Verifysoft in the News
Further press articles:
Testwell CTC++ Testwell CMT++/CMTJava Imagix4D GrammaTech CodeSonar GrammaTech CodeSentry Verifysoft/General All Press Articles
Latest Press Releases
(Ithaca/New York/USA, 8 January 2021)
Integrating static analysis into the development cycle can prevent coding defects and deliver secure software faster. Security practitioners are accustomed to intervening at the end of the software development process to identify security vulnerabilities, many of which could have been prevented with earlier intervention. To address this problem, developers who are already under pressure to deliver increasingly complex software faster and less expensively are being recruited to implement security earlier in the development cycle under the "shift-left" movement. To understand the obstacles facing developers in meeting new security requirements, consider the five most common coding defects and how to address them.
Read the entire article here.
(Maidstone/Kent, Offenburg, 20 June 2019)
Software for embedded devices requires broad testing before the concerning products reach market maturity. Especially when it comes to safety critical environments, proof of testing is required by various certifications and safety standards such as IEC 61508.
However, in most cases code coverage faces the constraints of limited storage capacity of the targets and CPU performance. Thus, it is vital to choose the right approach in order to facilitate monitoring code coverage analysis on embedded systems.
Read the entire article here.
(Ithaca/New York, Offenburg, 4 February 2019)
Software development and quality managers that are looking to measure the benefit of static analysis can now use BugInjector, a tool that can inject Common Weakness Enumeration (CWE) based bug patterns into existing code bases, thus delivering real-world benchmarks. This independent real-world benchmarks have been created by GrammaTech under contract for the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) and are now available in the Software Assurance Marketplace (SWAMP) at no cost.
"There is an urgent need for benchmarks, such as those from GrammaTech, to allow software developers to evaluate static analysis tools in a comprehensive and real-world setting," says Barton Miller, Professor of Computer Sciences at the University of Wisconsin – Madison and Chief Scientist of SWAMP. "Also, developers of static analysis tools now have the ability to enhance their tools or benchmark new static analysis technologies with realistic test cases. Integrating these benchmarks into the SWAMP platform increases their effectiveness and availability."
Read the post here.
(Ithaca/ New York, USA, Offenburg/Germany, 24 September 2018)
Software teams that build safety and security critical systems using Java, C#, or Android can now benefit from high recall, high precision, advanced static analysis. GrammaTech today announces support for these platforms thanks to the integration of the advanced static analysis engine Julia from JuliaSoft into GrammaTech CodeSonar.
Today's software projects are utilizing more and more languages. An IOT device may use C/C++ for the safety critical programmable logic control, while it uses Java to provide a flexible user interface. A medical device may use C inside a pacemaker or an infusion pump, but use C# or Android to provide a familiar user interface to end-users on top of mobile devices. Integrating Julia into CodeSonar provides high recall, high precision, advanced static analysis of multiple languages into a single user interface complete with team collaboration and visualization tools, making it easy for software development teams to deliver better software faster all the while reducing cyber security risk.
Read the entire article here.
(Dublin/Ohio, USA, Offenburg/Germany, 26 June 2018)
Insight Success focuses distinctively on emerging as well as leading fastest growing companies, their confrontational style of doing businesses and the way of delivering effective and collaborative solutions to strengthen market share. Verifysoft Technology has now been elected among the 10 best performing software solution providers by Insights Success. Since its founding in 2003, Verifysoft has established a presence in over 40 countries and recorded growth of more than 40% last year. The company believes software testing is an essential service and its importance will only increase in the future. Verifysoft has established itself as a leader in providing software testing solutions which are efficient and reliable. Its CTC++ test system is extremely reliable even in the most adverse and challenging circumstances. The management team at Verifysoft believes they have a good product on their hands, and they give client satisfaction top priority.
Read the entire article here.
With this integration, software developers can annotate and resolve the software vulnerabilities that CodeSonar highlights without leaving the Wind River Workbench development environment, thereby significantly boosting productivity. Supporting the native Wind River VxWorks® real-time operating system as well as the POSIX API, CodeSonar provides advanced, whole program static analysis of application software and device drivers running in either kernel or user mode. For developers of complex Internet of Things (IoT) devices, CodeSonar delivers a must-have capability as it finds security and quality problems as well as problems specific to multi-core development such as deadlocks, livelocks, resource starvation, and race conditions. CodeSonar identifies bugs that can result in system crashes, unexpected behavior, and security breaches, reducing the risk of shipping costly, brand-damaging defects. It finds these bugs during the development phase, before software is tested, thereby saving cost and time.
Read full text here or watch the demo video.
... ISD chose Testwell CTC++ Code Coverage Analyser, a product of Verifysoft to support them in the verification. Being a typical bare metal embedded system without a file system, counters are needed to store information and later download from the target to source. One of the biggest challenges is the limited memory in the systems of ISD. Testwell CTC++ requires a very small footprint for its instrumentation and the Host target add-on makes integrations to any system very easy. ... There are no restrictions with compilers, IDEs or debug tools. ... Embedded-Computing.com, 12 May 2017
Perhaps the most relevant point is the role static analysis plays in a security-first software design, which is critical in today´s connected and complex operating environment..... Electronicsweekly.com, 05 April 2017
Manufacturers need to carefully evaluate the cyber threats and the level of exposure of IoT devices. New levels of software integrity can only be achieved if teams can eliminate both accidental coding errors and intentional design-in vulnerabilities, through efficient analysis techniques suitable for the typical highly complex applications of today.
Powered by the forces of the cloud, connected endpoints, wireless technologies, and big data, the Internet of Things (IoT) evolution is forming a perfect storm for software engineering teams. This single, transformative force is bigger than anything in the history of tech industry, fueling an unparalleled consumer- oriented features race, expected to advance at an incredible rate over the next decade. ...
boards & solutions + ECE March 2017 (PDF)
Beijing Siener, a privately held company with headquarters in Beijing/China with offices in Shanghai/China, represents already companies like HighTec EDV-Systeme GmbH, pls Development Tools, and GLIWA GmbH in the fast growing Chineese market.
Professional Tester, February 2016
New major features of Testwell CTC++ 8.0 include improved the overall architecture of the HTML form coverage report, introduced "line coverage" in the HTML report, introduced "annotations", improved reporting of header files, improved merging of coverage data of independently tested code files...
Professional Tester, 31 December 2015
Ithaca, NY — GrammaTech, Inc., a leading maker of tools that improve and accelerate software development, today announced that CodeSonar, the company's flagship static analysis product, has been certified by SGS TÜV Saar GmbH for use in the development of safety-critical software according to several international standards: ISO 26262, IEC 61508 and EN 50128. These three standards were designed to define the functional safety of electronics throughout their lifecycle within automotive systems, medical devices, and railway applications, respectively.
Professional Tester, 2 July 2014
GrammaTech, Inc., a leading maker of tools that improve and accelerate embedded software development, today introduced the industry´s first visual taint analysis technology. Available in CodeSonar, GrammaTech´s flagship static analysis product, this innovation combines advanced tainted dataflow analyses with GrammaTech´s proprietary visualization engine, to clearly display notoriously hard-to-find tainted data pathways in embedded systems. ... Professional Tester, 25 February 2014
The Official Daily 2014, 25 February 2014
DSP Valley Newsletter 5/2013 (November 2013)
After successfully adapting CodeSonar to check for the NASAderived rules, GrammaTech transitioned the changes into its commercial version of the product in 2008. ...
NASA Spinoff 2011
Test coverage is used to evaluate the completeness of software tests. There are many standards which require test coverage measurements. ISO 26262 Road Vehicules Functional Safety requires according to the Safety Integrity Level statement coverage, branch coverage or MC/DC (Modified Condition/Decision Coverage). The aeronautics standard DO178-B requires test coverage up to MC/DC coverage. Coverage analysis is also widely used in healthcare industry and companies which are aware of higher software quality. ...
DSP Valley Newsletter 1/2012
Conformiq is rated reliable and easy to use. Download (ACM Portal)
Recently, a new breed of static analysis tools has emerged that can find flaws without writing any test cases. ...
Embedded Technology March 2008
Verifysoft Technology will exhibit a number of new products at Embedded World.
Conformiq Test Generator replaces the time consuming process of writing test scripts with the building of a test model.
... The test generator analyses this model and generates automatically a large number of relevant tests that cover all combinations and aspects of the model. ...
Embedded Systems EUROPE January/February 2006
Conformiq Test Generator replaces the time-consuming process of writing test scripts with the building of a test model. This releases the burden of writing manual test cases and script programming from the test engineers.
Embedded Control Europe (February 2006)