6 Steps To Prepare For Post-Quantum Cryptography
Preparing for post-quantum cryptography is essential to ensure the security of digital communications and data ahead of when quantum computers can potentially break current today’s cryptographic algorithms. Here are six steps to help you to start preparing for post-quantum cryptography: Assessment and Awareness: Start by assessing your organization’s current cryptographic ... Read More
How Machine Identity Management Bolsters IoT Security
In recent years, the Internet of Things (IoT) has transformed the way we interact with technology, embedding connected devices into every aspect of our lives. From smart homes and wearables to industrial automation and smart cities, IoT has brought unprecedented convenience and efficiency. IoT Analytics 2023 reported that there were ... Read More
Choosing The Right Certificate Lifecycle Management Solution For Your Organization
It’s no secret that in competitive situations vendors present comparison information to help influence buying decisions. This comparison information is often feature or functionality based with some FUD (fear, uncertainty and doubt) thrown in. But, feature by feature competitive analysis is really just comparing apples to apples. While requesting this ... Read More
Role of SAST and SCA in ISO/SAE 21434 – Road Vehicles Cybersecurity Engineering
As cars become more connected and complex, the amount of software needed is staggering. With 100 million lines of code being standard for current vehicles and up to 300 million for autonomous vehicles. Along with this connectivity and complexity is an ever-increasing cyber-attack surface. Battling this security threat and improving ... Read More
The Minefields of MISRA Coverage
Modern static application security testing (SAST) tools are typically used for two main purposes: finding bugs, and finding violations of coding standards. The primary purpose of CodeSonar is the former—it was originally designed to find serious safety and security defects such as memory errors, API misuse, and concurrency issues; however, ... Read More
Advanced Driver Assistance, Safety, and SAST to Support ISO 26262
Advanced Driver Assistance Systems (ADAS) are a key area of innovation in automotive electronics, but their potential improvement and positive impact on safety can only be realized with the same level of rigor as other safety-critical software. As we’ve posted before, ISO 26262 defines the guidelines for designing and building safety ... Read More
Accelerating Automotive Software Safety with MISRA C and SAST
The MISRA C/C++ coding guidelines were created based on concerns about the ability to safely use the C and C++ programming languages in critical automotive systems. Since its inception in 1998, MISRA has become one of the most-used coding standards in the automotive industry, and has even spread to use in safety-critical ... Read More
Introducing MISRA C Coding Standard to an Existing Code Base
The intent of the Motor Industry Software Reliability Association (MISRA) C coding standard was to define a subset of the C language that minimizes the possibilities of errors. Although originally intended for safety critical applications in the automotive market, it is being used in other areas such as medical and ... Read More
Common Software and Application Security Terms Explained
The software security discipline is full of terminology and it’s important to state our particular definitions for these terms in the context of GrammaTech products and our approach to improving software security. This is not an exhaustive list but it does include some of the most popular phrases used with ... Read More
Calculating the ROI of SAST in DevSecOps for Embedded Software
With the increasing reliance on software driving critical functionality in all types of products such as industrial controls, medical devices, automotive sensors, flight control systems and so much more, ensuring the quality, safety and security of the software is more essential than ever. To achieve these results, continuous testing is ... Read More
