Design-Reuse

Using static analysis to detect coding errors in open source security-critical server applications

Editor’s Note: Excerpted from their book Embedded Systems Security, the authors go through an analysis of three popular, security-critical open source applications - Apache, OpenSSL, and sendmail – ...
Tech Critter

Aikido vs SonarQube: Code Quality vs Full-Stack Application Security

Writing clean, bug-free code is a point of pride for any developer. For decades, tools that measure code quality have been a ...
Dark Reading

Reachability Analysis Pares Down Static Security-Testing Overload

AI assistants are a double-edged sword for developers. On one hand, code-generation assistants have made creating barebones applications easier and led to a surge in code pushed to GitHub. Yet just as ...
Design-Reuse

Using static analysis to diagnose & prevent failures in safety-critical device designs

Software content has grown rapidly in all manner of medical devices. Meanwhile, society has become increasingly dependent upon their safe operation. Unfortunately, our ability to develop safe and ...
InfoWorld

Source code analysis breaks new ground

Large-scale software systems are staggeringly complex works of engineering. Bugs inevitably come with the territory and for decades, the software profession has looked for ways to fight them. We may ...