Pursuit of Quality with Axivion

Have you noticed that implementing even simple features becomes increasingly time-consuming over time? Is your current codebase still adhering to the High/Low Level Designs laid down by your Software Architect? Are you aware of the duplicate code and dependency cycles lurking in your code? Is Safety-Certified software your priority? 

If any of these questions sparked your curiosity, then keep reading to discover how we can effectively tackle these issues.


Axivion has been an integral part of the Qt Group for more than a year, enhancing its Quality Assurance offerings.

For those who aren't familiar with Axivion, Axivion is the technology leader for next generation static code analysis of C, C++ and C# code. In addition to classic analyses such as MISRA or metrics, Axivion exclusively allows you to check the compliance of your software architecture. With the capability to detect clonescycles, and unreachable code, you will always be able to prevent software erosion in your development projects.

Please check out our customer references to see how  Axivion Suite helps our customers achieve their goals day in and day out.

In this article, we take a quick walk through the process of getting started with Axivion, showcasing its tools and the value it brings. To demonstrate the analysis in action, we chose the Industrial Automation Demo project currently being developed in-house, aimed at the upcoming Trade Shows.


If you are new to Axivion, the obvious choice is to use the Axivion Configuration Wizard, which is a step-by-step guide to configuring your project for analysis. Here, you will be guided through configuration options like Project location, Version Control System, Compiler Toolchain, Build System, etc.

At the end of this process, a standard User Interface appears where you can start fine-tuning the project. For example, you could enable Misra C++ 2023 analysis, disable Cycle Detection, set limits for McCabe complexity checks, or even add custom rules based on your company ruleset.

Save analysis results
Helper script to start analysis
Enabling Misra C++ 2023 and disabling Cycle Detection
Setting max threshold value for McCabe Cyclomatic Complexity
Architecture Analysis Setup

In theory, software architecture can be ensured by periodic reviews of the code. Unfortunately, in practice, the manual architecture review is both time consuming and error-prone. More often than not, architecture review is ignored during Pull/Merge requests. By the time we start seeing the real issues, we would have spent considerable effort and money patching up the symptoms.

What if we tell you that Axivion will precisely verify architecture compliance for every change made in the source code? 

To demonstrate thiswe created a high-level design for the demo project using the Gravis tool, which is a simple-to-learn, lightweight, architecture modeling tool.

With Gravis,

  • we draw architectural entities (e.g., components, files, classes, functions, variables, etc.)
  • define relationships between them (e.g., inheritance, association, function call, friend function, etc.)
  • map the architecture entities with corresponding code artifacts.
The level of granularity/precision in defining the relationships is just phenomenal. Finally, we configure Axivion to use the newly created architecture/mapping data (.gxl file) as the reference to perform architecture analysis.
Note: Using Gravis is not mandatory, as designs can also be imported from Enterprise Architect, IBM Rhapsody, PlantUML or any tool that uses the XMI format for software architecture representation.

First, we model the architecture entities which represents components, files, classes, functions, variables, etc. Then, we define relationships/edges between these entities (available edge types shown on the bottom right)

Create mapping between the Source Code Artifacts and the Architectural Entities defined in the previous step.

Export new architecture as a gxl file
Use the generated gxl file as reference architecture.
Static Code Analysis Setup

Apart from the widely popular options like Style Checks and Metrics, you could also analyze Duplicate Code, Dependency Cycles, and Dead Code in your code base with Axivion. Though it may seem trivial, you would already be noticing its symptoms, like repetitive bugs with the same fix, increased compilation times, unprecedented crashes, and unmaintainable code. 

If you prioritize safety certifications such as ISO 26262, IEC 61508, IEC 62304, or EN 50128/50657, then look no further because Axivion is certified by SGS-TÜV Saar GmbH for use in the development of safety-certified systems. This, coupled with coding guidelines aimed at Safety (Misra) and Security (CWE, CERTand C Secure Coding) would ensure safety certified code along the supply chain.

For the demo project, apart from choosing Misra-C++ 2023 guidelines, we also enabled Clone Detection, Cycle Detection, and Dead Code Detection for the analysis.

Enabling Clone, Dead Code detection and Metrics
Enabling Misra C++ 2023 ruleset


Analysis can be triggered easily by executing the helper script (sh/bat) generated during setup. This approach also makes CI-CD integration effortless.


The analysis results can be conveniently viewed on Axivion Suite's Dashboard, an intuitive web application accessible through your browser. This dashboard provides insights into the erosion and quality attributes of your software projects, making it easy to monitor and improve their overall health.

Note: Analysis Results are also available in SARIF, JSON, CSV, JUnit XML, and Text Formats.

Architecture Analysis Results

The analysis shows us the convergence, divergence, or absence of relationships between the defined architectural entities when compared against reality (codebase). This serves as a valuable signal for us to address any code issues proactively, preventing further complexity. It may also ignite conversations about the underlying reasons for the discrepancies, prompting a reassessment of the architectural design.


Reporting Absence, Convergence and Divergence of codebase compared to reference architecture

Exploring an individual architectural issue.
Visualizing the analysis in Gravis
Convergences listed in gravis while clicking on an edge
Divergences listed in gravis while clicking on an edge



Static Code Analysis Results

Axivion left no stone unturned in uncovering the clones and dead code within our repository. This analysis proved invaluable in eliminating duplicate code and identifying unused functions that had slipped under the radar.
The analysis of Misra C++ 2023 shed light on the rigorous demands of a Safety-Critical Project, guiding us towards compliance. The intuitive dashboard provides a timeline of issue introductions and resolutions, offering valuable insights for continuous improvement.

Visualizing Misra C++ 2023 violations
Visualizing the root cause of Misra C++ 2023 violation.

Visualizing dead code

Visualizing Clones. It is a type 3 clone where there the codes look similar but with minor additions and deletions.

With the option to customize/finetune Axivion to suit your needs, you can avoid false positives, which can reduce the usefulness of SCA, and waste entire days for QA Engineers
For example, we stumbled upon a false positive where the std::unique_lock variable is flagged as unused, while in reality, the declaration itself would serve the purpose of locking the mutex within the scope. This can be configured as an expected behavior by setting the option treat_side_effect_constructors_as_use to true. 


Measurement is key to control and improvement. If you can't measure it accurately, you can't understand, control, or improve it.

With Axivion as your ally, you can effectively measure and address software erosion factors, manage complexity, and ensure the overall health of your development process. Axivion empowers you to stay ahead of the curve by providing valuable insights into your codebase, enabling you to make informed decisions and implement targeted improvements.

What's next?

What fun would it be to taste our own medicine? Currently, the Qt Framework and Axivion Suite itself are under surveillance from Axivion Suite. Please keep tuned for the Architecture/Static Code Analysis of Qt Safe Renderer, – a Safety-Certified offering  from Qt.

If you would like to learn more about Axivion, please contact us.