Supported Standards & Coverage Matrix
This page documents exactly which standards, versions, and rule subsets TrinovaQ Studio supports. Read this before starting a project that requires compliance evidence.
TrinovaQ Studio is a compliance assistance tool. It surfaces gaps and generates evidence artifacts; it does not certify software or replace a qualified safety assessor. All AI-inferred results are advisory and require engineer confirmation before inclusion in formal work products.
MISRA C
| Version | Status | Rule Coverage | Notes |
|---|---|---|---|
| MISRA C:2012 | Supported | ~65% of total catalog via cppcheck | See table below for exact rules |
| MISRA C:2025 | Partial | 12 new rules added; expansion to 175+ in progress | |
| MISRA C++:2023 | Not supported | — | Planned |
| MISRA C++:2008 | Not supported | — | Not planned |
MISRA C:2012 Rule Coverage Detail
TrinovaQ uses cppcheck as the underlying static analysis engine. cppcheck detects approximately 65% of MISRA C:2012 rules. Rules not covered by cppcheck are not checked by TrinovaQ.
- Rules covered by cppcheck: ~38 rules (with MISRA addon enabled)
- Rules requiring manual review or commercial tooling: ~103 rules
To see the current rule list, open Tools → Policy and inspect the MISRA Rule Catalog tab. Each rule shows its source (cppcheck, manual, or not-covered).
TrinovaQ's static analysis layer covers approximately 65% of MISRA C:2012 rules detectable by automated tools. This is consistent with cppcheck's documented MISRA coverage. For full MISRA coverage, complement TrinovaQ with a commercial MISRA tool (e.g., Polyspace, LDRA, Parasoft QAC).
ISO 26262 Functional Safety
| Aspect | Status | Notes |
|---|---|---|
| Traceability (F3) — §6:7.4 | Supported | Bidirectional requirement-to-code matrix; annotation + LLM-inferred links |
| ASIL Propagation | Supported | Transitive closure via GCC call-graph dumps (-fdump-tree-callgraph) |
| Work Products (F4) — SWE.4/SWE.6 | Supported | LLM-synthesized narrative work products; engineer review required |
| GSN Safety Case (F7) | Supported | ISO 26262-6 goal-structured argument fragments |
| ASIL decomposition | Not supported | Decomposition analysis not implemented |
| Formal methods (Part 6 §9) | Not supported | No formal verification integration |
| Edition | 2018 (second edition) |
ISO/SAE 21434 Cybersecurity
| Aspect | Status | Notes |
|---|---|---|
| TARA import (F5) | Supported | Excel, Word, JSON formats |
| CAL-graduated verification | Supported | CAL 1–4 adequacy levels |
| Clause 14 (TARA methodology) | Supported | Threat/countermeasure extraction |
| §15.4 (cybersecurity verification) | Supported | Countermeasure adequacy per CAL |
| §15.5 (validation) | Partial | Evidence generation; formal validation not automated |
| UN R155 / R156 | Partial | TARA evidence compatible; CSMS process documentation not generated |
AUTOSAR
| Platform | Version | Status | Notes |
|---|---|---|---|
| Classic Platform | R4.x | Supported | SWC/RTE/MCAL layer boundary enforcement |
| Classic Platform | R3.x | Not supported | Parser targets R4.x schema only |
| Adaptive Platform | Any | Not supported | Not planned for current roadmap |
AUTOSAR Classic R4.x Scope
- ARXML parsing: SAX-based streaming, handles files > 50 MB
- Detects: SWC→MCAL direct calls (
Dio_*,Can_*,Spi_*,Mcu_*,Port_*) - Detects: Hardware address literals from application-layer components
- Detects: MCAL header inclusions (
#include <Dio.h>) from wrong layer - LLM semantic analysis: indirect violations, obfuscated patterns
A-SPICE (Automotive SPICE)
| Process | Base Practices | Status |
|---|---|---|
| SWE.4 Unit Design | BP1–BP6 | Supported (narrative synthesis via F4) |
| SWE.6 Unit Implementation | BP1–BP5 | Supported (narrative synthesis via F4) |
| SWE.3 Detailed Design | — | Not supported |
| SWE.5 Integration Test | — | Not supported |
A-SPICE work products generated by F4 (Work Product Autopilot) contain LLM-synthesized narrative. These are starting points for assessor-ready documents, not finished deliverables. An engineer must review and approve all generated content before submitting to an ASPICE assessor.
Other Standards
| Standard | Status | Notes |
|---|---|---|
| CERT C | Partial | Via cppcheck rule cross-reference; no dedicated enforcement layer |
| CWE | Partial | cppcheck maps some rules to CWE IDs |
| SPDX 2.3 (SBOM) | Supported | Export via Reports & SBOM feature |
| UN R155 | Partial | TARA evidence artifacts compatible; full CSMS not automated |
| DO-178C | Not supported | Avionics standard; not planned |
Hardware Targets (Compile & Flash)
| Target | Architecture | RAM | Flash | Flash Tool | Status |
|---|---|---|---|---|---|
| Arduino Uno | AVR 8-bit | 2 KB | 32 KB | avrdude | Supported |
| STM32 F103 | ARM Cortex-M3 | 20 KB | 128 KB | OpenOCD + ST-Link | Supported |
| ESP32 | Xtensa dual-core | 512 KB | 4 MB | — | Not yet supported |
Supported Analysis Languages
| Language | Static Analysis | Compilation | Notes |
|---|---|---|---|
| C (C99/C11) | Full — MISRA, CERT C via cppcheck | GCC | Primary target |
| C++ | Partial — some cppcheck rules apply | GCC | MISRA C++ not supported |
| Rust | Safety score | rustc | No MISRA equivalent |
| Other | None | None | — |