Thanks for 2020 and all the Best for 2021

(Offenburg/Germany, 11 December 2020)

We would like to thank you very much for the pleasant cooperation in this challenging year.
The Verifysoft team wishes you a happy and relaxing holiday season, as well as all the best, happiness and above all, health in the New Year!
We all hope to get a little more normality in 2021 and we look forward to continuing a successful cooperation!
Your Verifysoft Technology Team

Demonstration by CS Group USA on CodeSonar and LEAFS to Reduce Cost and Time in Software Development

(Ithaca/New York/USA, 3 December 2020)

Strong software development teams have a well-defined process and are supported by a strong tooling environment. CS Group USA and GrammaTech highlight in this webinar how CS Group’s LEAFS can be used in combination with GrammaTech’s CodeSonar to automate the process and help software developers efficiently deliver high quality code that needs to align to functional safety standards.
Watch the recorded webinar interview now.

Achieving Industrial Functional Safety with IAR and GrammaTech

What is coming up next from GrammaTech - TechStrong.tv Interview with GrammaTech

(Ithaca/New York/USA, 19 November 2020)

Interested in what the teams at GrammaTech have been working on?
Alan Shimel at TechStrong.tv sat down with Mark Hermeling on November 19 in this 18-minute interview to discuss all things GrammaTech and what is coming up next!
Speakers: Alan Shimel, Co-Founder and Editor and Chief of MediaOps, Security Blvd & Container Journal & Mark Hermeling, Senior Director of Worldwide Sales at GrammaTech.
Watch the interview here.

Webinar: Achieving Industrial Functional Safety with IAR and GrammaTech

(Ithaca/New York/USA, 16 November 2020)

This webinar will review current functional safety standards including IEC 61508, EN50128, ISO26262 and how to execute towards necessary safety requirements. IAR and GrammaTech will also discuss how security impacts safety, how to make sure you have security in the device and software development lifecycle levels, and ensuring you have the tools needed to follow the growing security standards.
IAR will discuss how their compilers can assist with a path to achieving functional safety. Additionally, IR will discuss how their C-STAT tool fast tracks coding standard conformance.
With GrammaTech’s recent functional safety certification in IEC 61508, ISO 26262 and CENELEC EN 50128, GrammaTech will cover how CodeSonar’s static analysis for source and binary helps engineers write safe and secure software by supporting them during the software development lifecycle with deep, whole program static analysis.
Learn more in GrammaTech's and IAR's video.

Validas Podcast: Modified Condition/Decision Coverage — MCDC

(Munich/Germany, 28 October 2020)

Dr. Oscar Slotosch (Validas AG Munich) has given a great explanation of MC/DC Coverage in his podcast. MCDC is a ubiquitous technique used in software testing, but the tools that test it must also be appropriately qualified. In this episode Oscar gives an overview of this code coverage criterion, explains its history and development, and shares his experiences. Oscar explains that safety standards are very rigorous and that MC/DC Coverage can only be measured by commercial tools. One good tool for this is Testwell CTC++ from Verifysoft. Learn more

Imagix 4D: Version 10.1 Available

(San Luis Obispo/USA, Offenburg/Germany, 9 October 2020)

Imagix 4D 10.0 has been released and is now the standard download from the Imagix website.
This release has 3 main features:
- Complete HIS checklist including underlying MISRA rules and metrics covering two project versions
- Delta control flow charts that show the flow chart differences between two project versions
- Unreachable Statement report and other small report enhancements
Learn more.

GrammaTech CodeSonar 5.4 Available

(Ithaca/New York/USA, Offenburg/Germany, 8 October 2020)

A new version of the leading static analysis tool GrammaTech CodeSonar has been released.
This release has several new features as well as compatibility updates:
The C++ parser has been upgraded, which provides much better parsing of C++ 17, improved support for C++ 20, and better compatibility with compiler dialects. These changes now also allow parsing of the recently released Android 11.
There are several new warning classes, all of which address rules in MISRA C++ 2008 and AUTOSAR C++.
Subcommands for DevSecOps: There is an entirely new way to invoke additional CodeSonar functionality from the command line through the Python API. This makes it easier to integrate with CI/CD tools such as Jenkins/GitHub/GitLab or other DevSecOps tools.

We are a great team and want to get even better

(Steinen/ Black Forest, 24th September 2020)

Verifysoft – We are a good team. We are successful. We have fun. We work together in a friendly, almost family-like environment.
We set ambitious goals. We are good at what we do and want to impprove even more.
Each day we work on this: in the office, at the client’s and in team-events – as we did in our two-day workshop in the Southern Black Forest.

Functional Safety Certification with GrammaTech

(Ithaca/New York/USA, 4 September 2020)

GrammaTech is specialized in helping customers improve their software development processes. Many of our customers work with software that has to be certified to certain levels of functional safety, and we receive many questions on the ins-and-outs of functional safety.
With GrammaTech's recent functional safety certification through Exida in IEC 61508, ISO 26262 and CENELEC EN 50128, we thought it would be beneficial to invite members of Exida's team to discuss the most frequently asked questions we receive.
Learn more in GrammaTech's and Exida's video.

Webinar: Tools to Perform a Security Review on Unknown Code

Performing a deep security review on third party code is hard. You typically receive a bunch of source code, no design documents, very little comments in the source code. Still, you have to do an assessment of the code and provide a risk score. Where do you get started?

In this webinar we will show you how GrammaTech and Imagix can help. GrammaTech CodeSonar can perform deep static application security testing on the source code. The result is a set of warnings of things that may be risky. Still, to understand whether a problem, say a buffer overrun, is externally triggerable, you would need to understand the design of the application. This is where Imagix comes in, it can overlay the path of the static analysis warning over a design that is reverse engineered from the source code. And that is just one of the many tricks.
Watch video here.

GrammaTech Acquires JuliaSoft to Expand Reach of CodeSonar® SAST Platform to Java and C#

(Bethesda (MD)/USA, 22 July 2020)

GrammaTech announced that it has acquired the intellectual property and assets of JuliaSoft S.r.l. (Italy) to extend its CodeSonar Static Application Security Testing (SAST) platform with automated code analysis for Java and C# code.
To provide customers with an integrated solution for reliably detecting security vulnerabilities and other defects in their embedded applications, the Julia Static Analyzer will be unified into the CodeSonar® platform. This will enable developers to perform static analysis of C, C++, Java and C# code and develop secure applications faster. The new language support extends automated detection of software vulnerabilities to enterprise use cases where safety and security are indispensable.
The Julia products will immediately extend CodeSonar’s market reach and differentiation by further expanding its depth and breadth whether the use case is achieving code checking, code quality, code security or adhering to coding standards.

Adventure Team Event 2020

(Offenburg/Germany, 22 June 2020)

For this year’s team building event Verifysoft Technology went canoeing. While paddling down the idyllic (and sometimnes challenging) Altrhein River we realized that only together we can go ahead. Thank you to the whole team that made the excursion fun and unforgettable.
Find more information here on how to join our team.

GrammaTech CodeSonar 5.3 Available

(Ithaca/New York/USA, Offenburg/Germany, 17 June 2020)

This release of CodeSonar 5.3p0 has several new features as well as numerous bug fixes, compatibility updates, and other minor improvements:
Uninitialized Variable
The Uninitialized Variable warning class has been extended to apply to uninitialized fields of structs and classes, and other partially uninitialized variables.
Default Configuration
CodeSonar now allows you to select a set of presets to be used by default for all projects, which alleviates the need for those presets to be specified at analysis time.
C++ Parsing
Compatibility with non-standard C++ language dialects understood by newer versions of compilers such as Clang and gcc has been improved.
MISRA
There are several new MISRA C++ 2008 warning classes.
Visualization
The HTML5 visualization tool has been extended to allow expansion of layers in the call graph.
NetBSD
CodeSonar is now available for NetBSD version 8.0.

Automotive Cyber Security Online:
Speaker Spotlight of GrammaTech

GrammaTech is a proud sponsor of the upcoming Automotive Cybersecurity Online Summit, June 23-24!
Join us at our session titled “Recognizing the Intersection of Safety and Security Across the Software Lifecycle” on Day Two.
All OEMs, Tier 1 Suppliers, Fleet Owners, Government and other End-Users can attend at no cost.
Register here.

Verifysoft: Fair prices require fair business relationships

(Offenburg/Germany, 3 June 2020)

At Verifysoft Technology we aim for a prosperous and long-term relationship with our customers, colleagues and suppliers. We offer excellent tools for software testing and analysis for fair and reasonable prices. In return, we expect our customers to deliver payment to our standard payment condition NET30. In most cases, this does not pose any problem or require additional effort on our side. Here we would like to take the opportunity to thank our customers, who adhere to common business etiquette and keep their obligations.
However, single customers take issue with long-established payment practices. Therefore, we want to ultimately clarify our invoicing and payment terms.

Testwell CTC++ nominated for Electronics Industry Awards 2020

(Maidstone/UK, Offenburg/Germany, 2 June 2020)

Testwell CTC++ Test Coverage Analyser from Verifysoft Technology has been recognised as a finalist for the the Electronics Industry Awards 2020 in the category "Engineering Development/ Design Tool"
Learn more

Webinar: Best Practices for Software Trustworthiness in IIoT Applications

Tuesday, June 17, 11:00 am PST/10 am CST (8:00 pm CET, Berlin, Wien, Zurich)

Untrustworthy software can have a significant impact on industrial systems. That impact could range from machine down time to lives being at stake? Do you want to bet your company’s assets on untrustworthy software over the complete lifecycle of your equipment?

In this webinar, we will provide a high-level overview of software trustworthiness for developers, owner-operators, and decision makers in industrial IIoT systems. We’ll address various aspects of creating, acquiring, and protecting software and provide practical and actionable best practices for recognizing untrustworthy software. We’ll also explain how you can mitigate the risks associated with untrustworthy software.
Register here.

Qualification-Kit for Testwell CTC++: Update for latest CTC++ Versions 9.0.3 and 9.1 Available

(Offenburg, Munich/Germany, 22 May 2020)

A new version of the Tool Qualification Kit for Testwell CTC++ is available for safety critical projects according to DO-178C, ISO 26262, IEC 61508, EN 50128 and IEC 60880. This version of the Qualification-Kit is compatible with the current version 9.1 and the former version 9.0.3 of the Test Coverage Analyser Testwell CTC++.
The Qualification-Kit helps to prove that Testwell CTC++ works properly in your development and test environments. Such proofs are mandatory according to safety standards.
The update of the kit has been developped by Verifysoft Technology in cooperation with Validas AG (Munich/Germany) and is available for customers with valid software maintenance. Learn more

Webinar: Right Tool / Right Methodology – Developing Safety and Security Critical Systems

Ithaca/New York/USA, Offenburg/Germany, 27 May 2020

• Are you prepared enough in your knowledge of Safety-Critical or DO-178C to be “experts in the subject”?
• Have you considered Cyber-Security/ DO-326A and its impact on your software?
• Are you receiving RFPs that have a requirement to adhere to coding standards?
• Are you currently doing manual peer review of code?
• Does your static analysis check coding standards _and_ detect bugs?
• Do you need to analyze software of unknown provenance?
GrammaTech’s CodeSonar for static analysis will help you find more defects in your code faster. AFuzion will show you the gaps in your Safety-Critical methodology and train you to harness the talent of your team - so you can get down to the business of releasing cutting-edge DoD-certified technology sooner, with peace of mind.
Watch the video.

worlds-best-software-solution-providers-2020

Verifysoft Technology has been elected among the World's Best QA & Solution Providers 2020

(Dublin/OH/USA, Offenburg/Germany, 12 May 2020)

Verifysoft has been elected among the World's Best QA & Solution Providers 2020 by CIO Look. CIOLook is Global business authority platform to explore the perspective of entrepreneurs, business owners, and innovators who drive business around the world.
More information: Verifysoft Technology GmbH: A Prominent Code Coverage Analyzer for Embedded Software (pdf) CIO Look

14 Advantages of Testwell CTC++: New Video Available

(Offenburg/Germany, 6 May 2020)

Testwell CTC++ is the leading tool for measuring Code Coverage on host and on all (even smallest) embedded targets and microcontrollers.
Our video shows the 14 main advantages of Testwell CTC++:
Support of all coverage levels, all embedded targets, all compilers. Support of C, C++, Java, and C#. Works also with "exotic" language constructs, integration in your IDE, usage via command line allowing Automated Builds / Continuous Integration, no modification of your original source code, clear and understandable reports, compliance to safety standards, Qualificaiton Kit, outstanding technical support, high customer satisfaction, ...
Learn more

GrammaTech CodeSonar Refreshes IEC 61508, ISO26262 and CENELEC EN 50128 Certifications

(Ithaca/New York/USA, Offenburg/Germany, 6 May 2020)

Three fresh new functional safety certificates are now available for GrammaTech CodeSonar version 5.2p0 and later covering IEC 61508, ISO 26262 and CENELEC EN 50128.
These certificates document that CodeSonar is qualified to be used to develop software that needs to be certified to the highest functional safety levels: SIL 4 for IEC 61508 and CENELEC EN 50128 and ASIL D for ISO 26262.
The three certificates are at the core of the Functional Safety Documentation Kit that GrammaTech offers as an add-on to CodeSonar. This documentation kit provides additional documentation that customers will need when they integrate CodeSonar into their processes...
> Learn more.

Webinar: Combining SAST, Shift Left, Lean and DevSecOps

Ithaca/New York/USA, Offenburg/Germany, 5 May 2020

Wondering what you can do to maximize the efficiency of your software development teams? This webinar will go beyond keyword bingo and walk you through how you can combine static analysis with concepts from Shift Left and DevSecOps to empower your software developers.
The webinar will look at how static analysis provides benefits to Shift Left and DevSecOps. It will look at more than ‘defect detection’ and focus on flexible workflows that allow developers to focus on their deliverables and integrate static analysis into their workflows without overhead.
Whether you use GitHub, GitLab, raw git, SVN, RCS, ClearCase, TFS, Top, or any other tool, this webinar will help you understand where static analysis fits in your workflow and how CodeSonar can be used to integrate into our CI/CD pipelines.
The result: Better code quality, increased safety and security and satisfied developers. Watch the video.

CodeSonar Selected by the Joint Federated Assurance Center (JFAC) to Improve Confidence in Department of Defense Applications

(Ithaca/New York/USA, Offenburg/Germany, May 2020)

GrammaTech announces their collaboration with the Joint Federated Assurance Center (JFAC) to provide CodeSonar® for Source and Binaries to Department of Defense organizations, improving their software-assurance practices and helping them deliver more secure and resilient software systems.
Part of JFAC’s mission is to identify and facilitate access to software- and hardware-assurance expertise. In choosing CodeSonar® for Source and Binaries, they enable member organizations to improve their security-vulnerability detection capability from development to operations.
CodeSonar® can now be used by DoD programs to detect cyber vulnerabilities in source code during the software development lifecycle, as well as during the deployment phase when only binaries are available. ...
> Learn more.

Imagix 4D: Version 10.0 Available

(San Luis Obispo/USA, Offenburg/Germany, 28 April 2020)

Imagix 4D 10.0 has been released and is now the standard download from the Imagix website.
Version 10.0 contains a significant upgrade in the speed and lenience of the C / C++ source analyzer.
New SARIF functionality enables static analysis results from other tools to be imported and methodically reviewed within Imagix 4D, and Imagix 4D static analysis results to be exported for viewing in IDEs.
Delta Analysis had been restricted to comparing two separate projects; the storage and comparison of revisions within a project has been eliminated, in preparation for the addition of new Delta Analysis capabilities in an upcoming release.
Learn more

Testwell CTC++: Version 9.1 Available

(Offenburg/Germany, 3 April 2020)

Verifysoft has released a new version of Testwell CTC++ Test Coverage Analyser.
Customer with valid software maintenance can download the new version 9.1 of the Code Coverage Analyser via the Verifysoft Customer Area. If you are customer and you don't have the credentials for our download platform, please contact us.
The new version comes with the following new features:
Improved Build Integration on Windows
With the tool ctclaunch, a fundamental new method is introduced to integrate Testwell CTC++ in build systems like CMake or MSBuild. This way is especially made for the use on build servers where instrumented and not instrumented builds are run in parallel.
New Help
The User Guide will be replaced by an HTML based help. Verifysoft wants to achieve two goals with that step: To provide an easy access to all information, while preserving the content depth for experienced users.
Learn more

DARPA Awards GrammaTech $7.6M for Safety and Certification Research

(Ithaca/New York/USA, Offenburg/Germany, March 2020)

GrammaTech, Inc. announces that it has been awarded a $7.6 million, four-year contract from Defense Advanced Research Projects Agency (DARPA).
Automated Rapid Certification of Software (ARCOS) is a DARPA program focused on generating evidence and assurance cases for a broad range of certification and/or accreditation standards. ...
GrammaTech is developing a set of tools for ARCOS that will enable the same testing strategies used for new software development to be employed for recertification of legacy software and provide better traceability, complete with rationale for why specific test results deliver sufficient requirements and structural code coverage.
In addition, these tools will scale and automate test generation, execution, and test-suite maintenance to achieve measurably improved test coverage and completeness and decreasing time to deployment. ...
> Learn more.

Recommended Application Security Testing (AST) Techniques

(Ithaca/New York/USA, Offenburg/Germany, 20 March 2020)

There are some very interesting takeaways from Gartner’s recent report “How to Deploy and Perform Application Security Testing”.
Primarily, “application security testing (AST) is a critical practice within the software development life cycle (SDLC) and covers multiple techniques, from early development stages through to, and including, production.” Clearly, static analysis tools or static application security testing tools (SAST) play an important part in developing secure software.
This post looks at some of the findings from the report and how we believe advanced SAST tools like GrammaTech CodeSonar® can help with the challenges and implement the recommendations. ...
> Learn more.

Embedded World 2020: Safety and Security for Embedded Software with Tools from Verifysoft Technology

(Nuremberg/Germany, 16 March 2020)

At Embedded World 2020, Verifysoft presented first-class test and analysis tools to increase the quality and security of embedded software. However, due to concerns about the corona virus, only 14,000 rather than the more usual over 30,000 visitors came to Nuremberg. Nevertheless, Verifysoft was very satisfied with the numerous discussions that took place.
The topic of software testing was extremely popular at the Verifysoft booth this year: the number of interested users who came to learn about our leading technology tools for improving quality in software development was only slightly lower than in previous years.
Verifysoft was in Nuremberg with a team of eleven specialists. We presented the following solutions:
Testwell CTC++ Test Coverage Analyser: can be used anywhere and works everywhere
Static Code Analysis with GrammaTech CodeSonar: the earlier you test, the less expensive is it to fix errors
Imagix 4D: helps you to understand unknown code
Learn more / Watch the Video here

Embedded World 2020: Interview with Mark Hermeling, GrammaTech´s Director of Product Marketing

(Nuremberg/Germany, 15 March 2020)

We already have dynamic analysis. So why do we need static analysis at all anymore?
As Mark Hermeling, Director of Product Marketing for GrammaTech explains, dynamic analysis code testing tools may identify errors like NULL pointer dereferences or buffer overflows days or weeks after the original author has finished writing the code.
But with static analysis, you're able to find those code quality issues earlier in the development cycle, eliminating a lot of potential cost, headaches, and wasted time later on.
And, these static analysis tools can even be applied to more modern languages like Java, Python, and so on.
Watch the Video here

Meet us at Indian Electronics Week 2020 in Bangalore

Come explore latest electronics, embedded, IoT and Test solutions. Meet our Value Added Reseller Lexingtonsoft at India Electronics Week.
India Electronics Week is a mega show with multiple co-located events including expositions, conferences and seminars. Aiming to promote and enable development of SMARTER products in India, IEW showcases the latest products, solutions and industry best practices involving the design and manufacturing of electronics. And, that’s why IEW is held only at Bengaluru–the technology capital of India.
Show info:
Dates: 13-15 February 2020
Venue: KTPO Whitefield, Bengaluru, India
Get your Free Expo Pass here.

Verifysoft Technology: The Company Video

(Offenburg/Germany, 14 January 2020)

Software has become an integral part of our lives today. How important is the quality of software when you fly on an aircraft or when you drive your car? Faulty software can have fatal consequences.
Verifysoft Technology has provided first class testing and analysis tools to software development teams. In short, we sell safety and security.
What does Verifysoft offer to over 600 customers in 40 countries?
Why is the customers’ satisfaction more important than making a fast buck?
Why is a positive working atmosphere important to us?
Verifysoft's Company Video gives answers.