diff --git a/.github/workflows/static-analysis.yml b/.github/workflows/static-analysis.yml
index 9c279a0..85dccf2 100644
--- a/.github/workflows/static-analysis.yml
+++ b/.github/workflows/static-analysis.yml
@@ -1,6 +1,5 @@
 name: Static Analysis
 
-# Run on all push and pull requests
 on:
   push:
     branches:
@@ -16,4 +15,6 @@ on:
 jobs:
   static-analysis:
     name: Static Analysis
-    uses: nasa/cFS/.github/workflows/app-static-analysis-reusable.yml@dev
\ No newline at end of file
+    uses: nasa/cFS/.github/workflows/static-analysis-reusable.yml@dev
+    with:
+      source-dir: 'source/fsw'
\ No newline at end of file
diff --git a/docs/dox_src/cfs_sc.dox b/docs/dox_src/cfs_sc.dox
index 0ffb7bc..1fcadb3 100644
--- a/docs/dox_src/cfs_sc.dox
+++ b/docs/dox_src/cfs_sc.dox
@@ -139,11 +139,11 @@
 
   <H2>Power On Resets</H2>
 
-  The RTS ID defined by #RTS_ID_AUTO_POWER_ON is started (if non-zero).
+  The RTS ID defined by #SC_RTS_ID_AUTO_POWER_ON is started (if non-zero).
 
   <H2>Processor Resets</H2>
 
-  The RTS ID defined by #RTS_ID_AUTO_PROCESSOR is started (if non-zero).
+  The RTS ID defined by #SC_RTS_ID_AUTO_PROCESSOR is started (if non-zero).
 
   <H2>Absolute Time Processor (ATP)</H2>
 
diff --git a/fsw/inc/sc_internal_cfg.h b/fsw/inc/sc_internal_cfg.h
index 3b5ff53..fe3f866 100644
--- a/fsw/inc/sc_internal_cfg.h
+++ b/fsw/inc/sc_internal_cfg.h
@@ -333,7 +333,8 @@
  * \par Limits:
  *       Must be a valid RTS ID or 0
  */
-#define RTS_ID_AUTO_POWER_ON 1
+#define SC_RTS_ID_AUTO_POWER_ON                  SC_INTERNAL_CFGVAL(RTS_ID_AUTO_POWER_ON)
+#define DEFAULT_SC_INTERNAL_RTS_ID_AUTO_POWER_ON 0
 
 /**
  * \brief Autostart RTS ID after processor reset
@@ -345,7 +346,8 @@
  * \par Limits:
  *       Must be a valid RTS ID or 0
  */
-#define RTS_ID_AUTO_PROCESSOR 2
+#define SC_RTS_ID_AUTO_PROCESSOR                  SC_INTERNAL_CFGVAL(RTS_ID_AUTO_PROCESSOR)
+#define DEFAULT_SC_INTERNAL_RTS_ID_AUTO_PROCESSOR 0
 
 /**
  * \brief Mission specific version number for SC application
@@ -362,7 +364,7 @@
  *       or equal to zero.
  */
 #define SC_MISSION_REV                  SC_INTERNAL_CFGVAL(MISSION_REV)
-#define DEFAULT_SC_INTERNAL_MISSION_REV 0
+#define DEFAULT_SC_INTERNAL_MISSION_REV 0xFF
 
 /**\}*/
 
diff --git a/fsw/src/sc_app.c b/fsw/src/sc_app.c
index 7b8c2f8..b367e18 100644
--- a/fsw/src/sc_app.c
+++ b/fsw/src/sc_app.c
@@ -174,11 +174,11 @@ CFE_Status_t SC_AppInit(void)
     /* Select auto-exec RTS to start during first HK request */
     if (CFE_ES_GetResetType(NULL) == CFE_PSP_RST_TYPE_POWERON)
     {
-        SC_AppData.AutoStartRTS = SC_RTS_NUM_C(RTS_ID_AUTO_POWER_ON);
+        SC_AppData.AutoStartRTS = SC_RTS_NUM_C(SC_RTS_ID_AUTO_POWER_ON);
     }
     else
     {
-        SC_AppData.AutoStartRTS = SC_RTS_NUM_C(RTS_ID_AUTO_PROCESSOR);
+        SC_AppData.AutoStartRTS = SC_RTS_NUM_C(SC_RTS_ID_AUTO_PROCESSOR);
     }
 
     /* Must be able to register for events */
diff --git a/fsw/src/sc_cmds.c b/fsw/src/sc_cmds.c
index 57e2687..1733443 100644
--- a/fsw/src/sc_cmds.c
+++ b/fsw/src/sc_cmds.c
@@ -745,9 +745,26 @@ void SC_ManageTable(SC_TableType type, int32 ArrayIndex)
     /* Allow cFE to manage table */
     CFE_TBL_Manage(TblHandle);
 
-    /* Re-acquire table data pointer */
-    Result   = CFE_TBL_GetAddress(&TblPtrNew, TblHandle);
-    *TblAddr = TblPtrNew; /* Note that CFE_TBL_GetAddress() sets this to NULL if it fails */
+    /*
+    ** Re-acquire table data pointer. Per cfe_tbl.h, CFE_TBL_GetAddress leaves
+    ** TblPtrNew *undefined* on any non-success return -- it does NOT set it
+    ** to NULL (the inline comment that used to live here was wrong). Only
+    ** CFE_SUCCESS and CFE_TBL_INFO_UPDATED set the pointer. Default to NULL
+    ** before the call and only publish the address on success so a failed
+    ** acquire can't write uninitialised stack memory into the shared
+    ** SC_OperData.*TblAddr slot (where downstream code in sc_loads.c /
+    ** sc_atsrq.c would dereference it as a wild pointer).
+    */
+    TblPtrNew = NULL;
+    Result    = CFE_TBL_GetAddress(&TblPtrNew, TblHandle);
+    if (Result == CFE_SUCCESS || Result == CFE_TBL_INFO_UPDATED)
+    {
+        *TblAddr = TblPtrNew;
+    }
+    else
+    {
+        *TblAddr = NULL;
+    }
     if (Result == CFE_TBL_INFO_UPDATED)
     {
         /* Process new table data */
diff --git a/unit-test/sc_app_tests.c b/unit-test/sc_app_tests.c
index 35cb710..6401ac2 100644
--- a/unit-test/sc_app_tests.c
+++ b/unit-test/sc_app_tests.c
@@ -146,7 +146,7 @@ void SC_AppInit_Test_NominalPowerOnReset(void)
 
     Expected_SC_AppData.NextCmdTime[SC_Process_ATP] = SC_MAX_TIME;
     Expected_SC_AppData.NextCmdTime[SC_Process_RTP] = SC_MAX_WAKEUP_CNT;
-    Expected_SC_AppData.AutoStartRTS                = SC_RTS_NUM_C(RTS_ID_AUTO_POWER_ON);
+    Expected_SC_AppData.AutoStartRTS                = SC_RTS_NUM_C(SC_RTS_ID_AUTO_POWER_ON);
 
     UT_SetDataBuffer(UT_KEY(CFE_MSG_GetMsgId), &TestMsgId, sizeof(TestMsgId), false);
     UT_SetDataBuffer(UT_KEY(CFE_MSG_GetSize), &MsgSize, sizeof(MsgSize), false);
@@ -223,7 +223,7 @@ void SC_AppInit_Test_Nominal(void)
 
     Expected_SC_AppData.NextCmdTime[SC_Process_ATP] = SC_MAX_TIME;
     Expected_SC_AppData.NextCmdTime[SC_Process_RTP] = SC_MAX_WAKEUP_CNT;
-    Expected_SC_AppData.AutoStartRTS                = SC_RTS_NUM_C(RTS_ID_AUTO_PROCESSOR);
+    Expected_SC_AppData.AutoStartRTS                = SC_RTS_NUM_C(SC_RTS_ID_AUTO_PROCESSOR);
 
     Expected_SC_OperData.HkPacket.Payload.ContinueAtsOnFailureFlag = SC_AtsCont_TRUE;