PowerGridModel · mgovers · Dec 17, 2025 · Dec 17, 2025 · Dec 18, 2025 · Dec 18, 2025
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -12,6 +12,7 @@ include("cmake/pgm_version.cmake")
 project(power_grid_model VERSION ${PGM_VERSION})
 
 option(PGM_ENABLE_DEV_BUILD "Enable developer build (e.g.: tests)" OFF)
+option(PGM_ENABLE_HARDENING "Enable compile and link time hardening options" ON)
 
 set(PGM_C_STANDARD 11)
 set(PGM_CXX_STANDARD 23)

diff --git a/CMakePresets.json b/CMakePresets.json
@@ -112,7 +112,7 @@
     {
       "name": "unix-sanitizer",
       "environment": {
-        "SANITIZER_FLAGS": "-fsanitize=address"
+        "SANITIZER_FLAGS": "-fstack-protector -fsanitize=address,pointer-compare,undefined -fno-sanitize-recover"
       },
       "inherits": "unix-base",
       "hidden": true
@@ -140,7 +140,13 @@
     {
       "name": "msvc-debug",
       "displayName": "Debug (MSVC)",
-      "inherits": ["msvc-base", "debug"]
+      "environment": {
+        "SANITIZER_FLAGS": "/RTC1"
+      },
+      "inherits": [
+        "msvc-base",
+        "debug"
+      ]
     },
     {
       "name": "msvc-release",

diff --git a/power_grid_model_c/power_grid_model_c/CMakeLists.txt b/power_grid_model_c/power_grid_model_c/CMakeLists.txt
@@ -49,6 +49,33 @@ set_target_properties(
         INTERPROCEDURAL_OPTIMIZATION_RELWITHDEBINFO TRUE
 )
 
+if(PGM_ENABLE_HARDENING)
+    target_compile_definitions(
+        power_grid_model_c
+        PRIVATE
+            "$<$<OR:$<CXX_COMPILER_ID:GNU>,$<CXX_COMPILER_ID:Clang>>:_FORTIFY_SOURCE=2>"
+            "$<$<CXX_COMPILER_ID:MSVC>:_ITERATOR_DEBUG_LEVEL=$<IF:$<CONFIG:DEBUG>,2,1>>"
+    )
+    if(NOT CMAKE_HOST_SYSTEM_NAME STREQUAL "Windows")
+        set(_HAS_ADDRESS_SANITIZER
+            "$<NOT:$<OR:$<IN_LIST:address,${CMAKE_CFLAGS}>,$<IN_LIST:address,${CMAKE_CXXFLAGS}>>>"
+        )
+        target_compile_options(
+            power_grid_model_c
+            BEFORE
+            PRIVATE "-fstack-protector" "-fsanitize=undefined" "-fno-sanitize-recover=undefined"
+        )
+    endif()
+    target_link_options(
+        power_grid_model_c
+        BEFORE
+        PRIVATE
+            "$<$<OR:$<CXX_COMPILER_ID:GNU>,$<CXX_COMPILER_ID:Clang>>:-fstack-protector;-fsanitize=undefined;-fno-sanitize-recover=undefined>"
+            "$<$<CXX_COMPILER_ID:GNU>:-static-libubsan>"
+            "$<$<CXX_COMPILER_ID:Clang>:-lubsan>"
+    )
+endif()
+
 install(
     TARGETS power_grid_model_c
     EXPORT power_grid_modelTargets

diff --git a/pyproject.toml b/pyproject.toml
@@ -81,11 +81,13 @@ Discussion = "https://github.com/orgs/PowerGridModel/discussions"
 power_grid_model = "power_grid_model._core.power_grid_model_c"
 
 [tool.scikit-build]
-logging.level = "INFO"
+logging.level = "DEBUG"
 
 cmake.version = ">=3.23"
 cmake.build-type = "Release"
 cmake.args = ["-GNinja"]
+cmake.verbose = true
+
 
 build-dir = "build"
 
@@ -209,11 +211,12 @@ test-command = "pytest {package}/tests"
 # we do not support 
 #    PyPy
 #    musllinux in aarch64
-#    disable Python 3.14 for now until it is released
 skip = ["pp*", "*-musllinux_aarch64"]
 
 [tool.cibuildwheel.linux]
 archs = ["x86_64", "aarch64"]
+before-all = """yum install -y gcc-toolset-14 && \
+    source /opt/rh/gcc-toolset-14/enable"""
 environment = { CC = "gcc", CXX = "g++" }
 manylinux-x86_64-image = "manylinux_2_28"
 manylinux-aarch64-image = "manylinux_2_28"

diff --git a/tests/native_api_tests/CMakeLists.txt b/tests/native_api_tests/CMakeLists.txt
@@ -32,4 +32,9 @@ target_compile_definitions(
     PRIVATE PGM_ENABLE_EXPERIMENTAL
 )
 
+set_target_properties(
+    power_grid_model_api_tests
+    PROPERTIES BUILD_RPATH $<TARGET_FILE_DIR:power_grid_model_c>
+)
+
 doctest_discover_tests(power_grid_model_api_tests)