Latest Content

The global increase in connectivity and reliance on software is opening doors to exploits daily. Software quality and security is more important now than ever before.

  • Technical Debt is Stifling Innovation; but, There is Hope

    Technical Debt is Stifling Innovation; but, There is Hope

    Apple’s recent announcement at their recent Worldwide Developers’ Conference stated they were going to be reducing the feature count in future versions of iOS and concentrate on...

    Read Article
  • Webinar with AFuzion: Safety, Security, and Agile Development - Pick Any Three

    Webinar with AFuzion: Safety, Security, and Agile Development - Pick Any Three

              People often connect safety and security with archaic development methodologies: strict processes, long development times, big budgets and...

    Read Article
  • Cybersecurity Alerts for Medical Devices are on the Rise – A Cause for Concern, but what can be done?

    Cybersecurity Alerts for Medical Devices are on the Rise – A Cause for Concern, but what can be done?

    The Department of Homeland Security (ICS-CERT) recently issued more warnings about cybersecurity vulnerabilities which has become all too common in recent months. In most cases, these...

    Read Article

  • ScaleIL Becomes Exclusive Israeli Distributor of GrammaTech’s CodeSonar Static Analysis Tool

    ...

    Read Article
  • Tool Chain Qualification in Safety Critical Systems

    Tool Chain Qualification in Safety Critical Systems

    Safety critical software usually entails some kind of certification, qualification or approval from a standards body in order to be productized and used by the public. The requirements...

    Read Article
  • On-Demand Webinar: Automotive 042418

    On-Demand Webinar: Automotive 042418

                When people talk about static analysis for automotive application the term MISRA-C (Motor Industry Software Reliability Association) immediately...

    Read Article
  • Surprising Uses of Static Analysis: Performance Optimization

    Surprising Uses of Static Analysis: Performance Optimization

    Static analysis is typically used to find errors in software, often serious bugs, such as buffer overruns that lead to quality or security issues. GrammaTech CodeSonar is an advanced...

    Read Article
  • Detecting the Beep Vulnerability with CodeSonar

    Detecting the Beep Vulnerability with CodeSonar

    The linux beep utility is a small utility command to literally send a tone to the user’s speaker. A subtle error in the utility gives arise to a local privilege escalation that was...

    Read Article
  • On-Demand Webinar: Extending Static Analysis to Include Third Party Libraries

    On-Demand Webinar: Extending Static Analysis to Include Third Party Libraries

                 Twenty-five percent of embedded projects use content from commercial third parties. This content is often delivered in binary, not in source....

    Read Article
  • Automatic Detection of Proprietary Coding Rule Violations

    Automatic Detection of Proprietary Coding Rule Violations

    Guest Blog by Rob Daulton, Consultant at Valbrio

    Read Article
  • The Anatomy of a Segmentation Fault – A real life example

    The Anatomy of a Segmentation Fault – A real life example

    I was browsing StackOverflow.com and came across a user running into a segmentation fault in their programming assignment. This problem looked like an ideal case for static analysis....

    Read Article
  • Using Dynamic Metrics with Static Analysis

    Using Dynamic Metrics with Static Analysis

    GrammaTech CodeSonar is primarily a static analysis tool, but there are some circumstances where it is useful to present dynamic information alongside static results. For example,...

    Read Article
  • New Features of C++: Small but Useful Features

    New Features of C++: Small but Useful Features

    C++11 added multiple smaller language features as well as the marquee features we've already talked about. Despite these being smaller language features, they're still powerful...

    Read Article
  • Embedded World 2018 Presentation: Static Analysis ++

    Embedded World 2018 Presentation: Static Analysis ++

    vfff   Mark Hermeling details how we can make static analysis better using examples from GrammaTech's advanced static analysis tool, CodeSonar.

    Read Article
  • New Features of C++: Automatic Type Inference

    New Features of C++: Automatic Type Inference

      Automatic type inference (or type deduction) is where you allow the compiler to infer the type information used for a declaration by obtaining it from some related...

    Read Article
  • GrammaTech Extends the Reach of Static Analysis

    GrammaTech Extends the Reach of Static Analysis

    ...

    Read Article
  • Improving Static Analysis Around Binary Libraries

    Improving Static Analysis Around Binary Libraries

    INTRODUCTION: Many software projects rely on third party code, system libraries and re-used binary code from other projects. Advanced static analysis tools reason about the program...

    Read Article
  • New Features of C++: Move Semantics

    New Features of C++: Move Semantics

    Move semantics are another game-changer introduced in C++11. One large complaint about writing C++ code was that copy construction and copy assignment can cause performance issues...

    Read Article
  • Getting a GRASP on Security and Privacy of Mobile Apps

    Getting a GRASP on Security and Privacy of Mobile Apps

    INTRODUCTION: The recent controversy surrounding the Strava fitness app has illustrated a critical security problem. Ultimately the use of a fitness app that transmits location data...

    Read Article
  • DISA-STIG | CodeSonar 4.5p2

    DISA-STIG | CodeSonar 4.5p2

    Read the document
  • loading
    Loading More...
See more