Case Study: CEVA achieves automotive safety compliance and eliminates license risk with Synopsys Coverity and Black Duck

Ensuring standards compliance and reducing license risk with Synopsys

CEVA, a 20+-year leader in licensor IP for wireless connectivity, sensing and AI-enabled processors across markets from automotive to IoT, faced a twofold challenge: enforce coding standards and reduce license-related risk as its software development “grown rapidly” to support automotive SoC projects. The company needed automated SAST and SCA capabilities that would meet strict safety and quality requirements (ISO 26262 ASIL‑B, ISO9001) without disrupting existing development tools and pipelines.

CEVA integrated Synopsys Coverity SAST and Black Duck SCA into its CI/CD pipelines—running weekly Black Duck scans across ~400 developers and hundreds of thousands of lines of code—and automated policy enforcement across the SDLC. The result: elimination of license-compliance risk, easier demonstration of safety and quality compliance, improved code quality and security with low false positives, enforcement of standards like MISRA C and AUTOSAR C++, and automated scans that keep development velocity while providing actionable compliance reports.

CEVA

Ori Leibovich

DevOps and Real-Time Development Manager