Creating a compliance report

You can create compliance reports in Klocwork Static Code Analysis which can help you determine the health of your code base when following industry standards such as MISRA. This report generates a document which identifies whether your current code base passes each compliance rule that is relevant to you. To get started, open the compliance report tool:
  1. From the Reports tab in Static Code Analysis, click Compliance Report at the bottom of the menu. The Compliance Report UI appears. You can access previously generated reports in the left panel; the right panel provides the controls you can use to generate reports.
  2. Select the taxonomy you want to run the report against, for example, C and C++.
  3. Under Build, select which build you want to use in the report.
  4. Under Views, select the view used in the report. If this field is blank, the report uses the default view.
  5. Under Report Format, you can select the MISRA option to generate a report in the MISRA 2020 guidelines format. By default, the report uses the Klocwork generic compliance format.
  6. Under Output File Type, select the output type for the report. The default is PDF.
  7. Under Output File Name, select the name of the report. By default, the file name is '<project_name> <specified build>'
  8. Under Output Folder Name, select where to save the report. The default is the root folder of the compliance reports in the left sidebar.
  9. Select Summary Only to only show the summary of rule violations in the report. By default, both summary and detailed violation and deviation tables are included in the report.
    In order to see the full, non-summary version of the report, you must have a Compliance License. For more information, contact Klocwork Customer Support.
  10. Optionally, select the Defects Limit (the number of issues included in the report) for the generated report. Note that increasing this increases both the size of the report and the time it takes to generate. Adding a defect limit only impacts the full, non-summary report because it applies a limit to the number of issues in the violation and deviation details tables. You may want to use this option when generating a non-summary report with a large number of deviations.
  11. Click Generate to build the report.
You can find the generated report in the reports panel on the left.
If you want to delete a previously generated report, you need to remove it from the 'projects_root/projects/custom_reports' folder.

Interpreting the violations and deviations lists

The status of an issue determines whether it appears as a violation or a deviation.

The report classifies the following types of issues as violations:

  • Analyze
  • Fix
  • Fix in later release
  • Fix in next release

The report classifies the following types of issues as deviations:

  • Defer
  • Filter
  • Ignore
  • Not a problem