Case Study: CEVA achieves standards compliance and reduces license risk with Black Duck

Ensuring standards compliance and reducing license risk with Synopsys

CEVA, a leading licensor of wireless connectivity, smart sensing and DSP/AI processor IP for markets including automotive, faced a growing need to enforce coding standards and reduce license-related risk as its software development rapidly expanded. With new AI SoC work in automotive, CEVA needed to meet strict safety and quality requirements (e.g., ISO 26262 ASIL‑B and ISO9001) without disrupting existing DevOps workflows.

CEVA integrated Synopsys Coverity (SAST) and Black Duck (SCA) into its CI/CD pipelines, running automated scans across hundreds of developers and large codebases. The combined solution discovered and managed open‑source components, enforced standards like MISRA C and AUTOSAR C++, integrated with CEVA’s internal compiler, lowered license-compliance risk, reduced defects with low false positives, and enabled clear, auditable evidence of regulatory compliance while preserving development velocity.

CEVA

Ori Leibovich

DevOps and Real-Time Development Manager