Helix QAC Key Features

Risk Prioritization

Prioritize coding issues based on the severity of risk. Helix QAC helps you to target the most critical defects using filters, suppressions, and baselines. It delivers accurate diagnostics and actionable results — enabling you to fix the most important issues first.

risk prioritization

Analysis Dashboard

The Helix QAC Dashboard is a centralized store of analysis results, accessed through a web browser. Results are uploaded to the Dashboard as ‘snapshots’. Customized views and reports mean that project. Code quality and compliance metrics can be monitored over time.

The Dashboard is fully customizable, enabling you to tailor its rows and columns to more adequately meet your team’s and project’s needs. By using the Dashboard, you can:

•    Review the entirety of the code by project and section.
•    Identify issues and deviations.
•    Review project updates and notifications.
•    Assign rule configurations (such as MISRA, AUTOSAR, and CERT).
•    Verify how compliant the code is with coding standards and industry best practices.
•    Measure overall code quality.
•    Monitor developing trends with customizable reports.


Development Toolset Integration

Integrate static code analysis with the rest of your development toolset. Helix QAC supports most compilers. And, you can integrate it with many development tools — including IDES (such as Microsoft Visual Studio), version control systems (such as Helix Core), and continuous integration build servers (such as Jenkins).


Helix QAC Compliance Modules

Need to comply with a coding standard? Helix QAC makes it easy.

You can use the following compliance modules to apply coding standards across your codebase. And you’ll get fewer false positives and false negatives in your diagnostics.

MISRA Compliance Modules for C and C++

Check your code against the MISRA C® and C++ coding standards — automatically.

The MISRA coding rules identify potential issues in safety-critical systems. The MISRA C and C++ compliance modules flag sections of your code that violate these rules.

The MISRA C compliance module enforces MISRA C:1998, MISRA C:2004, and MISRA C:2012 rules.

The MISRA C++ compliance module enforces MISRA C++:2008 rules.

Helix QAC identifies MISRA violations with greater accuracy than other tools. And it prioritizes violations based on severity, so you fix the most important issues first.

So, you’ll be able to improve code quality. Plus, you’ll be able to track and report on MISRA (and ISO) compliance.

An example of a MISRA C rule for typedef in Helix QAC.
An example of a MISRA C++ rule violation for null pointers in Helix QAC.

Compliance Module for C++

Check your code against the AUTOSAR C++ coding standard — automatically.

The AUTOSAR coding rules identify safety issues in C++14.

The AUTOSAR C++ compliance module flags any code that violates these rules.

So, you’ll be able to ensure compliance — and fulfill ISO standards. Plus, you’ll be able to track and report on compliance.

An example of an AUTOSAR C++ rule violation for non-interface base class in Helix QAC.

Compliance Modules for C and C++

Check your code against the CERT C and C++ coding standards — automatically.

The CERT coding rules identify security vulnerabilities in your code. The CERT C and C++ compliance modules flag code that violates these rules. This helps you eliminate undefined behaviors and apply best practices for secure code.

Plus, Helix QAC helps you prioritize and fix the most critical violations first. You’ll even get detailed guidance and examples to help you fix these errors.

So, you’ll develop quality systems that are safe, secure, and reliable. Plus, you’ll be able to track and report on CERT compliance.

An example of a CERT C rule violation for object pointer type in the Helix QAC dashboard
An example of a CERT C++ rule violation for invalid pointer values in Helix QAC.

Compatibility Module for C and C++

Check your code against the CWE list of security weaknesses — automatically.  

CWE identifies common security weaknesses in C and C++.

The CWE compatibility module identifies code with those security weaknesses. And Helix QAC prioritizes these CWE violations.

This makes it easy for you to fix the most critical errors first. And by using Helix QAC, you’ll improve overall code security.

This module is registered as CWE compatible for C and C++.

A heat map of C security weaknesses in the Helix QAC dashboard.
Helix QAC CWE C++

Compliance Module for C++

Check your code against the High Integrity C++ (HIC++) coding standard — automatically.

HIC++ coding rules ensure high-quality code in C++11 and C++14.

The HIC++ compliance module enforces compliance to these coding rules. And Helix QAC includes examples of compliant and non-compliant code with each diagnostic.

So, you’ll ensure high-integrity code. Plus, you’ll be able to monitor and report on overall code quality.

HIC++ was developed by Perforce (formerly PRQA) experts.

An example of an HIC++ rule violation for invalid pointer values in Helix QAC.

Compliance Module for C++

Check your code against the Joint Strike Fighter Air Vehicle (JSF AV) C++ coding standard — automatically.

JSF AV C++ coding rules are used for safety-critical development. The JSF AV C++ compliance module identifies violations of these rules.

Helix QAC provides the most comprehensive diagnostics for JSF AV C++ rules. Plus, you’ll be able to track and report on safety metrics.

An example of a JSF++ rule violation for a class publicly derived from a concrete (non-abstract) base class in Helix QAC.

In-House C/C++ Coding Standards

Check your code against your in-house (or custom) coding standard — automatically.

Customize a Compliance Module for C/C++

You can customize a compliance module for your C/C++ coding rules. Helix QAC will automatically enforce these rules. And you’ll be able to report on compliance to these rules.

An example of custom coding rules you can use in Helix QAC — e.g., tab found in source.

Who Uses Helix QAC?



Automotive software development requires more than 100 million lines of code. What’s more, the installed embedded software is generally developed independently from the rest of the automobile. 

Because of this, development teams must be able to effectively manage a unique set of challenges. With Helix QAC, development teams are able to collaborate on projects, and ensure that their code is high quality and meets regulatory compliance.


Embedded Development

Managing the increase in digital assets is essential for the efficient design and development of embedded systems. All of those processes need to happen under strict compliance guidelines. For quality-critical industries, code needs to comply with coding standards and industry requirements. And, Helix QAC can prove that your code is compliant.

Aerospace & Defense

Aerospace, defense, and military organizations use embedded software every day. Making sure that software is safe, secure, and reliable is critical. This puts developers under pressure to produce software without any defects.

Large code bases and complex systems make this a challenge. Tough compliance requirements make it even more difficult. With Helix QAC, airborne systems developers can easily prove compliance and develop quality systems.


Medical Device

The quality of software embedded in medical devices can mean the difference between life and death. Because of this, there is increasing scrutiny for both safety and security in devices.

By using Helix QAC, you’ll be able to meet ever-changing government regulations, and verify that your medical devices are safe, reliable, and efficient.


Energy Technology

Energy and utilities product development teams need to ensure functional safety compliance, meet industry regulations as well as mitigate potential security vulnerabilities and coding errors. This can be a significant challenge for teams to effectively meet. 

With Helix QAC, energy and utilities product development teams can easily comply with coding standards, identify potential risks, and have visibility into code compliance. 

Certified for ISO, IEC, and EN Compliance

Helix QAC is independently certified for compliance. Helix QAC was developed by Programming Research/PRQA, which is now part of Perforce.

SGS-TÜV Saar Certified

Helix QAC is SGS-TÜV Saar certified for compliance with key functional safety standards:

  • ISO 26262 (automotive) up to ASIL level D.
  • IEC 61508 (general industrial) up to SIL 4.
  • EN 50128 (railways) up to SW-SIL 4.
  • IEC 62304 (medical devices) up to Software Safety Class C.
  • IEC 60880 (nuclear power).

ISO 9001 | TickIT plus Foundation Level Certified

Helix QAC is also certified in ISO 9001 | TickIT plus Foundation Level.

ISO 9001 is one of the most widely adopted standards. It ensures that organizations are striving to meet and exceed customers’ requirements and satisfaction through continuous improvement. 

Helix QAC Certifications

Additional Resources

Try Static Code Analyzers

Request your free trial of Helix QAC for C/C++.

See a Demo

See Helix QAC in action. Sign up for our next live demo.

Get In Touch

Have questions? We’re here to help!