View Help Online

Start here

Home
About Klocwork
What's new
Fixed issues
Release notes
Installation

Reference

C/C++ checkers
Java checkers
C# checkers
MISRA C 2004 checkers
MISRA C++ 2008 checkers
MISRA C 2012 checkers
MISRA C 2012 checkers with Amendment 1
Commands
Metrics
Troubleshooting
Reference

Product components

C/C++ Integration build analysis
Java Integration build analysis
Desktop analysis
Refactoring
Klocwork Static Code Analysis
Klocwork Code Review
Structure101
Tuning
Custom checkers

Coding environments

Visual Studio
Eclipse for C/C++
Eclipse for Java
IntelliJ IDEA
Other

Administration

Project configuration
Build configuration
Administration
Analysis performance
Server performance
Security/permissions
Licensing
Klocwork Static Code Analysis Web API
Klocwork Code Review Web API

Community

View help online
Visit RogueWave.com
Klocwork Support
Rogue Wave Videos

Legal

Legal information

Tutorial - Creating a taxonomy and viewing the results

hide menu -

In this topic:

Tutorial - Creating a taxonomy and viewing the results

This tutorial shows you how to:

You need the "Change project settings" permission to perform these tasks.

For more information on taxonomies and using the Configuration Editor, see Configuring checkers for the integration build analysis.

Tip: Prior to release 9.2, you could filter by issue type on the desktop, or scope by issue type in Klocwork Static Code Analysis. This tutorial explains how you can use taxonomies and views to accomplish the same thing.

Our example company has a policy to flag and eliminate all Null-Pointer Dereference (NPD) issues, all Buffer Overflow (ABR and ABV) issues, and two specific security vulnerabilities: SV.INCORRECT_RESOURCE_HANDLING.URH and SV.INCORRECT_RESOURCE_HANDLING.WRONG_STATUS.

Parent topic: Configuring checkers for the integration build analysis
Previous topic: Installing the MISRA checkers
Related concepts

Setting up the Company Policy taxonomy

First, we need to set up the Company Policy taxonomy in the Configuration Editor.

  1. Launch the standalone Taxonomy Editor.
    The Taxonomy Editor appears.
  2. Right-click any white space and click New taxonomy.
  3. In the Create new taxonomy dialog, enter "Company Policy" and click OK.
  4. Expand the C and C++ taxonomy.
  5. Ctrl-click the Buffer Overflow and Null Pointer Dereference categories.
  6. Right-click and select Copy.
  7. Right-click Company Policy and select Paste.
  8. Now, we're going to add two security vulnerability checkers to the taxonomy.
    Right-click Company Policy and select Add issue.
  9. In the Issue code field, start typing SV.IN.
    Autocompletion fills in the rest of the name and suggests checkers matching your entry.
  10. Select SV.INCORRECT_RESOURCE_HANDLING.URH and click OK .
  11. Repeat the previous two steps, but this time select SV.INCORRECT_RESOURCE_HANDLING.WRONG_STATUS.
  12. Click OK and save your new taxonomy file somewhere you can find it.
  13. Log in to Klocwork Static Code Analysis.
  14. In Klocwork Static Code Analysis's project list, click the project you want to upload the file to.
    The project details appear.
  15. In the project details, click Configuration.
  16. On the Configuration page, click Add a configuration file.
  17. In the Choose file dialog, browse to:
    <projects_root>/projects/<project_name>/rules/<yourtaxonomyfile>.tconf (or wherever you chose to save your taxonomy file)
    where<project_name> is the project whose configuration you want to copy.
  18. Click Upload.
    Your new Company Policy taxonomy appears in the tree.
  19. Expand the Company Policy taxonomy and make sure that all the NPD and ABV checkers are enabled.
  20. Add a check to SV.INCORRECT_RESOURCE_HANDLING.URH and SV.INCORRECT_RESOURCE_HANDLING.WRONG_STATUS to enable them.
  21. Click Image:Config editor save.png to save your changes.
Tip: To learn how to apply a taxonomy to all new projects, see Copying the configuration to all new projects.

Now we'll use our taxonomy in Klocwork Static Code Analysis.

Related concepts

Using the taxonomy in Klocwork Static Code Analysis for report and issue management

We'll create a view, so that you will see only issues in the Company Policy taxonomy.

  1. In Klocwork Static Code Analysis's project list, click the project you configured.
  2. Click views.
  3. On the Views page, click Create a new view.
  4. In the text field, enter "Company Policy".
  5. In the Search field, enter:
    taxonomy:"Company Policy"
  6. Select the public checkbox. This will make the view available to all users with access to this project.
  7. Click Create to save your view.
    Your view appears in the list. Note that the number of open issues for the Company Policy view is different from the default view.
    Image:Review_views_list_company_policy_taxonomy.png
  8. Click the link for open issues within the Company Policy view.
    Note that the Company Policy view is visible in the breadcrumb, and you can easily switch to another view.
    Image:Review_issues_in_company_policy_view.png
  9. Click reports on the upper right.
    Note that report data is also filtered by the Company Policy view.
  10. Click Top 10 Open Issues.
    The report shows only issues of the types we included in the Company Policy taxonomy.
    Image:Review_report_company_policy_view.png
Related concepts

Grouping and filtering by taxonomy in connected desktops

Connected desktop users can filter and group issues by taxonomy to get a clearer picture of how they're performing against the Company Policy. For this example, we'll use Visual Studio 2008.

Grouping by taxonomy

You can group issues by taxonomy to get a picture of how issues are distributed across multiple taxonomies by clicking the Image:vsgroupbytaxonomy.png icon.

You'll see issues distributed across taxonomies. If the same issue is detected in more than one taxonomy, you'll see it listed under each applicable taxonomy.

Filtering by taxonomy

If you want to see only issues for a specific taxonomy, filtering by taxonomy is the way to do this.

  1. Click the Image:vsfiltericon.png filter icon.
    Note for Visual Studio users: The filter icon filters local issues only. Use the Taxonomy list to filter by taxonomy.
  2. Under Taxonomies, deselect all but Company Policy.
  3. Click OK.

The only issues you see listed are of the types included in the Company Policy taxonomy.

Related concepts

© Rogue Wave Software, Inc. All rights reserved. | Contact