EmbedLint — Embedded C Safety Analyzer

Deterministic safety analysis for Embedded C. 23 rules. Powered by ORBIT-C-CORE. No cloud, 100% local.

What is EmbedLint?

EmbedLint analyzes your Embedded C code for safety violations entirely on your machine — no cloud upload, no API calls, no privacy concerns.

Perfect for:

Automotive developers (ISO 26262, ASIL-D)
Medical device firmware engineers (IEC 62304)
Aerospace and industrial embedded systems
Any safety-critical C code

Features

🔴 23 Safety Rules — covering memory, control flow, types, quality
⚡ Instant Analysis — runs on save automatically
🔒 100% Local — code never leaves your machine
🤖 AI-Agnostic — bring your own key (OpenAI, Claude, Ollama, any)
📊 ORBIT-C-CORE Score — mathematical safety fingerprint per violation
🆓 Free — no subscription needed for core analysis

Setup

1. Install EmbedLint CLI

# Download embedlint.py and embedlint_core.c
git clone https://github.com/viktorweimer/embedlint
cd embedlint

# Build ORBIT-C-CORE (one time)
make

# Install Python dependency
pip3 install pycparser

2. Configure VS Code

Open Settings (Cmd+,) and set:

{
  "embedlint.scriptPath": "/path/to/embedlint/embedlint.py",
  "embedlint.pythonPath": "python3",
  "embedlint.analyzeOnSave": true
}

3. Open any `.c` file

Analysis runs automatically on save. Violations appear as colored underlines.

Rules (23 total)

Rule	Description	Severity
EL-001	No dynamic memory (malloc/free)	🔴 Error
EL-002	Avoid stdio in embedded	🟡 Warning
EL-003	No unsafe string functions	🔴 Error
EL-004	No exit/abort	🟡 Warning
EL-005	No recursion	🔴 Error
EL-006	No goto	🔴 Error
EL-007	Function length max 60 lines	🟡 Warning
EL-008	No float equality comparison	🟡 Warning
EL-009	No unbounded loops	🔴 Error
EL-010	No magic numbers	🔵 Info
EL-011	Minimize global variables	🔵 Info
EL-012	Initialize all variables	🟡 Warning
EL-013	No longjmp/setjmp	🔴 Error
EL-014	Division by variable — null check	🔵 Info
EL-015	Avoid void*	🟡 Warning
EL-017	Switch needs default case	🟡 Warning
EL-018	No empty if bodies	🟡 Warning
EL-019	No signed/unsigned mix	🟡 Warning
EL-020	Functions need comments	🔵 Info
EL-021	Identifier max 31 chars (C99)	🟡 Warning
EL-022	No redeclaration in same scope	🟡 Warning
EL-023	Check return values	🟡 Warning

AI Integration (Optional)

Add your own API key for AI-powered explanations:

OpenAI:

{
  "embedlint.aiProvider": "openai",
  "embedlint.aiApiKey": "sk-...",
  "embedlint.aiModel": "gpt-4o"
}

Ollama (100% offline):

{
  "embedlint.aiProvider": "ollama",
  "embedlint.aiBaseUrl": "http://localhost:11434/v1",
  "embedlint.aiModel": "llama3"
}

How it works

EmbedLint uses two components:

pycparser — parses your C code into an Abstract Syntax Tree (AST)
ORBIT-C-CORE — a compiled C library that evaluates each pattern using a mathematical fingerprint (PMC Triangle algorithm)

Each violation receives:

A severity (Error/Warning/Info)
An ORBIT-C-CORE score (1=dangerous → 5=safe)
A PMC fingerprint (mathematical signature of the pattern)

Why EmbedLint vs. cppcheck/Parasoft?

Feature	EmbedLint	cppcheck	Parasoft
Free	✅	✅	❌
No setup	✅	❌	❌
Deterministic score	✅	❌	❌
AI-agnostic	✅	❌	❌
100% local	✅	✅	❌
VS Code native	✅	⚠️	✅

License

MIT — free to use, modify, distribute.

EmbedLint is developed by Viktor Weimer, Baden-Baden, Germany. ORBIT-C-CORE is proprietary — compiled as binary only.

EmbedLint — Embedded C Safety

WEIMERSOFTWARE