Wirral, UK. – April 27, 2016 – With increased connectivity of applications and devices, OEMS in the automotive,aerospace, defense, medical, industrial automation, energy, and rail transportation sectors are demanding new assurance that software has been developed to the highest security standards. To help customers guard against new risks and create safe and secure code, LDRA has integrated comprehensive support of the new security-focused rules announced today by MISRA into LDRA’s MISRA coding standards compliance offerings. With this immediate availability, LDRA continues to lead the industry in standards compliance, automated software verification, source code analysis, and test tools.
MISRA Adds 14 New Security Guidelines to Help Eliminate Software Vulnerabilities
MISRA C guidelines define a subset of the C language suitable for developing any application with high-integrity or high-reliability requirements. Originally designed to promote the use of the C language in safety-critical embedded applications within the automotive industry, MISRA guidelines have now gained widespread acceptance for safety-, life-, and mission-critical applications in a wide range of industries.
As the connectivity of safety-critical and IoT systems elevates the security risk of embedded devices, MISRA today published new documents to address these risks. MISRA C:2012 Addendum 2 maps the coverage of MISRA C:2012 against ISO/IEC TS 17961:2013 “C Secure” rules and justifies the viewpoint that MISRA C is equally applicable in a security-related environment as it is in a safety-related one. MISRA C:2012 Amendment 1 defines fourteen additional MISRA security rules that will help developers avoid coding practices that can introduce security vulnerabilities and to write code that is more understandable and maintainable.
LDRA Immediately Offers the Most Comprehensive MISRA Coding Standards Compliance
LDRA’s MISRA compliance checking tools give developers immediate and comprehensive coverage of both documents. This not only offers the most comprehensive adoption of the MISRA C:2012 standard, but also—thanks to integration within the LDRA tool suite—enables customers to check against other security or safety standards, such as CWE, Cert, and industry-specific standards. Developers also gain advantages by automating their coding standards compliance within their overall software analysis and testing process.
As developers add features to their products, constrained budgets and schedules can easily make software the weak link for malicious entities to gain access to sensitive data and take over systems. By following the additional, just-announced MISRA guidelines, developers can more thoroughly analyze their code and can assure regulatory authorities that they followed safe and secure coding practices. For customers in especially critical industries such as automotive, security threats have led OEMs to establish stringent requirements for developers to prove that their software meets the highest standards for security as well as safety.
“The risk of malicious take-over by hackers has surged as devices that were not originally designed to be connected have been added to the Internet by companies seeking increased productivity and functionality in their systems,” noted Ian Hennell, operations director, LDRA. “If security isn’t designed into the product from the beginning, there is a much higher risk of a breach after the product has launched. LDRA is committed to making sure our customers have automated tools that help them develop high-quality software using best practices and coding rules that are designed to protect the safety—and security—of OEMs and end users.”
LDRA Continues Industry Leadership; Offers Webinars to Explain Changes and Approaches to Safe and Secure Coding
LDRA has demonstrated long-standing leadership in the development and support of safety- and security-critical industry standards, with LDRA representatives comprising four of the 11 positions on the MISRA C committee. LDRA’s Chris Tapp, chairman of the MISRA C++ Working Group, member of the MISRA C Working Group, and one of the authors of MISRA C:2012 Amendment 1, will present a webinar to explain the changes and advantages of the latest MISRA version.
Additionally, LDRA offers webinars to help developers walk through the steps they need to take to check their software for potential security risks: “Protect the Weak Link in Embedded Systems with New MISRA C Security Guidelines” will be held on May 19, 2016.
You can register at:
Webinar 1 – 9am BST, 10am EST, 1.30pm IST
Webinar 2 – 5pm BST, 12 noon EST, 9am PST
About LDRA
For more than forty years, LDRA has developed and driven the market for software that automates code analysis and software testing for safety-, mission-, security-, and business-critical markets. Working with clients to achieve early error identification and full compliance with industry standards, LDRA traces requirements through static and dynamic analysis to unit testing and verification for a wide variety of hardware and software platforms. Boasting a worldwide presence, LDRA is headquartered in the United Kingdom with subsidiaries in the United States and India coupled with an extensive distributor network. For more information on the LDRA tool suite, please visit www.ldra.com.
