Latest Content

The global increase in connectivity and reliance on software is opening doors to exploits daily. Software quality and security is more important now than ever before.

DevSecOps in Safety Critical Avionic Software and the Role of Static Analysis

DO-178C, Software Considerations in Airborne Systems and Equipment Certification, is a standard published by RTCA, Inc and developed jointly with EUROCAE, the European Organization for...

Read Article
Webinar Recording - Right Tool, Right Methodology: Developing Safety and Security Critical Systems (with AFuzion)

Recently GrammaTech and AFuzion presented solutions to these questions: Are you prepared enough in your knowledge of Safety-Critical or DO-178C to be...

Read Article
GrammaTech CodeSonar Selected by the Joint Federated Assurance Center (JFAC) to Improve Confidence in Department of Defense Applications

...

Read Article
Using SARIF to Extend Analysis of SAST Tools

The static analysis interchange format (SARIF) is now an approved OASIS standard. We have discussed in other posts the benefits of having a standardized format for static analysis....

Read Article
GrammaTech CodeSonar Refreshes IEC 61508, ISO26262 and CENELEC EN 50128 Certifications

Three fresh new functional safety certificates are now available for CodeSonar version 5.2p0 and later covering IEC 61508, ISO 26262 and CENELEC EN 50128. These certificates have been...

Read Article
Recommended Application Security Testing (AST) Techniques

There are some very interesting takeaways from Gartner’s recent report “How to Deploy and Perform Application Security Testing” (published March 20, 2020, Gartner subscription...

Read Article
Webinar Recording - Combining SAST, Lean, Shift Left, DevSecOps

Wondering what you can do to maximize the efficiency of your software development teams? Watch our webinar to see how you can combine static...

Read Article
Using Static Analysis for Overlapping Safety and Security Requirements for Medical Devices

Read the document
Metrics Evaluation using Static Analysis for Automotive Software Specified by KGAS and Automotive SPICE

The Automotive SPICE (Software Process Improvement and Capability dEtermination) is a software development process standard that outlines the maturity model for software development,...

Read Article
Software Trustworthiness Best Practices for IIoT

The Industrial Internet Consortium (IIC) recently released their white paper “Software Trustworthiness Best Practices” which outlines a set of approaches for risk management mitigation...

Read Article
MISRA C:2012 Rule 1.3 and the Dark Underbelly of C and C++

MISRA C is a set of guidelines for the safe use of the C programming language mainly targeted for its use in safety-critical embedded systems. Many of its rules and directives are...

Read Article
How to Configure GrammaTech CodeSonar to Support Your Work from Home Environment

These are unusual times for businesses around the world and the people that work in them. All of a sudden, we have all the time in the world, while simultaneously, a lack of it while we...

Read Article
DARPA Awards GrammaTech $7.6M for Safety and Certification Research

...

Read Article
GrammaTech CodeSonar Analysis of a bug in wolfSSL

WolfSSL is a lightweight, portable, and embedded SSL/TLS library. Written in C it’s 20 times smaller than OpenSSL. The code is open source but wolfSSL is also available with commercial...

Read Article
The Role of Static Analysis in the EU Medical Devices Regulation (MDR)

The move to digitization and automation is happening in the medical industry as it is in others – almost every medical device requires software. Wireless connectivity is becoming...

Read Article
DHS Funding Transitioning into Real World Collaboration through SARIF

...

Read Article
C was Programming Language of the Year 2019

About a year and a half ago, I was discussing the relative popularity of C and C++ in the face of relative newcomers Python, Java and C#. Surprisingly, the TIOBE index for 2019 shows...

Read Article
GrammaTech Expands SAST Reach with new version of CodeSonar

...

Read Article
What’s New in CodeSonar 5.2?

GrammaTech’s recent release of CodeSonar, version 5.2, increases the coverage of industry coding standards, improved compiler support, further support for open standards and support for...

Read Article
An Update from the C Standards Committee WG14

At the end of October 2019, GrammaTech was pleased to host WG14 (the C Standards Committee) in Ithaca, NY. The C committee is comprised of experts from industry and academia from all...

Read Article
Loading More...

Latest Content

DevSecOps in Safety Critical Avionic Software and the Role of Static Analysis

DO-178C, Software Considerations in Airborne Systems and Equipment Certification, is a standard published by RTCA, Inc and developed jointly with EUROCAE, the European Organization for...

Webinar Recording - Right Tool, Right Methodology: Developing Safety and Security Critical Systems (with AFuzion)

Recently GrammaTech and AFuzion presented solutions to these questions: Are you prepared enough in your knowledge of Safety-Critical or DO-178C to be...

GrammaTech CodeSonar Selected by the Joint Federated Assurance Center (JFAC) to Improve Confidence in Department of Defense Applications

...

Using SARIF to Extend Analysis of SAST Tools

The static analysis interchange format (SARIF) is now an approved OASIS standard. We have discussed in other posts the benefits of having a standardized format for static analysis....

GrammaTech CodeSonar Refreshes IEC 61508, ISO26262 and CENELEC EN 50128 Certifications

Three fresh new functional safety certificates are now available for CodeSonar version 5.2p0 and later covering IEC 61508, ISO 26262 and CENELEC EN 50128. These certificates have been...

Recommended Application Security Testing (AST) Techniques

There are some very interesting takeaways from Gartner’s recent report “How to Deploy and Perform Application Security Testing” (published March 20, 2020, Gartner subscription...

Webinar Recording - Combining SAST, Lean, Shift Left, DevSecOps

Wondering what you can do to maximize the efficiency of your software development teams? Watch our webinar to see how you can combine static...

Using Static Analysis for Overlapping Safety and Security Requirements for Medical Devices

Metrics Evaluation using Static Analysis for Automotive Software Specified by KGAS and Automotive SPICE

The Automotive SPICE (Software Process Improvement and Capability dEtermination) is a software development process standard that outlines the maturity model for software development,...

Software Trustworthiness Best Practices for IIoT

The Industrial Internet Consortium (IIC) recently released their white paper “Software Trustworthiness Best Practices” which outlines a set of approaches for risk management mitigation...

MISRA C:2012 Rule 1.3 and the Dark Underbelly of C and C++

MISRA C is a set of guidelines for the safe use of the C programming language mainly targeted for its use in safety-critical embedded systems. Many of its rules and directives are...

How to Configure GrammaTech CodeSonar to Support Your Work from Home Environment

These are unusual times for businesses around the world and the people that work in them. All of a sudden, we have all the time in the world, while simultaneously, a lack of it while we...

DARPA Awards GrammaTech $7.6M for Safety and Certification Research

...

GrammaTech CodeSonar Analysis of a bug in wolfSSL

WolfSSL is a lightweight, portable, and embedded SSL/TLS library. Written in C it’s 20 times smaller than OpenSSL. The code is open source but wolfSSL is also available with commercial...

The Role of Static Analysis in the EU Medical Devices Regulation (MDR)

The move to digitization and automation is happening in the medical industry as it is in others – almost every medical device requires software. Wireless connectivity is becoming...

DHS Funding Transitioning into Real World Collaboration through SARIF

...

C was Programming Language of the Year 2019

About a year and a half ago, I was discussing the relative popularity of C and C++ in the face of relative newcomers Python, Java and C#. Surprisingly, the TIOBE index for 2019 shows...

GrammaTech Expands SAST Reach with new version of CodeSonar

...

What’s New in CodeSonar 5.2?

GrammaTech’s recent release of CodeSonar, version 5.2, increases the coverage of industry coding standards, improved compiler support, further support for open standards and support for...

An Update from the C Standards Committee WG14

At the end of October 2019, GrammaTech was pleased to host WG14 (the C Standards Committee) in Ithaca, NY. The C committee is comprised of experts from industry and academia from all...