JavaCard OS

I've been looking at options for Javacard code analysis and although there are many whitepapers available discussing the topic, there seems to be few available tools!

I've so far used:
- PMD - https://pmd.github.io/(
- FindBugs - http://findbugs.sourceforge.net/
- Proguard - https://sourceforge.net/projects/proguard/

PMD and FindBugs both give good output based on the Java language, but fail to take into consideration JCRE-specific rules, constraints and best practices. Proguard is the only one that has specific references to Javacard but it is a code optimiser only.

Are there any tools out there that can help specifically with finding Javacard design pattern, implementation and security issues?

Unfortunately , there is not special tool to do that. some issues should be considered on javacard although java language is used to develop , such as limited memory, byte codes supported and transaction performance, which lead to most design patterns (e.g. factory module) or object oriented nethods are not utilized completely.
If you are interested in javacard security and implementation issues, you can find Secret Tartget documents of main card venders on CCRA web site or contact them to apply for product guidelines.