industry news
Subscribe Now

PRQA Introduces Enhanced Code Compliance Module To Improve Security of Automotive and Internet of Things Software at SAE World Congress April 12-14, 2016

Detroit, MI, April 11th, 2016 – PRQA, a leader and pioneer in automated software coding governance solutions for embedded application development, today announced updates to their CERT® C Compliance Module and source code analytics system atSAE 2016 World CongressApril 12-14 in Detroit, MI. Cobo Center booth 508 #SAECongress.

The Connected Car is one of the most visible examples of how the Internet of Things (IoT) has evolved. Also, it highlights the importance of security in a world that is increasingly dependent on software. As developers produce more and more software to power new IoT products, they introduce new risks and bring to market devices vulnerable to security attacks. Cutting-edge hackers are acutely aware that many of the security procedures and applications in use today have been designed to defend against attacks on personal computers, not mobile and embedded systems.

A majority of security vulnerabilities are a result of coding errors that go undetected in the development stage. Several recent studies have identified coding issues as the primary cause of exploitable security vulnerabilities. Carnegie Mellon’s Computer Emergency Response Team (CERT) found that 64% of vulnerabilities in the CERT National Vulnerability Database were the result of programming errors.

PRQA, a founding member of the MISRA C and C++ committees and noted in the industry for its MISRA compliance capabilities, which are used by major automotive OEMs and Tier 1 suppliers such as Robert Bosch, Valeo, TRW Automotive, Ford Motors, Visteon Corporation, Autoliv and Magna, is continually enhancing its security capabilities, including CERT® C compliance, to stay ahead of a rapidly evolving threat landscape.

“PRQA continues to improve our security capabilities because we understand the complexity, additional cost and burden of meeting the enormous security challenges that our Automotive and IoT customers today face,” said Paul Blundell, ’PRQA’s CEO. “With the PRQA static analysis platform, our customers can detect and correct critical software defects to ensure reliable, safe and secure software and build trust into connected devices in a cost effective and efficient manner to avoid security concerns and capitalize on the full potential of the exploding IoT markets.”

The enhanced CERT® C Compliance Module (CERTCCM) is designed to enforce compliance with the CERT® C coding standard in conjunction with the PRQA’s QA·C static analyzer. The analyzer can rapidly examine millions of lines of source code and can detect most of the statically enforceable conditions identified in the CERT® C guidelines (as well as many others). CERTCCM configures QA?C to identify issues that are specific to those guidelines, and provides a cross-reference between the standard QA?C warning message(s) and the corresponding CERT® C guideline.

Robert Seacord, founder of the Secure Coding Institute, commented: “PRQA’s QA·C analyzer is effective at discovering violations of The CERT® C Coding Standard that were not discovered through 20 years of testing or by other static analysis tools”. And he continues, “Overall, the QA·C analyzer is an effective tool for eliminating secure coding flaws that can easily lead to software vulnerabilities.”

With recently improved security capabilities, PRQA is now complementing MISRA compliance with CERT® C and CWE, enabling compliance enforcement that can be applied to both new and legacy code increasing code reusability and decreasing time to market.

With decades of software analysis innovation and expertise, PRQA has become the leader in source code analysis solutions for embedded software development. The company’s static analyzers, compliance modules, and management dashboards work together, as an easy to use enterprise-grade source code analytics system. This system enables organizations to test application code with unsurpassed depth and accuracy, enabling customers to manage global software development efforts and deliver reliable, safe and secure embedded software for everything from networking products and medical devices to railway systems, industrial automation, and the Internet of Things.

About PRQA

Detect, enforce and measure

Since 1985, PRQA has pioneered software coding governance in the automotive, aerospace, transport, finance, medical device and energy industries. Supporting both small start-ups and globally recognized brands, we provide sophisticated code analysis, robust defect detection and enforcement of both bespoke and industry coding standards through functional integrity and application security/safety.

PRQA’s industry-leading solutions, QA·C, QA·C++, QA·J and QA·C# offer the most meticulous static analysis of commonly used programming languages. Innovations such as multi-threading and resource analysis (MTR) complement this with refined multi-thread inspection of code streams.  Used locally or centrally deployed via the Quality Management System QA·Verify, we enable early find/fix at the desktop and on the server side complete control, visibility and history to the decision maker.

ISO 9001 and TickIT certified.

www.programmingresearch.com


Leave a Reply

featured blogs
Mar 29, 2024
By Mark Williams, Sr Software Engineering Group Director Translator: Masaru Yasukawa 差動アンプはã1つの入力信号ではなく2つの入力信号間の差にゲインをé...
Mar 26, 2024
Learn how GPU acceleration impacts digital chip design implementation, expanding beyond chip simulation to fulfill compute demands of the RTL-to-GDSII process.The post Can GPUs Accelerate Digital Design Implementation? appeared first on Chip Design....
Mar 21, 2024
The awesome thing about these machines is that you are limited only by your imagination, and I've got a GREAT imagination....

featured video

We are Altera. We are for the innovators.

Sponsored by Intel

Today we embark on an exciting journey as we transition to Altera, an Intel Company. In a world of endless opportunities and challenges, we are here to provide the flexibility needed by our ecosystem of customers and partners to pioneer and accelerate innovation. As we leap into the future, we are committed to providing easy-to-design and deploy leadership programmable solutions to innovators to unlock extraordinary possibilities for everyone on the planet.

To learn more about Altera visit: http://intel.com/altera

featured chalk talk

Achieving High Power Density with IGBT and SiC Power Modules
Sponsored by Mouser Electronics and Infineon
Recent trends in the inverter market have made high power density, scalability, and ease of assembly more important than ever before. In this episode of Chalk Talk, Amelia Dalton and Abraham Markose from Infineon examine how Easy & Econo power modules from Infineon can help solve common inverter design requirements. They explore the benefits and construction of these modules and how you can take advantage of them in your next design.
May 19, 2023
34,600 views