Configuring taxonomies and categories

In this topic:

Klocwork provides three default organizational structures, or taxonomies:

  • C and C++
  • Java
  • C#

Each taxonomy contains a set of checkers, grouped by category.

The three default taxonomies, as their names suggest, organize all checkers by language. You can set up taxonomies to report on whatever is important to you. For example:

  • to measure compliance with a standard such as MISRA. In this case, you'd include only the checkers that detect violations of the standard. Taxonomy files for CERT, CWE, DISA STIG, MISRA, and others are provided for you in your <server_installation>/taxonomies folder, which you can import as you choose.
  • to measure software quality
  • to assess software security

You can create your own taxonomies. The structure you set up will be available for reporting in Klocwork Static Code Analysis and on connected desktops.

Opening the standalone Taxonomy Editor

The standalone Taxonomy editor is used to configure custom taxonomies, categories and to edit reference information. It is accessed from the command line by running one of the following commands:

To create a new configuration file, run the command: 

kwtaxonomyeditor

The Taxonomy Editor will open in a new window and you can make any changes required. Once you are finished making changes, click OK . Now save the file where you can find it easily, then import it for your project using the kwadmin import-config command or by importing it through the Configuration tab for your specific project in Static Code Analysis.

For projects with an existing configuration file, run the command:

kwtaxonomyeditor <path/to/mytconf.tconf>

In this scenario, make sure you are pointing to the taxonomy file for the project you wish to change.

Example 

kwtaxonomyeditor "C:\Klocwork\Server 21.1\taxonomies\cwe_10_cxx.tconf"

Creating and editing taxonomies and categories

You create and edit taxonomies and categories using the standalone Taxonomy Editor. Default taxonomies are read-only and cannot be edited.

  • Add a new taxonomy: Right-click on any white space in the editor and click New taxonomy. In the Create new taxonomy dialog, enter a name and click OK.
  • Add a new category: Right-click a taxonomy to create a category. Click New category. In the Create new category dialog, enter a name and click OK.
  • Rename a category: Right-click and click Rename. In the Rename dialog, enter a new name and click OK.

    Restriction: You can't rename a taxonomy.

  • Delete a taxonomy or category: Right-click and click Delete. Click OK to confirm. The taxonomy or category and all of its contents are removed. This change can't be undone for non-default taxonomies and categories.
  • Delete a checker from a taxonomy : Right-click and click Delete. Click OK to confirm.
If you want to use a custom taxonomy that is in English within the Japanese installation, the language attribute should still be set to 'ja'. Any old taxonomies that do not have the language set should also be modified to include either 'en' or 'ja' as the locale.

Adding a checker to a taxonomy

You can add a checker in a few ways:

  • drag from another taxonomy. Note that the checker will be removed from the taxonomy you're dragging it from.
  • copy-and-paste or cut-and-paste from another taxonomy (through the right-click menu, or with Ctrl+x, Ctrl+c and Ctrl+v)
  • right-click on either a taxonomy or category and click Add issue . In the Add issue dialog, start typing an issue code, and auto-completion will suggest available matches. Double-click an item in the list and click OK. For a list of issue codes, see C and C++ checker reference, Java checker reference and C# checker reference.

Because a checker can't appear more than once in a taxonomy, you can't copy-and-paste from one category to another within the same taxonomy; you can only cut-and-paste, or drag-and-drop.

Importing your taxonomy file in Klocwork Static Code Analysis

Once you have created your custom taxonomy file (.tconf), you can import it for your project by doing the following:

  1. Log in to Klocwork Static Code Analysis.
  2. In the Klocwork Static Code Analysis analysis project list, click the project you want to upload the file to.

    The project details appear.

  3. In the project details, click Configuration.
  4. On the Configuration page, click Add a configuration file.
  5. In the Choose file dialog, browse to: <projects_root>/projects/<project_name>/rules/<yourtaxonomyfile>.tconf

    (or wherever you chose to save your taxonomy file)

    where<project_name> is the project whose configuration you want to copy.

  6. Click Upload.

Editing the Reference information for a checker

The Reference field can contain any extra information you'd like to add for a checker. The Reference field is taxonomy-specific; this means that if a checker exists in multiple taxonomies, it can have multiple values for the Reference field. This also means that when you copy or move a checker from one taxonomy to another, the Reference information is not copied or moved.

A typical use for this field is to map the checker to a rule in a standard. For example, the checker MISRA.ASM.ENCAPS detects violations of both MISRA C rule 2.1 and MISRA C++ rule 7-4-3. We've included both of these rule numbers in the Reference field for this checker.

The Reference field is visible in Klocwork Static Code Analysis and in the developer desktop tools. In the desktop tools, it's shortened to "Ref".

To change the reference value for a checker:

  1. Open the standalone Taxonomy Editor.
  2. Expand an issue category to display the checker you want to change.
  3. Right-click the checker.
  4. In the pop-up menu, click Edit reference.
  5. In the Specify Reference dialog, enter a value.
  6. Click OK to save your changes.

Reference information is included as a part of your customized .tconf file.

Related concepts