On Demand Webinar featuring Solid Sands | Safety and Security Critical Software: Start with the End in Mind
Software development is hard work. Developing C or C++ software that has to be safe and secure is even more difficult. How do you ensure that your end-product behaves the way that you intend it to? As a first step, automated testing is really important. Though necessary, it is ... Read More
2020: Looking Back on GrammaTech’s Year
Surely 2020 will go down in the history books as an exceptional year to put it mildly. Despite the huge impact of the COVID-19 pandemic on the world, it certainly impacted us and our customers. However, we still managed to have an outstanding year at GrammaTech. This is based on ... Read More
What the Building In Security Maturity Model (BSIMM) Says About the Role of SAST and SCA
The BSIMM is an annual study of the real-world software security initiatives – “SSIs” in the report - across the software industry drawing from data and experience from 130 organizations. Rather than repeat the aim of the study, this quote sums it up best: ... Read More
Latest Version of CodeSonar Improves on C++ Analysis, MISRA Support; Introduces Subcommands for DevSecOps and More
The latest version of GrammaTech CodeSonar, Version 5.4, continues our commitment to being the go-to provider for static application security testing (SAST) and the static analysis tool of choice for improving software safety, security and quality. This release has several new features as well as compatibility updates, and other improvements ... Read More
Staying on the Rails: Piper Networks + CodeSonar Case Study
Piper Networks is an innovative IT solutions provider and systems integrator specializing in the transportation industry. Founded in 2011, Piper helps transit operators enhance systems by providing ultra-precise, real-time positioning information for trains, workers, and equipment. Piper’s proprietary technologies are designed to operate in some of the most challenging environments, ... Read More
CodeSonar helps Stoneridge Achieve Safety and Security
Stoneridge, Inc. is a global leader in highly engineered electrical and electronic components for the commercial vehicle, passenger car, and off-highway markets. Stoneridge solutions power vehicle intelligence systems, provide dramatic increases in fuel efficiency, reduce emissions, and improve safety and security for everyone on the road. Stoneridge provides intelligent systems ... Read More
Memory Management is the Leading Cause of Security Vulnerabilities in Google Chrome
Google recently has studied the root cause of high severity security vulnerabilities detected in their Chrome browser project (specifically the open source Chromium project which Chrome and other browsers are based on) and found that 70 percent were “memory unsafety” problems. They attribute this to mistakes made with C/C++ pointers ... Read More
Latest Version of CodeSonar Improves on Functional Safety, MISRA Support, C++ Parsing and Visualization
The latest version of GrammaTech CodeSonar, Version 5.3, continues our commitment to being the go-to provider for static application security testing (SAST) and the static analysis tool of choice for improving software safety, security and quality. This release has several new features as well as compatibility updates, and other improvements ... Read More
DevSecOps in Safety Critical Avionics Software and the Role of Static Analysis
DO-178C, Software Considerations in Airborne Systems and Equipment Certification, is a standard published by RTCA, Inc and developed jointly with EUROCAE, the European Organization for Civil Aviation Equipment. Alongside DO-178C is D-326A (U.S.) and ED-202A (Europe) titled "Airworthiness Security Process Specification" and is the only Acceptable Means of Compliance (AMC) ... Read More
