EEJournal

industry news
Subscribe Now
February 24, 2015

GrammaTech Unveils New CodeSonar Release Designed for the IoT Era

ITHACA, N.Y., Feb. 24, 2015 /PRNewswire/ — GrammaTech, Inc., a leading maker of tools that improve and accelerate embedded software development, today announced availability of CodeSonar 4.1, the latest version of the company’s industry-leading software analysis tool for C/C++, Java, and binaries. Built to deliver unmatched depth of analysis, the latest version of CodeSonar includes new distributed analysis capabilities, deeper tainted data analysis, and binary analysis support for x64 processors. Combined, these advances will help developers build more stable and secure code in the Internet of Things (IoT) era, where a growing number of embedded software systems are networked enabled in sometimes unpredictable and often unsecure ways.

“Embedded systems continue to require better protection against cyber-attacks and quality lapses,” said Paul Anderson, Vice President of Engineering at GrammaTech. “With CodeSonar 4.1’s new features, developers can more easily identify bugs that are buried deep within complex code bases or hidden in third-party code.” 

CodeSonar is ideal for zero-defect tolerance embedded environments because it analyzes both source and binary code to identify serious security and quality liabilities that cause system crashes, memory corruption, data races, and other unexpected vulnerabilities. New technical advances in CodeSonar 4.1 include:

  • Deeper Tainted Data Analysis – GrammaTech has substantially increased the precision of its taint analysis capabilities, which includes new tainted buffer access and indirect function call checkers. Analyzing indirect function calls more precisely is invaluable in discovering serious security vulnerabilities such as the recent Heartbleed bug.
  • New Distributed Analysis – Through groundbreaking research at GrammaTech, funded by the Department of Homeland Security, CodeSonar now distributes static analysis processing across a large numbers of heterogeneous machines (such as Linux, Windows, and Unix simultaneously). This development has the potential to speed up the analysis phase in proportion to the number of processors in the analysis pool, and gives developers the flexibility to turn up the depth of their analysis to find more critical defects.
  • Binary support for x64 – As the only commercial static analysis tool with binary code analysis, the 4.1 release extends GrammaTech’s unique position as the binary analysis authority by adding the ability to analyze 64-bit Intel microprocessor code. As a result, more development teams will have access to GrammaTech’s binary analysis to ensure that their third-party code meets internal security and quality standards. Analyzing binary code alongside source code with CodeSonar has been shown to find 40% more defects than when source code alone was analyzed. (Programs tested were a mix of 75% source and 25% binary code.)

The rapid rise of third-party code has brought efficiency to development teams, but third-party binaries must also be rigorously tested if they are to stand up to security and quality standards. As the pressures and liabilities of software supply chain management (SSCM) continues to increase, embedded teams must investigate both source code and binaries to ensure consumer safety.

“Time-to-market pressures, increased adoption of standards-based technology, and the rise of system complexity will continue to drive the growth of third-party binary code use in embedded engineering organizations in the coming years,” said Andre Girard, Senior Analyst at VDC Research. “It will be critical for these organizations to utilize effective tools, such as the combination of static and binary analysis, to avoid the introduction of quality and security issues.”

To learn more about how GrammaTech’s CodeSonar accelerates, improves, and secures embedded software and both the source code and binary level, visit www.grammatech.com/codesonar.

About GrammaTech:

GrammaTech tools are used by software developers worldwide, spanning a myriad of embedded software industries including avionics, government, medical, military, industrial control, and other applications where reliability and security are paramount. Originally developed within Cornell University, GrammaTech is now a leading research center for software security and a commercial vendor of software-assurance tools and advanced cyber-security solutions. With both static and dynamic analysis tools that analyze source code as well as binary executables, GrammaTech continues to advance the science of superior software analysis, providing technology for developers to produce safer software. To learn more about GrammaTech, visit www.grammatech.com.

Leave a Reply

featured blogs
Taming Design Complexity in Chiplet-Based Automotive Electronics
Apr 23, 2024
The automotive industry's transformation from a primarily mechanical domain to a highly technological one is remarkable. Once considered mere vehicles, cars are now advanced computers on wheels, embodying the shift from roaring engines to the quiet hum of processors due ...
More from Cadence...
What You Need to Know About Gate-All-Around Designs
Apr 22, 2024
Learn what gate-all-around (GAA) transistors are, explore the switch from fin field-effect transistors (FinFETs), and see the impact on SoC design & EDA tools.The post What You Need to Know About Gate-All-Around Designs appeared first on Chip Design....
More from Synopsys...
One Robotic Step Closer to Humanoid Robots in the Home
Apr 18, 2024
Are you ready for a revolution in robotic technology (as opposed to a robotic revolution, of course)?...
More from Max's Cool Beans...

featured video

MaxLinear Integrates Analog & Digital Design in One Chip with Cadence 3D Solvers

Sponsored by Cadence Design Systems

MaxLinear has the unique capability of integrating analog and digital design on the same chip. Because of this, the team developed some interesting technology in the communication space. In the optical infrastructure domain, they created the first fully integrated 5nm CMOS PAM4 DSP. All their products solve critical communication and high-frequency analysis challenges.

Learn more about how MaxLinear is using Cadence’s Clarity 3D Solver and EMX Planar 3D Solver in their design process.

featured chalk talk

BMP585: Robust Barometric Pressure Sensor
Sponsored by Mouser Electronics and Bosch Sensortec
In this episode of Chalk Talk, Amelia Dalton and Dr. Thomas Block from Bosch Sensortec investigate the benefits of barometric pressure sensors for a variety of electronic designs. They examine how the ultra-low power consumption, excellent accuracy and suitability for use in harsh environments can make Bosch’s BMP585 barometric pressure sensors a great fit for your next design.
Click here for more information about the Bosch BMP585 Barometric Pressure Sensor
Oct 2, 2023
25,929 views