset base - that represent the most significant risks or areas for improvement. This streamlines code maintenance, refactoring and defect containment efforts - and ensures that development teams adopt and share best practies most effectively.

    Solid Sands

    Solid Sands is based in Amsterdam, the Netherlands. Our mission is to improve the quality of C and C++ compilers and libraries, and their safe and secure use by providing the best possible test and validation suite. Due to the close relationship with the SuperTest users, their feedback on our updates and suggestions on how to improve, we continuously expand and renew SuperTest. With our knowledge of past, current and upcoming versions of the C standard, new analysis and optimizations techniques and new use cases, Solid Sands stays at the fore-front of compiler and library testing and validation.

    OUR MISSION IS TO IMPROVE THE QUALITY OF C AND C++ COMPILERS, AND THEIR SAFE AND SECURE USE BY PROVIDING, SUPERTEST, THE BEST POSSIBLE COMPILER VALIDATION SUITE

    SuperTest – compiler testing for safety-critical automotive applications

    Ensuring compiler and software quality

    When one of Germany’s leading car manufacturers made the decision to use a new embedded processor in future production cars, it was of paramount importance that the compiler was validated and qualified under as stringent conditions as possible and required by ISO 26262.

    Although the supplied compiler had already been validated by the compiler developer, additional testing was deemed necessary in order to guarantee that the target application code would compile without introducing execution errors. The safety-critical nature of automotive systems such as Electronic Stability Control (ESC) means that the embedded software needs to be 100% deterministic, not only in terms of its decision making but also in terms of its real-time performance. Eliminating errors introduced by the compilation process itself is a major factor in achieving these requirements.

    SuperTest – reducing the risk in safety-critical automotive applications

    It’s not only compiler developers who need to think about compiler validation. Software developers who require proof that their application code compiles without errors also need to think about it – especially when their applications are safety critical.

    Re-using existing source code that you know compiles and runs flawlessly is one of the best ways to maintain software and product quality, but whenever you introduce a new product range it’s inevitable that you have to generate some new source code that may expose compiler errors. Even the individual code styles used by different software developers can expose problems with the compiler. However, potential problems aren’t confined to new code generation.

    “Every time we receive a new version of a compiler, we need to check that the compiled code matches that produced by the earlier version. In the past, we did it by manual comparison at assembler level or by functional testing, but either way it took a lot of time and effort, and the results were often not repeatable. The same applies when we need to check compiler accuracy after switching between different C-language or CPU variants.” says Mitsuhiro Tani, Manager, Basic Software Eng. Div. DENSO Corporation in Japan,

    SuperTest not only allowed to speed up and automate the process of identifying differences between compiler versions and validating language or CPU variants, it also allowed the company to build its own unique test requirements into the process.

    Compiler suppliers validate their compilers using test suites that reflect typical use cases, but that doesn’t mean that every possible compiler option is covered. SuperTest gives the flexibility to configure own use cases and add own test suites, so software developers are able to leverage their in-house knowledge and add specific test cases that are critical to each application.

    Because SuperTest is updated on a regular basis, SuperTest will be useful when software developers have to start using and verifying library code. Typical compiler errors detected by using SuperTest include the operation of Mathematical Functions that is not compatible with C language standard, inconsistencies between different compiler versions, inconsistent library operation between compilers, and so on.

    “Since these compiler problems and errors can be detected before the product development and shipment, DENSO can significantly reduce the effort of updating. We believe that SuperTest has turned out to be a good investment for the company. ” says Hiroki Nakasato, Assistant Manager, Basic Software Eng. Div. DENSO Corporation,

    The volume of test suites that are included in SuperTest and code samples that detect a range of potential compiler errors makes it very cost-effective. The fact that software developers can separate tests in a quick and effective way gives the test flexibility need to identify and locate bugs. Add to that the fact that a standard compliance check for a compiler takes less than 1 to 2 days to run and SuperTest saves a lot of time and money.

    For companies with a very high reputation to maintain and strict automotive safety standards to meet, compiler quality will always be an issue. SuperTest’s ability to achieve the confidence levels needed to use compiler into safety-critical automotive applications has now won it a permanent place in the arsenal of software development tools.