QUESTIONS? WE CAN HELP, CALL 613-215-3252, or EMAIL US NOW!

AbsInt Astrée

Astrée is a static code analyzer that proves the absence of run­time errors and invalid con­current behavior in safety-critical software written or gen­er­ated in C or C++.

License Options:
Base License
  • Floating, permanent license
  • 1 analyzer token, 2 client tokens
  • Allows two simultaneously connected Astrée clients to configure analyses or inspect analysis results, and one analysis process
  • Installation in virtual machines allowed (not for license server program “ALM”)
  • Worldwide usage within one specific department
  • Department definition: Name of department, location(s), project
  • Includes 6 months technical support & maintenance
  • Additional Token Package (1 analyzer token, 2 client tokens) includes 6 months technical support & maintenance
Cloud License
  • Floating, permanent license
  • 1 analyzer token, 2 client tokens
  • Allows two simultaneously connected Astrée clients to configure analyses or inspect analysis results, and one analysis process. Usage in Cloud environments, like MS AZZURE, AWS, etc.
  • Installation in virtual machines allowed, also for license server program “ALM”
  • Worldwide usage within one specific department
  • Department definition: Name of department, location(s), project
  • Includes 6 months technical support & maintenance
  • Additional Token Package (1 analyzer token, 2 client tokens) includes 6 months technical support & maintenance

For detailed options and pricing, please request a quote.

PURCHASE



Need a quote? Click here to access our
convenient online quotation form.



Fast and sound static analysis

Astrée screenshot
.
Astrée screenshot

Astrée primarily targets embedded applications as found in aero­nautics, earth trans­por­tation, medical instrumen­tation, nuclear energy, and space flight. Never­theless, it can just as well be used to analyze any structured C/C++ programs, handwritten or generated, with complex memory usages, dynamic memory allocation, and recursion.

Astrée is sound — that is, if no errors are signaled, the absence of errors has been proved.

Which runtime properties are analyzed by Astrée?

Astrée statically analyzes whether the programming language is used correctly and whether there can be any run­time errors during any execution in any environment. This covers any use of C or C++ that, according to the corresponding language standard, has undefined behavior or violates hardware-specific aspects.

Additionally, Astrée reports invalid concurrent behavior, violations of user-specified programming guidelines, and various program properties relevant for functional safety.

Astrée detects any:

  • division by zero,
  • out-of-bounds array indexing,
  • erroneous pointer manipulation and dereferencing (NULL, uninitialized and dangling pointers),
  • integer and floating-point arithmetic overflow,
  • read access to uninitialized variables,
  • data races (read/write or write/write concurrent accesses by two threads to the same memory location without proper mutex locking),
  • inconsistent locking (lock/unlock problems),
  • invalid calls to operating system services (e.g. OSEK calls to TerminateTask on a task with unreleased resources),
  • other critical data and control-flow errors,
  • all violations of optional user-defined assertions to prove additional runtime properties (similar to assert diagnostics),
  • code it can prove to be unreachable under any circumstances.

Astrée is also sound for floating-point computations and handles them precisely and safely. All possible rounding errors, and their cumu­lative effects, are taken into account. The same is true for −∞, +∞ and NaN values and their effects through arithmetic calculations and comparisons.

NIST logo

In 2020, the US National Institute of Standards and Technology determined that Astrée satisfies their criteria for sound static code analysis.

Now with support for C++ and mixed code bases

Since 2020, runtime error analysis can also be applied to C++ and mixed C/C++ code bases. The new analysis mode supports all modern C++ versions up to C++17 and many of the features known from the classic C code analysis.

Astrée’s C++ analysis uses the same technology as its C code analysis. It is designed to meet the characteristics of safety-critical embedded software, and is subject to the same restrictions as Astrée for C.

The high-level abstraction features and template library of C++ facilitate the design of very complex and dynamic software. Extensive use of these features may violate the established principles of safety-critical embedded software development and lead to unsatisfactory analysis times and results. The Astrée manual gives recommendations on the use of C++ features to ensure that the code can be well analyzed. For less constrained (less critical) C++ code, we recommend using the standalone RuleChecker.

MISRA and more

RuleChecker logo

The seamlessly integrated RuleChecker lets you check your code for compliance with various coding standards, including MISRA, CWE, ISO/IEC, SEI CERT, and AUTOSAR. You can easily toggle individual rules and even specific aspects of certain rules. The tool can also check for various code metrics such as com­ment den­sity or cyclomatic complexity. Custom extensions for your own in-house coding guidelines are available on request.

RuleChecker can be envoked separately, to allow for even faster checks of your code, or in conjunction with the sound semantic analyses offered by Astrée, to additionally guarantee zero false negatives and minimize false positives on semantical rules. No competing standalone MISRA checker can offer this, and no testing environment can match the full data and path coverage provided by the static analysis.

Who uses Astrée?

Since 2003, Airbus France has been using Astrée in the devel­opment of safety-critical software for vari­ous aircraft series, including the A380.

In 2018, Bosch Automotive Steering replaced their legacy tools with Astrée and RuleChecker, resulting in significant savings thanks to faster analyses, higher accuracy, and optimized licensing and support costs.

Framatome employs Astrée for verification of their safety-critical TELEPERM XS platform that is used for engineering, testing, commissioning, operating and troubleshooting nuclear reactors.

The global automotive supplier Helbako in Germany is using Astrée to guar­antee that no run­time errors can occur in their elec­tronic control software and to de­monstrate MISRA compliance of the code.

ESA logo

In 2008, Astrée proved the absence of any run­time errors in a C ver­sion of the auto­matic docking software of the Jules Verne Automated Transfer Vehicle, enabling ESA to transport payloads to the Inter­national Space Station.

A world leader in motors and ventilators for air-conditioning and refrigeration systems, ebm-papst is using Astrée for fully automatic conti­nuous verification of safety-critical interrupt-driven control software for commu­tating high-efficiency EC motors for venti­lator systems.

MTU Friedrichshafen uses Astrée to demonstrate the cor­rectness of con­trol software for emer­gency power gene­rators in power plants. Together with its quali­fication package, Astrée is part of the IEC 60880 certi­fication process.

Tailor it to your own requirements

Astrée offers powerful annotation mechanisms for supplying external knowledge and fine-tuning the ana­lysis precision for individual loops or data structures. Detailed messages and an intui­tive GUI guide you to the exact cause of each potential runtime error. Actual errors can then be fixed, and in case of a false alarm the analyzer can be tuned to avoid it. This allows for analyses with very few or even zero false alarms.

dSPACE logo Jenkins logo Eclipse logo

The analyzer can also run in batch mode for easy integration into established tool-chains.

Plugins for TargetLink, Jenkins, and Eclipse are available and actively supported.

Qualification support

Your usage of Astrée can be qualified according to DO-178B/C, ISO 26262, IEC 61508, EN-50128, the FDA Principles of Software Validation, and other safety standards. We offer special Qualification Support Kits that simplify and automate the qualification process.

Astrée PDF

Cancellation & No Refund Policy

Cancellation: You can cancel your subscription at any time. Please note that we do not provide credit, refunds or prorated billing for any licenses that are cancelled once purchased.

No Return/Refund: All sales are final, there are no refunds.

Select your currency