The majority of software that runs on embedded devices is now developed by external sources, not in-house development teams and source code is often unavailable. Without access to the source code, commercially available static source code analysis tools cannot fully account for the security consequences of executing the third-party code in an application. GrammaTech has developed an advanced new capability that uses binary analysis to examine third-party code without requiring access to source code. Extending security efforts into third-party code can accelerate development cycles, improve the security of software, and ultimately increase customer satisfaction. Adding binary analysis to the development process helps organizations deliver more trusted applications to customers and eliminate potential liabilities due to vulnerable third-party code.
- Dev Tools & OS
- Machine Learning
- Reference Designs
- System Block Diagrams
- Dev Kit Selector
- White Papers
- Webcasts & Events
- Product Search
- Embedded World
Dig deep into safety-critical code testing with coverage analysis
For safety-critical code, functional testing that ensures that the application does what it is supposed to ...
We also recommend:
Imperas riscvOVPsim brings free, open-source modeling and simulation to RISC-V ecosystem
Imperas Software has released the RISC-V Open Virtual Platform Simulator (riscvOVPsim), a free simulator and open-source model of a single-core RISC-V CPU.
What They Didn’t Teach You in Engineering School About Pressure Drop
A guide to understanding how to solve even complex pressure related design issues.
Practical Guide to Maximizing DC Measurement Performance
The various methods covered in this guide can help you achieve greater accuracy in your applications requiring DC measurements.
Linux, RISC-V Foundations to Collaborate on Open Architectures
In addition to tools, services, and training support, the Linux Foundation will provide neutral governance, best practices for open source development, community outreach, marketing, and legal advice.
OCF 1.0 ratified by ISO/IEC JTC 1 as secure IoT interoperability protocol
The OCF standard will be published as ISO/IEC 30118 (Parts 1-6).
NASA InSight Lands Safely on Mars with VxWorks
VxWorks was responsible for complex automated maneuvers of the InSight landing craft, providing system-wide determinism and synchronization through a Red Planet atmosphere 100x thinner than Earth's.
Embedded Insiders: Is There Really an Engineering Shortage, and Why?
Rumors of a shortage of electronics engineers have been circulating for years, but with Fortune 500 technology firms now gobbling up as much engineering talent as possible for IT and enterprise...
Finding Concurrency Errors with GrammaTech Static Analysis
Multithreading adds entirely new classes of potential bugs to those that must be considered by developers.
Making Safety-Critical Software Development Affordable with Static Analysis
Safety-critical software is becoming exceedingly expensive to develop and manufacturers are looking for solutions that increase developer productivity. Static analysis tools are indispensable for safe
Protecting Against Tainted Data in Embedded Apps with Static Analysis
This paper describes a static analysis technique – taint analysis – that can be used to find how potentially hazardous inputs can flow through a program to reach sensitive parts of code, empowering...
Containerized Linux: The Secret to IoT Security
A desire in the development community to use Linux is often at odds with the security requirements of an organization, leaving a gap between a company’s goals and the skill sets of its engineers.
Hex-Five Multi-Zone Security for RISC V Simplifies the Terrible TEEs
Trusted Execution Environments (TEEs) such as Arm TrustZone, while well-intentioned, present challenges for engineers. First, they doesn't allow for partitioning between many sensitive functions withi
Spectre, Meltdown, and Tortuga Logic's Hardware Security Verification at Arm TechCon
The Spectre and Meltdown vulnerabilties resulted from speculative execution, designed to satisfy our need for speed. These could have been prevented through the use of hardware security verification,
So, How Secure are your Coding Practices? Ask AdaCore
Developing secure code is no longer optional, but that doesn't mean it's easy. Some software engineers use vulnerability databases like CWE and OWASP to ensure their code is robust as possible, howeve
IAR Systems leads the way for secure IoT development based on Arm TrustZone and Arm Cortex-M
The leading independent Arm tools provider enables companies to go to market early with robust, secure IoT products
Connect to an Embedded Web Server with Automated Certificate Management
Don't let your users get caught in a security web. Make it easy for them.
Strategies for Deploying Xilinx's Zynq UltraScale+ RFSoC
On February 21st, 2017, Xilinx® announced the introduction of a new technology called RFSoC with the rather dramatic headline “Xilinx Unveils Disruptive Integration and Architectural Breakthrough for
Neural Network Optimization with Sparse Computing and Facebook Glow
There are 27 different types of neural networks. The number of neural network types has increased as engineers and data scientists seek out optimized implementations of AI for use cases.
Riding the Deep Learning Wave: Simulations Enabling Software Engineers to Generate Data Needed to Train Neural Networks
The vision of software solutions evolving from exposure to data has some compelling aspects: training by example offers the possibility of a true mass manufacturing technique for software.
Significance of Certified Ethical Hacker (CEH) Training and Certification