industry news
Subscribe Now

Synopsys Collaborates with UL on New Cybersecurity Assurance Program

MOUNTAIN VIEW, Calif., April 5, 2016 /PRNewswire/ — Synopsys, Inc. (Nasdaq: SNPS) today announced that UL, a global safety science organization, has selected Synopsys’ software security testing tools for use in the newly launched UL Cybersecurity Assurance Program (CAP). The UL CAP is an international certification program that provides independent third-party security assessment of network?connectable devices in accordance UL 2900, a series of cybersecurity standards developed with input from a large group of stakeholders, including the U.S. Department of Homeland Security, Synopsys and other members of the security industry.

UL 2900 establishes a baseline of protection against known vulnerabilities, software weaknesses and malware, and provides a minimum set of security risk controls. UL is using security testing tools from Synopsys’ Software Integrity Platform to assess products and systems submitted into the CAP program against several requirements of UL 2900.

The White House recently recognized the UL CAP in the Cybersecurity National Action Plan as a key initiative in the coordinated effort between the Department of Homeland Security and the private sector to enhance the Nation’s critical infrastructure security and resilience.

“It is encouraging that UL, one of the most prominent safety science organizations in the world, is stepping up to help address cybersecurity challenges linked to the proliferation of connected devices,” said Andreas Kuehlmann, senior vice president and general manager of Synopsys’ Software Integrity Group. “We believe their decision to collaborate with Synopsys in the early stages of the Cybersecurity Assurance Program speaks volumes about their commitment to building a framework that demonstrates integrity and testing rigor.  This program is well-aligned with our platform of security testing solutions, and it amplifies the importance of ‘Software Signoff’ – a holistic and thorough methodology enabled by our platform for integrating security testing throughout the development lifecycle and software supply chain.”

“This collaboration and the launch of the UL CAP program are the culmination of the diligent efforts between UL, Synopsys and many other stakeholders during the past year,” said Mike Ahmadi, global director of critical systems security for Synopsys’ Software Integrity Group. “Using industry-leading tools and technology and building on existing industry standards and best practices, this program has the potential to have an immediate and meaningful impact on the security of connected devices across several safety- and mission-critical industries.”

UL will use Synopsys’ software testing tools to address the following components of the Cybersecurity Assurance Program:

  • Known Vulnerabilities and Exposures – Synopsys’ Protecode™ solution scans a product’s software executables and libraries for known vulnerabilities and exposures listed in the NIST National Vulnerability Database (NVD).
  • Software Weaknesses – Synopsys’ Coverity® static code analysis tool will be used on all source code that is made available to the laboratory by the product vendor, to look for software weaknesses as identified in the SANS Top 25 and OWASP Top 10.
  • Robustness Testing – Synopsys’ Defensics® solution, the fuzz testing tool used to discover the infamous Heartbleed vulnerability, tests all external interfaces and communication protocols of the product.

“Synopsys has been an invaluable contributor throughout the development and pilot phases of the UL Cybersecurity Assurance Program, and we will continue to collaborate with Synopsys to improve the program and its use of their tools,” said Rachna Stegall director, Connected Technologies, UL.

Through its Software Integrity Platform, Synopsys provides advanced solutions for improving the quality and security of software. This comprehensive platform of automated analysis and testing technologies integrates seamlessly into the software development process and enables organizations to detect and remediate quality defects, security vulnerabilities and compliance issues early in the software development lifecycle, as well as to gain security assurance with and visibility into their software supply chain.

To learn how Synopsys’ Software Integrity Platform can be used to prepare for CAP certification, please visithttp://www.synopsys.com/software/ul-cap-cybersecurity-assurance-program.

For more information about the UL Cybersecurity Assurance Program, please visit http://ul.com/cybersecurity/.

About Synopsys

Synopsys, Inc. (Nasdaq:SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As the world’s 16th largest software company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its leadership in software quality and security solutions. Whether you’re a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing applications that require the highest quality and security, Synopsys has the solutions needed to deliver innovative, high-quality, secure products. Learn more at www.synopsys.com.

Leave a Reply

featured blogs
Mar 28, 2024
'Move fast and break things,' a motto coined by Mark Zuckerberg, captures the ethos of Silicon Valley where creative disruption remakes the world through the invention of new technologies. From social media to autonomous cars, to generative AI, the disruptions have reverberat...
Mar 26, 2024
Learn how GPU acceleration impacts digital chip design implementation, expanding beyond chip simulation to fulfill compute demands of the RTL-to-GDSII process.The post Can GPUs Accelerate Digital Design Implementation? appeared first on Chip Design....
Mar 21, 2024
The awesome thing about these machines is that you are limited only by your imagination, and I've got a GREAT imagination....

featured video

We are Altera. We are for the innovators.

Sponsored by Intel

Today we embark on an exciting journey as we transition to Altera, an Intel Company. In a world of endless opportunities and challenges, we are here to provide the flexibility needed by our ecosystem of customers and partners to pioneer and accelerate innovation. As we leap into the future, we are committed to providing easy-to-design and deploy leadership programmable solutions to innovators to unlock extraordinary possibilities for everyone on the planet.

To learn more about Altera visit: http://intel.com/altera

featured chalk talk

Neutrik powerCON®: Twist and Latch Locking AC Power Connectors
Sponsored by Mouser Electronics and Neutrik
If your next design demands frequent connector mating and unmating and use in countries throughout the world, a twist and latch locking AC power connector would be a great addition to your system design. In this episode of Chalk Talk, Amelia Dalton and Fred Morgenstern from Neutrik explore the benefits of Neutrik's powerCON® AC power connectors, the electrical and environmental specifications included in this connector family, and why these connectors are a great fit for a variety of AV and industrial applications. 
Nov 27, 2023
16,245 views