Compuware Corp. is launching two tools that extend the capabilities of Microsoft Corp.'s Visual Studio development platform beyond Microsoft's Visual Studio 2005 plans.

Compuware DevPartner Fault Simulator 1.0 and Compuware DevPartner SecurityChecker 1.0. will help developers build in error-proofing and security when coding applications.

DevPartner Fault Simulator tests and debugs error-handling code in native and .Net code without disrupting the application operation or debugging environment, according to Kyle Krauss, product manager at Compuware's DevPartner lab, in Nashua, N.H. The tool injects simulated faults into the code and then monitors the reaction.

DevPartner Fault Simulator allows for reusable fault sets, and faults can be simulated at the code-line level or programwide. The faults can include errors in disk I/O, memory, network and registry, Krauss said.

Pierre Arnaud, senior software developer at OPaC, in Suscévaz, Switzerland, is an early adopter of Fault Simulator and found it useful and efficient.

"Producing faults in a working environment can be tedious," said Arnaud. "How would you simulate that a specific Web target is not reachable or that your disk is full? Without Fault Simulator, it would be painful.

"I write better error-handling code because I know I can test it," he said. "I can verify the recovery code works when faults occur."

John Carpenter, product manager for Compuware's DevPartner SecurityChecker, said SecurityChecker is a security analysis tool that lets developers locate and fix security vulnerabilities in ASP.Net applications. DevPartner SecurityChecker assists enterprises in developing, testing and deploying applications that are better able to withstand malicious attacks and data theft, he said.

The product features analysis of compile-time, run-time and integrity. SecurityChecker checks code to see if security issues are present, and it can simulate external attacks such as cross-site scripting, SQL injection, buffer overflows and command injection.

In addition, SecurityChecker locates the security issue, ranks it according to severity and "gives you a suggested repair and links to solutions," Carpenter said.

This article was first published on eweek.com.