Sonar Cube Solution to achieve standard compliance

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
  • what are you trying to achieve
  • what have you tried so far to achieve this
    How to configure the Sonar Cube solution to comply with DO178 or DO278 standards.

Hi,

Welcome to the community!

I’m not familiar with those standards. Would you like to provide some detail?

 
Ann

Hi,

Thanks for replying. You can find the ref standard at http://antena.fe.uni-lj.si/literatura/Razno/Avionika/rtca/Rtca%20Do-178B.pdf

Hi,

That’s a 112p document.

Perhaps you’d like to distill the requirements or ask specific questions?

 
Ann

Yes let me be specific. We know we can set custom rules in sonar qube as a checklist. We need to see if we can set the rules according to this standard so that once the code is through with this it also complies to the standard.

Hi,

Feel free to browse the available rules: https://rules.sonarsource.com/

 
HTH,
Ann

Very useful link indeed. I need to ask one more thing. It is mentioned that
“Mapped to standards (cert, misra, cwe, sans, owasp, etc.)”

The DO178/278 is not specifically mentioned but this etc covers them also as we can configure our own rules in addition to the 4800+ rules. Right?

Hi,

I’m not sure what you’re asking. You can add tags to rules. And there is some support for adding rules.

 
HTH,
Ann

Indeed it was useful link. Can the installation of this tool be done for on-premises (running independent from our office server).
Can we buy perpetual licenses (means running without the need of re-newing it every year)

Hi,

SonarQube is entirely self-managed, so you can run it wherever you like.

The license question is something to discuss with your sales contact.

 
HTH,
Ann