The Software DNA Map Analysis System

Coverity’s proprietary Software DNA Map analysis system creates a comprehensive understanding of your entire C or C++ code base, including 100% of the execution paths, without requiring any changes to your code or build system. By understanding the full build system, Prevent gives developers a precise, unified representation of all relevant source code data and all data used to generate executables – in a form that’s semantically equivalent to your original code. This capability sets Prevent apart, and is the first step toward ensuring the depth and accuracy of static analysis for C/C++ source code. Here’s how it works:

The build monitor observes every operation performed by your build system.

• Prevent incorporates a monitoring layer between your build system and operating system to track every touchpoint between the two.
• The monitoring layer identifies not only all invoked executables, but all files that are opened, written, and read.

The authentic compiler collects detailed knowledge of your code’s syntax, semantics and dependencies.

• When your build system makes a call to the compiler, Prevent performs multiple steps to understand every action of that call and its implications on the compiled source code.
• Prevent translates all command lines to understand exactly how the native preprocessor and compiler proper will generate executables.
• Prevent compiles many variations of C/C++ source code, including various C/C++ dialects and all major language extensions implemented by individual compilers.

A complete compiler representation equips the analysis engines with perfect information about the source code.

• Each build system includes an insertion layer that records unique compilations of every file – Prevent combines them logically into representative, coherent libraries and executables.
• Using a pre-preprocessor, Prevent converts nonstandard constructs into semantically equivalent standard constructs that the front-end parser can interpret and understand.

Contact us to find out how Coverity Prevent can shorten your development cycles and help you deliver more reliable, secure software.