Draft:TrustInSoft Analyzer

TrustInSoft Analyzer is a source code analyzer that analyzes code written in the C and C++ programming languages. It implements a set of various formal methods, which create mathematical proofs of the absence of undefined behavior in the analyzed code.

TrustInSoft Analyzer identifies undefined behavior including memory management issues such as buffer overflow and uninitialized variables, arithmetic operations including division by zero, integer overflow,and race conditions.

TrustInSoft Analyzer is commonly used for software analysis in embedded systems, and addresses safety and security issues within the source code. TrustInSoft Analyzer aids in establishing compliance with safety and security standards and norms including ISO 26262 and MISRA C.

It can also prove that a program conforms to a formal specification of its intended functional behavior including the ANSI/ISO C Specification_Language  (ACSL).

Development and Deployment
TrustInSoft Analyzer deploys in multiple environments (e.g. Mac OS, Linux, Windows) and integrates with various tools (e.g. Google Test and Jenkins). All versions of C up to 18 and C++ up to 20 are supported.

TrustInSoft Analyzer is available as a standalone software under a proprietary license for customers of the TrustInSoft company. It is also available, in a restricted form, as a freely accessible web application for experimenting and teaching. Additionally, another free, fairly complete, version of the analyzer is available on the web, able to analyze code if the source is publicly hosted on Github.

Applications and Visibility
TrustInSoft Analyzer’s technology, previously developed under Frama C, has industrial-scale applications to formally verify critical aeronautic applications such as DO-178C. TrustInSoft has since expanded into markets such as consumer electronics and automotive. In 2016, TrustInSoft Analyzer was accredited in a NIST report to the White House Office of Science and Technology Policy, for proving the absence of CWE vulnerabilities in the PolarSSL (now referred to as Mbed_TLS) stack. In 2021, TrustInSoft was selected for the UBIMobility development program, an accelerator for autonomous vehicle technologies.