logo

GrammaTech CodeSonar®

15 June 2016




VDC research reports on Industry 4.0 security concerns

VDC Research Highlights Cybersecurity Concerns in Industry 4.0

(Offenburg/Germany, Ithaca, New York/USA, 15 August 2017)

As more companies have Industry 4.0 initiatives underway to refine and accelerate the realization of the smart factory vision, new data from VDC research indicates that these systems and software teams aren't taking enough precautions for security protection.
VDC recommends adopting a "secure by design" approach, which includes ensuring the quality and security of increasingly-used open-source, re-used, and third party code. An automated tool like CodeSonar, that can analyze both source and binary code to find defects and security vulnerabilities, is increasingly important as software development shifts to this new approach.
The report offers important recommendations to improve quality and security in this increasingly challenging era of device safety and security. > more information
Read the VDC Report here.

GrammaTech announced CodeSonar 4.5 with Risk Dashboard

(Ithaca, New York/USA, Offenburg/Germany, 9 March 2017)

GrammaTech today announced the availability of the CodeSonar Risk Dashboard in CodeSonar 4.5. This new version of the leading static analysis tool will be released in the second calendar quarter of 2017.
The Risk Dashboard is a new capability which provides executives with an immediate read-out of the level of outstanding security risks in their projects. It provides the data needed to improve decision-making concerning security investments. The Risk Dashboard supports both source and binary analysis. It can be used to measure risks during the software development phase and in deployment environments.

GrammaTech Named to 50 Most Promising IoT Solution Providers

(Ithaca, New York/USA, Offenburg/Germany, 23 January 2017)

GrammaTech was named to CIO Review Magazine’s list of 50 Most Promising IoT Solution Providers of the year for 2016. The list of companies was selected by a panel of experts and members of CIO Review’s editorial board; GrammaTech’s IoT solutions were selected based on their ability to deliver exceptional value in today’s IoT-driven marketplace. Derived from deep innovation and intensive research in software analysis and software hardening, GrammaTech’s solutions are designed to address today’s most challenging software issues.
Today, more systems are controlled by software, more devices are connected, and more software is susceptible to attack. Developers need better tools to be able to deliver connected devices that are secure.
Unlike other traditional tools vendors, GrammaTech’s mission includes a research arm with over 20 PhDs focused on advancing the state-of-the-art in software analysis and protection. Through highly innovative research programs advancing techniques and technologies in software analysis, transformation, monitoring, and autonomic functions, GrammaTech’s software scientists are solving the software issues impacting the embedded, M2M, and IoT equipment markets.

GrammaTech CodeSonar 4.4 Available

(Ithaca, New York/USA, Offenburg/Germany, 2 November 2016)

Version 4.4 of GrammaTech CodeSonar is available. The release comes with the following enhancements:
  • 18 new warning classes for MISRA C/C++
  • New versions of FindBugs and PMD introduce many new warnings for Java.
  • Better handling of C++14 constructs
  • Compiler vendor extensions including Microsoft Visual Studio 2015 toolchain.

GrammaTech Recognized in Silicon Review's 50 Smartest Companies of the Year

(Ithaca, New York/USA, Offenburg/Germany, 6 October 2016)

GrammaTech was recognized in the Silicon Review as one of the 50 Smartest Companies of 2016. Silicon Review is a preeminent business and technology magazine for tech decision makers and enterprise IT professionals. GrammaTech was selected among companies around the world with software solutions that drive business value in the evolving technical IoT landscape.
GrammaTech excels with strong software assurance innovations in static analysis of source and binary code.
GrammaTech’s software scientists are pushing the boundaries of software analysis and hardening techniques and technologies with the objectif of helping commercial manufacturers eliminate critical software defects from increasingly complex IoT device software.

GrammaTech Starts Work on Advanced Analysis Engine for a Predictive Auto-Complete and Auto-Correct Code (DARPA´s PLINY Project)

(Ithaca/New York, 30 April 2015)

GrammaTech has begun work on PLINY, a joint effort among GrammaTech and three Universities, with the goal to automatically detect program defects, suggest program repairs, and complete program drafts. PLINY is part of DARPA´s (Defense Advanced Research Projects Agency) Mining and Understanding Software Enclaves (MUSE) program.
This initiative seeks to gather hundreds of billions of lines of publicly available open-source computer code to mine in an effort to create a searchable database of properties, behaviors, and vulnerabilities.
GrammaTech´s static code analysis tool CodeSonar will be at the center of the effort to generate features. CodeSonar has an extraordinary scalability, and an analysis engine with proven capabilities for discovering subtle program properties.     > further information

GrammaTech Announces an increase of 60% in CodeSonar annual Sales

(Ithaca/New York, Offenburg/Germany, 18 September 2014)

More and more customers from Aerospace, Automotive, Medical, Military, and Telecom Industries rely on the expertise of GrammaTech´s CodeSonar, a leading Static Code Analysis tool. Today GrammaTech announced a 60 percent increase in annual sales for its fiscal year, which closed on July 31.
GrammaTech´s success has been driven by new capabilities in CodeSonar for achieving standards compliance, eliminating multi-core issues, analyzing third-party code as well as improving software security by addressing dangerous information flows. CodeSonar is designed for failure-intolerant embedded environments. The tool analyzes both source code and binaries and identifies serious security and quality liabilities. Vulnerabilities, system crashes and unexpected behaviour at runtime as a result of e.g. memory corruption, leaks, data races, and other bugs can be avoided early in the development process.
For companies, which would like to increase their software quality, we propose static analysis by CodeSonar. Please ask for a free evaluation and get informed about our interesting license models.

GrammaTech President Thomas Reps Elected to Academia Europaea

(Ithaca, New York/USA, 24 October 2013)

GrammaTech, Inc., announced that Europe´s foremost thought-leadership academy, the Academia Europaea, has elected Dr. Thomas Reps, President and Co-Founder of GrammaTech, to be a foreign member in the Informatics division. Academy members rarely include scholars who are residents in other regions of the world. Only nine from 3,000 members of the Informatics division are from the United States.
"The invitation by Academia Europaea honors Tom´s ground breaking research on automated program analysis, computer security, and model checking based on his work at University of Wisconsin and GrammaTech," stated fellow member of the academy, Prof. Dr. Dr. h.c. Reinhard Wilhelm of the Saarland University in Saarbrücken, Germany.
The Academy´s mission is to encourage the highest possible standards in scholarship, research, and education, while promoting interdisciplinary and international research in all areas of learning.

GrammaTech Selected by the U.S. Navy to Improve Software Security

(Ithaca, New York/USA, 19 August 2013)

GrammaTech has been selected by the U.S. Navy to develop a tool that will provide computer systems with the ability to understand and react to malicious attacks, and then continue running safely. In this project, GrammaTech researchers will use a combination of automatic program analysis and manual tuning techniques to develop a tool for creating a model of a system´s intended behavior, capturing its most important properties and determining what low level events must be tracked in order to observe the system´s critical behavior.
The development of this tool will provide security-critical systems with an extra layer of protection against attacks, including attacks that don´t involve unusual system call activity. The technology will be immediately useful to branches of the government, financial institutions, and any companies whose systems require strenuous security protection.