Latest Content

The global increase in connectivity and reliance on software is opening doors to exploits daily. Software quality and security is more important now than ever before.

  • DevSecOps in Safety Critical Avionic Software and the Role of Static Analysis

    DevSecOps in Safety Critical Avionic Software and the Role of Static Analysis

    DO-178C, Software Considerations in Airborne Systems and Equipment Certification, is a standard published by RTCA, Inc and developed jointly with EUROCAE, the European Organization for...

    Read Article
  • Webinar Recording - Right Tool, Right Methodology: Developing Safety and Security Critical Systems (with AFuzion)

    Webinar Recording - Right Tool, Right Methodology: Developing Safety and Security Critical Systems (with AFuzion)

      Recently GrammaTech and AFuzion presented solutions to these questions: Are you prepared enough in your knowledge of Safety-Critical or DO-178C to be...

    Read Article
  • GrammaTech CodeSonar Selected by the Joint Federated Assurance Center (JFAC) to Improve Confidence in Department of Defense Applications

    GrammaTech CodeSonar Selected by the Joint Federated Assurance Center (JFAC) to Improve Confidence in Department of Defense Applications

    ...

    Read Article
  • Using SARIF to Extend Analysis of SAST Tools

    Using SARIF to Extend Analysis of SAST Tools

    The static analysis interchange format (SARIF) is now an approved OASIS standard. We have discussed in other posts the benefits of having a standardized format for static analysis....

    Read Article
  • GrammaTech CodeSonar Refreshes IEC 61508, ISO26262 and CENELEC EN 50128 Certifications

    GrammaTech CodeSonar Refreshes IEC 61508, ISO26262 and CENELEC EN 50128 Certifications

    Three fresh new functional safety certificates are now available for CodeSonar version 5.2p0 and later covering IEC 61508, ISO 26262 and CENELEC EN 50128. These certificates have been...

    Read Article
  • Recommended Application Security Testing (AST) Techniques

    Recommended Application Security Testing (AST) Techniques

    There are some very interesting takeaways from Gartner’s recent report “How to Deploy and Perform Application Security Testing” (published March 20, 2020, Gartner subscription...

    Read Article
  • Webinar Recording - Combining SAST, Lean, Shift Left, DevSecOps

    Webinar Recording - Combining SAST, Lean, Shift Left, DevSecOps

      Wondering what you can do to maximize the efficiency of your software development teams? Watch our webinar to see how you can combine static...

    Read Article
  • Using Static Analysis for Overlapping Safety and Security Requirements for Medical Devices

    Using Static Analysis for Overlapping Safety and Security Requirements for Medical Devices

    Read the document
  • Metrics Evaluation using Static Analysis for Automotive Software Specified by KGAS and Automotive SPICE

    Metrics Evaluation using Static Analysis for Automotive Software Specified by KGAS and Automotive SPICE

    The Automotive SPICE (Software Process Improvement and Capability dEtermination) is a software development process standard that outlines the maturity model for software development,...

    Read Article
  • Software Trustworthiness Best Practices for IIoT

    Software Trustworthiness Best Practices for IIoT

    The Industrial Internet Consortium (IIC) recently released their white paper “Software Trustworthiness Best Practices” which outlines a set of approaches for risk management mitigation...

    Read Article
  • MISRA C:2012 Rule 1.3 and the Dark Underbelly of C and C++

    MISRA C:2012 Rule 1.3 and the Dark Underbelly of C and C++

    MISRA C is a set of guidelines for the safe use of the C programming language mainly targeted for its use in safety-critical embedded systems.  Many of its rules and directives are...

    Read Article
  • How to Configure GrammaTech CodeSonar to Support Your Work from Home Environment

    How to Configure GrammaTech CodeSonar to Support Your Work from Home Environment

    These are unusual times for businesses around the world and the people that work in them. All of a sudden, we have all the time in the world, while simultaneously, a lack of it while we...

    Read Article
  • DARPA Awards GrammaTech $7.6M for Safety and Certification Research

    DARPA Awards GrammaTech $7.6M for Safety and Certification Research

    ...

    Read Article
  • GrammaTech CodeSonar Analysis of a bug in wolfSSL

    GrammaTech CodeSonar Analysis of a bug in wolfSSL

    WolfSSL is a lightweight, portable, and embedded SSL/TLS library. Written in C it’s 20 times smaller than OpenSSL. The code is open source but wolfSSL is also available with commercial...

    Read Article
  • The Role of Static Analysis in the EU Medical Devices Regulation (MDR)

    The Role of Static Analysis in the EU Medical Devices Regulation (MDR)

    The move to digitization and automation is happening in the medical industry as it is in others – almost every medical device requires software. Wireless connectivity is becoming...

    Read Article
  • DHS Funding Transitioning into Real World Collaboration through SARIF

    DHS Funding Transitioning into Real World Collaboration through SARIF

    ...

    Read Article
  • C was Programming Language of the Year 2019

    C was Programming Language of the Year 2019

    About a year and a half ago, I was discussing the relative popularity of C and C++ in the face of relative newcomers Python, Java and C#. Surprisingly, the TIOBE index for 2019 shows...

    Read Article
  • GrammaTech Expands SAST Reach with new version of CodeSonar

    GrammaTech Expands SAST Reach with new version of CodeSonar

    ...

    Read Article
  • What’s New in CodeSonar 5.2?

    What’s New in CodeSonar 5.2?

    GrammaTech’s recent release of CodeSonar, version 5.2, increases the coverage of industry coding standards, improved compiler support, further support for open standards and support for...

    Read Article
  • An Update from the C Standards Committee WG14

    An Update from the C Standards Committee WG14

    At the end of October 2019, GrammaTech was pleased to host WG14 (the C Standards Committee) in Ithaca, NY. The C committee is comprised of experts from industry and academia from all...

    Read Article
  • loading
    Loading More...