Latest Content

Memory Management is the Leading Cause of Security Vulnerabilities in Google Chrome

Google recently has studied the root cause of high severity security vulnerabilities detected in their Chrome browser project (specifically the open source Chromium project which Chrome...

GrammaTech Appoints Andrew Meyer as Chief Marketing Officer

...

MergeResolver — Automatic Merge Conflict Resolution

 

GrammaTech Covers Code Quality, Security, and Safety with new version of CodeSonar®

...

Latest Version of CodeSonar Improves on Functional Safety, MISRA Support, C++ Parsing and Visualization

The latest version of GrammaTech CodeSonar, Version 5.3, continues our commitment to being the go-to provider for static application security testing (SAST) and the static analysis tool...

DevSecOps in Safety Critical Avionics Software and the Role of Static Analysis

DO-178C, Software Considerations in Airborne Systems and Equipment Certification, is a standard published by RTCA, Inc and developed jointly with EUROCAE, the European Organization for...

Webinar Recording - Right Tool, Right Methodology: Developing Safety and Security Critical Systems (with AFuzion)

  Recently GrammaTech and AFuzion presented solutions to these questions: Are you prepared enough in your knowledge of Safety-Critical or DO-178C to be...

GrammaTech CodeSonar Selected by the Joint Federated Assurance Center (JFAC) to Improve Confidence in Department of Defense Applications

...

Using SARIF to Extend Analysis of SAST Tools

The static analysis interchange format (SARIF) is now an approved OASIS standard. We have discussed in other posts the benefits of having a standardized format for static analysis....

GrammaTech CodeSonar Refreshes IEC 61508, ISO26262 and CENELEC EN 50128 Certifications

Three fresh new functional safety certificates are now available for CodeSonar version 5.2p0 and later covering IEC 61508, ISO 26262 and CENELEC EN 50128. These certificates have been...

Recommended Application Security Testing (AST) Techniques

There are some very interesting takeaways from Gartner’s recent report “How to Deploy and Perform Application Security Testing” (published March 20, 2020, Gartner subscription...

Webinar Recording - Combining SAST, Lean, Shift Left, DevSecOps

  Wondering what you can do to maximize the efficiency of your software development teams? Watch our webinar to see how you can combine static...

Metrics Evaluation using Static Analysis for Automotive Software Specified by KGAS and Automotive SPICE

The Automotive SPICE (Software Process Improvement and Capability dEtermination) is a software development process standard that outlines the maturity model for software development,...

Software Trustworthiness Best Practices for IIoT

The Industrial Internet Consortium (IIC) recently released their white paper “Software Trustworthiness Best Practices” which outlines a set of approaches for risk management mitigation...

MISRA C:2012 Rule 1.3 and the Dark Underbelly of C and C++

MISRA C is a set of guidelines for the safe use of the C programming language mainly targeted for its use in safety-critical embedded systems.  Many of its rules and directives are...

How to Configure GrammaTech CodeSonar to Support Your Work from Home Environment

These are unusual times for businesses around the world and the people that work in them. All of a sudden, we have all the time in the world, while simultaneously, a lack of it while we...