Emenda meeting

By Han van Roosmalen - Posted on 09 February 2010

A few weeks ago I went to the Emenda sales meeting in Bordeaux. I stayed there for 3 days and was informed about the new features that the various software tools that Emenda sells. Emenda is European sales partner for tools like: Lattix, Klocwork, Defensics, Cantata++ and ElectricCloud.

The general mood was that the market for static analysis tools is growing. The economic crisis does not seem to  affect sales of these tools. However tools sales growth in Europe lacks far behind on other regions. The reason for this is not really obvious.

But let's talk about the tools themselves. I have already had some oppertunity to play with the previous version of Klocwork and was already amazed by the capabilites. The new version of Klocwork, which support static analysis of C/C++, C#, Java and Ada is even more interesting. A complete new feature is the data exchange between Klocwork and Lattix, which with it is possible to show the major programming errors inside Lattix. Now it is possible to see error hot spots in the Dependency Structure Matrix. Another cool feature is the support for code reviews. Klocwork also includes some refactoring patterns and is pluggable into the major IDEs.

Defensics is probably less known but is cool in another way. Codenomicon of Finland has created a very nice platform for detecting protocol problems. The philosophy is simple: use the protocol take a message that adheres to the protocol, send it out, see what is happening, change the message a tiny little do the same, see what is happening and so on. But doing this for a large number of times, every time with a little change somewhere a server might break. If so report this and continu on.
With other words this is a perfect tool and easy to use and set-up. In the new release Defensicis is capable of handling all kinds of internet protocols, such as SOAP/XML.

Cantata++ (IPL) has always been a tool that everybody wants (at least needs). The new version is very capable of finding al sorts of programming and security bugs in C/C++. The innovative approach goes way beyond what a developer can normally achieve by stringent unit testing.

Lattix came with a very interesting presentation concerning the new metrics in Lattix 5. A comparison in code base between Firefox and Google Chrome is really revealing. I will blog on this.

I decided that I want to offer consultancy with and support on thel mentioned software tools.

If you have any questions/inquiries based on this blog please let me know.