Verifysoft in the News
Further press articles:
Testwell CTC++ Testwell CMT++/CMTJava Imagix4D CodeSonar CodeSentry Codee Verifysoft/General All Press Articles
Latest Press Releases
Interview with Verifysoft Technology
Since the foundation in 2003, Verifysoft can look back on a steady growth. The tools are used by more than 700 companies on all continents to improve the quality of their software.
Read the full interview with Verifysoft-CEO Klaus Lambertz: Easy Engineering March 2023
SBOMs and Four Pillars for Managing Medical Device Software Security
Unlike enterprise and government technology where cybersecurity has been a mainstay for years, product security is a relatively new discipline for medical device manufacturers. Meanwhile, the use of third-party software, including open-source components, and libraries, in connected devices further raises the ante, making software supply-chain security increasingly critical.
Read more: Connceted World, July 2022.
Using the CVSS to Secure the Software Supply Chain
Understanding which ones pose a clear and present security risk if they are not remediated is critical to securing the software supply chain. This is where vulnerability scoring can help prioritize mitigation planning and management.
Read more: Embedded Computing Design, June 30, 2022.
How SBOMs Reduce Software Procurement Risk and Improve Enterprise Security
Supply chain professionals should be familiar with a bill of materials (BOM), which is used to build quality products and support the procurement, inventory management, and resolution of problems involved in creating those products. A BOM is also used to manage parts and maintenance supplies when buying products. However, software procurement is often more concerned with licensing terms, security requirements, pricing, maintenance, and support needs. ...
Read more: ERP Solutions Review, May 18, 2022 .
9 tips for better code coverage measurement
Measuring test coverage, also known as code coverage, is becoming increasingly important for embedded systems. In many cases, these devices are critical to safety or business. Processes are based on IoT devices, patients rely on working pacemakers and intelligent insulin pumps, automotive and aviation is no longer conceivable without embedded software. This list could be continued almost endlessly.
Read the entire article here.
Measuring code coverage for embedded software
For safe and reliable embedded devices, testing is an indispensable part of quality assurance. It is not without reason that the standards for safety-critical software development set precise requirements for test methods and test coverage.
Read the entire article here.
How a DevSecOps approach improved security in iris recognition systems
We chose CodeSonar from GrammaTech because it met the above criteria as we implemented a DevSecOps approach. CodeSonar could both identify code issues and also provide explanations to developers so they could fix problems. This enables our global development teams to not only avoid making mistakes, but learn from past errors so they don’t crop up again.
Read the entire article here.
Software quality demands both static code analysis and dynamic testing
Read the entire article here.
10 Criteria for selecting a Code Coverage Tool
Various code coverage analyzers are available on the market for measuring code coverage. They differ significantly in terms of handling and quality.
Read the entire article here.
Top 5 'Need to Know' Coding Defects for DevSecOps
Read the entire article here.
Code Coverage on Embedded Devices
However, in most cases code coverage faces the constraints of limited storage capacity of the targets and CPU performance. Thus, it is vital to choose the right approach in order to facilitate monitoring code coverage analysis on embedded systems.
Read the entire article here.
Real World Benchmark for Static Code Analysis Tools
"There is an urgent need for benchmarks, such as those from GrammaTech, to allow software developers to evaluate static analysis tools in a comprehensive and real-world setting," says Barton Miller, Professor of Computer Sciences at the University of Wisconsin – Madison and Chief Scientist of SWAMP. "Also, developers of static analysis tools now have the ability to enhance their tools or benchmark new static analysis technologies with realistic test cases. Integrating these benchmarks into the SWAMP platform increases their effectiveness and availability."
Read the post here.
GrammaTech Announces Integration of JuliaSoft into CodeSonar
Today's software projects are utilizing more and more languages. An IOT device may use C/C++ for the safety critical programmable logic control, while it uses Java to provide a flexible user interface. A medical device may use C inside a pacemaker or an infusion pump, but use C# or Android to provide a familiar user interface to end-users on top of mobile devices. Integrating Julia into CodeSonar provides high recall, high precision, advanced static analysis of multiple languages into a single user interface complete with team collaboration and visualization tools, making it easy for software development teams to deliver better software faster all the while reducing cyber security risk.
Read the entire article here.
Insights Success: Verifysoft Technology is one of the 10 Best Performing Software Testing Solution Providers
Read the entire article here.
Detecting the Beep Vulnerability with CodeSonar
The error in beep.c was deteced with the static analysis tool GrammaTech CodeSonar.
Read the whole article here.
Integration Between GrammaTech CodeSonar and Wind River Workbench
Read full text here or watch the demo video.
Testwell CTC++ Code Coverage Analyser: Customer Testimonial from medical industry
... ISD chose Testwell CTC++ Code Coverage Analyser, a product of Verifysoft to support them in the verification. Being a typical bare metal embedded system without a file system, counters are needed to store information and later download from the target to source. One of the biggest challenges is the limited memory in the systems of ISD. Testwell CTC++ requires a very small footprint for its instrumentation and the Host target add-on makes integrations to any system very easy. ... There are no restrictions with compilers, IDEs or debug tools. ... Embedded-Computing.com, 12 May 2017
Can software development be more secure with static analysis?
Perhaps the most relevant point is the role static analysis plays in a security-first software design, which is critical in today´s connected and complex operating environment..... Electronicsweekly.com, 05 April 2017
Addressing IoT impact on software engineering
Manufacturers need to carefully evaluate the cyber threats and the level of exposure of IoT devices. New levels of software integrity can only be achieved if teams can eliminate both accidental coding errors and intentional design-in vulnerabilities, through efficient analysis techniques suitable for the typical highly complex applications of today.
Powered by the forces of the cloud, connected endpoints, wireless technologies, and big data, the Internet of Things (IoT) evolution is forming a perfect storm for software engineering teams. This single, transformative force is bigger than anything in the history of tech industry, fueling an unparalleled consumer- oriented features race, expected to advance at an incredible rate over the next decade. ...
boards & solutions + ECE March 2017 (PDF)
Free Imagix 4D plug-in for Testwell CTC++ Customers
Professional Tester, 22 December 2016
Guaranteeing proper software behavior is a challenge: New Testwell CTC++ customer testimonial
Professional Tester, October 2016
The comprehension of legacy codes is difficult to understand. ...
Consequently, the need for a comprehensive reengineering/reverse engineering tool arises.
We found the usage of Imagix 4D to be good as it generates the maximum pictorial representations in the form of flow charts, flow graphs, class diagrams,
metrics and, to a partial extent, dynamic visualizations. ...
Imagix 4D is a good tool in terms of variety of language supportability, graphical user interface, maximum diagram generation, and provide choices for visualize information by using filtering techniques.
Rashmi Yadav, Ravindra Patel, and Abhay Kothari: Critical evaluation of reverse engineering tool Imagix 4D! (Link to Springerplus, published online 2016)
Imagix 4D is a good tool in terms of variety of language supportability, graphical user interface, maximum diagram generation, and provide choices for visualize information by using filtering techniques.
Rashmi Yadav, Ravindra Patel, and Abhay Kothari: Critical evaluation of reverse engineering tool Imagix 4D! (Link to Springerplus, published online 2016)
Beijing Siener Electronics Tech. Development Ltd. Becomes Distributor for Testwell-Tools in China
Beijing Siener, a privately held company with headquarters in Beijing/China with offices in Shanghai/China, represents already companies like HighTec EDV-Systeme GmbH, pls Development Tools, and GLIWA GmbH in the fast growing Chineese market.
Professional Tester, February 2016
Verifysoft Becomes Distributor of the Source Code Checking and Architecture Analysis Tool Imagix 4D
Professional Tester, 27 January 2016
Verifysoft announces new version 8.0 of Testwell CTC++ Code Coverage Analyser
New major features of Testwell CTC++ 8.0 include improved the overall architecture of the HTML form coverage report, introduced "line coverage" in the HTML report, introduced "annotations", improved reporting of header files, improved merging of coverage data of independently tested code files...
Professional Tester, 31 December 2015
Static code analysis tools gain ISO 26262, IEC 61508, EN 50128 certification
EE Times Europe, 4 July 2014
CodeSonar Achieves ISO 26262, IEC 61508, and EN 50128 Certification
Ithaca, NY — GrammaTech, Inc., a leading maker of tools that improve and accelerate software development, today announced that CodeSonar, the company's flagship static analysis product, has been certified by SGS TÜV Saar GmbH for use in the development of safety-critical software according to several international standards: ISO 26262, IEC 61508 and EN 50128. These three standards were designed to define the functional safety of electronics throughout their lifecycle within automotive systems, medical devices, and railway applications, respectively.
Professional Tester, 2 July 2014
GrammaTech Unveils Visual Security Analysis for Embedded Software
GrammaTech, Inc., a leading maker of tools that improve and accelerate embedded software development, today introduced the industry´s first visual taint analysis technology. Available in CodeSonar, GrammaTech´s flagship static analysis product, this innovation combines advanced tainted dataflow analyses with GrammaTech´s proprietary visualization engine, to clearly display notoriously hard-to-find tainted data pathways in embedded systems. ... Professional Tester, 25 February 2014
Software certification: Qualification kit for Testwell CTC++
The Official Daily 2014, 25 February 2014
Embedded software security analysis gets visual
EE Times Europe, 4 March 2014
Testwell CTC++: Code Coverage Analysis for safety-critical Embedded Systems
DSP Valley Newsletter 5/2013 (November 2013)
Tools Ensure Reliability of Critical Software
After successfully adapting CodeSonar to check for the NASAderived rules, GrammaTech transitioned the changes into its commercial version of the product in 2008. ...
NASA Spinoff 2011
How good are your software tests?
Test coverage is used to evaluate the completeness of software tests. There are many standards which require test coverage measurements. ISO 26262 Road Vehicules Functional Safety requires according to the Safety Integrity Level statement coverage, branch coverage or MC/DC (Modified Condition/Decision Coverage). The aeronautics standard DO178-B requires test coverage up to MC/DC coverage. Coverage analysis is also widely used in healthcare industry and companies which are aware of higher software quality. ...
DSP Valley Newsletter 1/2012
Siemens Corporate Technology publishes paper on Conformiq Designer and one other MBT tool
Conformiq is rated reliable and easy to use. Download (ACM Portal)
Detecting Bugs in Safety-Critical Code - Advanced Static Analysis
Dr. Dobb´s Journal March 2008
Static vs. Dynamic Detection of Bugs in Safety-Critical Code
Recently, a new breed of static analysis tools has emerged that can find flaws without writing any test cases. ...
Embedded Technology March 2008
Tool automatically generates software tests
Verifysoft Technology will exhibit a number of new products at Embedded World.
Conformiq Test Generator replaces the time consuming process of writing test scripts with the building of a test model.
... The test generator analyses this model and generates automatically a large number of relevant tests that cover all combinations and aspects of the model. ...
Embedded Systems EUROPE January/February 2006
Verifysoft: automatic software testing tool
Conformiq Test Generator replaces the time-consuming process of writing test scripts with the building of a test model. This releases the burden of writing manual test cases and script programming from the test engineers.
Embedded Control Europe (February 2006)