CERT C and CERT C++ Checker

The CERT C and C++ guideline checkers of Axivion cover decidable CERT rules which are relevant for embedded safety functions in embedded software.

If you want to learn more about Axivion's CERT C and CERT C++ checkers or want to discuss your specific use case with one of our experts, let us know.

Contact Us

Compliance with CERT Secure Coding Standards

The CERT C/C++ Secure Coding Standards are compiled by the Computer Emergency Response Team Coordination Center (CERT/CC) of the Software Engineering Institute (SEI) to achieve functional safety, reliability and security of software systems during software development.

Ensuring code meets these guidelines is one of the standard features of Axivion Static Code Analysis. The CERT checker automatically identifies issues preventing embedded safety in embedded software.

Easy Integration with Surprising Results

  • Sharpened eye for security risks and clean code

    The CERT C/C++ guideline checkers automatically uncover code constructs susceptible to security problems. This enables your development team to apply safe coding practices according to CERT C/C++ in a targeted manner. During development, all team members sharpen their eye for pitfalls and risks in the code: From array out-of-bounds to return value from all exit paths.

  • Easy focus in day-to-day business reduces risks

    Axivion’s unique delta mechanism helps you and your team focus on the daily work: writing safe code. In reviews, the delta analysis can easily identify CERT rule violations caused by work done on sprints, releases, feature branches, etc.

  • Easy integration into IDEs and CI environments

    Axivion’s CERT Check results integrate with a wide range of IDEs and CI environments. This allows easy integration into your processes from local checks to full-blown automated checks in the CI. All with the same configuration and results. The CLI and scripting capabilities of Axivion Suite allow the CERT Check to integrate into virtually all practical environments.


  • Simple process integration into Security Quality Management

    Axivion Suite provides you with central building blocks for the code-related areas of your security quality management: The severity classification of rules and rule groups allows you to prioritise your work. By means of justifications, deviations from the CERT rules can be handled in a structured and systematic way in the work process in order to develop in conformity with the standards. By applying different delta intervals, progressions over the development can be viewed and evaluated. Automatically generated reports on the CERT compliance of your code facilitate documentation.

  • Certified for use in software projects with safety requirements

    As part of Axivion Static Code Analysis the CERT checker is certified by SGS TUEV Saar for use in software projects with safety requirements according to:
    • ISO 26262 up to ASIL-D
    • IEC 61508 up to SIL 4
    • IEC 62304 up to Class C
    • EN 50128:2011 and EN 50657:2017 up to SIL 4

The Delta Mechanism in Practice

This is how the developer-level delta mechanism looks in the example: The list shows changes to CERT breaches in the selected time window. In the selected period, 40 new violations were introduced, but six CERT violations were also fixed. In the code view, the new violations are highlighted in color.

Axivion Static Code Analysis helps you to identify and reduce security risks during development.

Success Stories


While your use case may be unique, the issues you are facing are not. Other companies have faced similar challenges and have overcome them by using Axivion Static Code Analysis to ensure compliance with the CERT C/C++ Secure Coding Standards.

Visit our resource center and read some of our customers' success stories.


Read success stories

This might interest you

Request a Demo


Contact Us

Learn More About Axivion


Read More

Download the Brochure



Coding Guidelines


Learn more