Verifysoft Technology at Embedded World 2019: Safety and Security for Embedded Software

Watch here our video: Verifysoft at Embedded World 2019



Verifysoft Technology participated in the Embedded World 2019, for the 15th time in its 16 years of company history. Over 32.000 visitors came to the fair in Nuremberg for information about the latest developments in the embedded sector.
Until now our testing and analysis tools are mainly used for software safety. Because of the challenges of the Internet of Things and connected objects, now also software security matters.

Testwell CTC++ Test Coverage Analyser now supports Penetration Tests

Our Code Coverage Analyser Testwell CTC++ is currently being used for software quality assurance in 38 countries on every continent. The tool covers code coverage for all coverage levels up to MC/DC- and multi-condition coverage, and thus the requirements of all safety standards like IEC 61508, ISO 26262 and DO-178. Testwell CTC++ is easy to integrate, works with all compilers and supports all embedded targets. Even the smallest targets and microcontrollers are, thanks to low instrumentation-overheads, no problem for Testwell CTC++. The latest version supports in addition to C, C++, Java and C# also Objective C.
Testwell CTC++ is mostly used for safety reasons but can also be deployed for security. In this area the tool is being used for Penetration-Tests in order to prove that code is not being executed through hacker attacks. In contrast to the traditional usage of code coverage, the objective during penetration testing is that no code is being processed. Attacked parts of code can be identified precisely due to coverage analysis. This simplifies the detection of safety gaps.

Static Code Analysis shows potential Targets of Cyber Criminals

To achieve improved software quality, both dynamic and static code analysis are required. Static tests can be used in early stages of the development process since the code does not have to be executed during static analysis. The correction of bugs is relatively cheap at this point. This results in improved software quality but also in high potential cost savings through the usage of static code analysis.
GrammaTech CodeSonar is one of the leading analysis tools for C and C++. CodeSonar offers the advantage to not only analyse the source code but also the program parts that are only available in binary code. This is particularly vital for safety critical applications. From multiple studies of software projects, over 20% of the code is not available in source code and its quality is potentially unknown.
The static code analysis plays an important role when it comes to the increasing connectivity of devices, because this creates potential targets for cyber criminals. GrammaTech CodeSonar generates a model out of the code, which helps to analyse all data flows.

Julia Static Analyzer for Java und C#

The new connectivity that comes with the internet of things bears new challenges. Embedded Software, usually written in C or C++, is traditionally classified as safety critical, but the same is now true for connected software that is written in Java or C#.
To make it possible that this software can be tested as well, Verifysoft and Grammatech formed a partnership with JuliaSoft. The company, with headquarters in Northern Italy, is a spin-off of the University of Verona. JuliaSoft, with its Julia Static Analyzer tool offer semantic static analysis of enterprise software in Java and C#. The integration of the Julia Static Analyzer into GrammaTech CodeSonar provides a complete and integrated solution for improving the quality of these “Embedded software”, hardware and enterprise programming domains.

Imagix 4D supports Reverse Engineering

Imagix 4D is a tool to easily understand unknown C, C++ and Java code by visualisation. It simplifies the evaluation of code quality through diverse static assessments and the application of metrics.
Imagix 4D supports you through partly automated tests and the creation of reports of code reviews. It visualises and documents differences between various software versions.

Improve software quality now

In addition to software testing and analysis tools, Verifysoft offers seminars about topics related to software quality. Improve the quality and safety of your software now: Ask for further information and free evaluations of our software testing tools.

Verifysoft Trade Show Team at Embedded World 2019

Earlier Participations at Embedded World

Embedded World 2018, Embedded World 2017.