editor's blog
Subscribe Now

Protecode Takes on Security

Protecode issued a new release of their tools the other day, and in this release they appear to have stepped beyond a strict focus on licensing: now they’re looking at security issues as well.

There are other companies with thorough analysis programs that focus on security and safety, so I wondered whether Protecode was either trying to duplicate those tools and methods or perhaps was partnering with one of them.

Turns out it’s neither of those two choices. Instead, they extend their license-checking methodology to security. The way they work for license review is to scan the code and match code snippets (or signatures of snippets) against a database of known code, from which they can find the license characteristics of that code. Now they do the same thing with respect to databases containing known security vulnerabilities.

It’s not clear that this makes more thorough analysis unnecessary, and, as far as I can tell, there’s no certification of any kind that comes out of it. It has something of an opportunistic, “While you’re checking, could you also look at security?” feel.

More details in their release

Leave a Reply

featured blogs
Jul 22, 2019
MediaTek recently gave the new Spectre X Simulator a try, and they talked about their experiences with it at DAC 2019 in a presentation given by YY Chen in the Cadence Theater. Spoiler alert: they... [[ Click on the title to access the full blog on the Cadence Community site...
Jan 25, 2019
Let'€™s face it: We'€™re addicted to SRAM. It'€™s big, it'€™s power-hungry, but it'€™s fast. And no matter how much we complain about it, we still use it. Because we don'€™t have anything better in the mainstream yet. We'€™ve looked at attempts to improve conven...