EEJournal

industry news
Subscribe Now
July 11, 2016

Synopsys Releases Coverity 8.5 Static Analysis Tool

MOUNTAIN VIEW, Calif., July 11, 2016 /PRNewswire/ —  

Highlights:

  • Introduces Coverity static analysis capabilities for Ruby and node.js web applications, as well as Android mobile applications
  • Expands Coverity security analysis to mitigate a wider range of security vulnerabilities
  • Adds full support for MISRA C 2012 coding guidelines used in automotive, medical device and other safety-critical industries
  • Enhances development lifecycle integration and reporting, including consolidated reporting functionality across several tools in the Software Integrity Platform
  • Adds localization in simplified Chinese to Coverity user interface and documentation

Synopsys, Inc. (Nasdaq:SNPS) today announced the version 8.5 release of Coverity®, the company’s industry-leading static analysis tool and one of the core components of its Software Integrity Platform. Coverity is an automated software testing tool that analyzes source code to detect critical security vulnerabilities and defects early in the software development lifecycle.

Coverity and the other tools in Synopsys’ Software Integrity Platform are used to facilitate “software signoff,” an integrated development and testing methodology that aims to ensure software quality and security. Pioneered by Synopsys to emulate the signoff concept used in integrated circuit (IC) design, software signoff involves a series of automated testing cycles at critical points throughout the software development lifecycle and software supply chain.

The Coverity 8.5 release includes several important updates to enhance its security analysis and reporting capabilities and extend its utility to a broader audience, including organizations developing web and mobile applications and software systems for vehicles and other safety-critical systems.

Enterprise Application Security Testing for Web Apps, Mobile Apps and More

Coverity 8.5 strengthens Synopsys’ offering to the enterprise market by adding analysis capabilities for Ruby and node.js, two increasingly popular programming languages used to develop web applications. The release also introduces foundational security analysis for Android mobile applications to address the growing concern around enterprise mobile security. In addition, this release enhances Coverity’s security-focused analysis for several supported programming languages to detect a wider range of vulnerabilities, including the OWASP Top 10, CWE/SANS Top 25 and more.

Enabling Safety and Security in Automotive Software

Coverity 8.5 also strengthens Synopsys’ offering for the automotive and other safety-critical industries by adding full coverage for MISRA C 2012, a widely adopted set of software development guidelines for facilitating code security and safety. This follows Synopsys’ May announcement ofCoverity’s ISO 26262 certification and further advances the company’s efforts to address vehicle security and safety in the midst of emerging industry trends such as connected cars and autonomous driving.

For more information, please refer to the Coverity product brief for MISRA C 2012 compliance

“Software vulnerabilities pose a serious threat to businesses across all industries, and whether you’re developing web apps for personal banking or an embedded system for a car, addressing bugs early in the development lifecycle with automated tools like Coverity is critical,” said Andreas Kuehlmann, senior vice president and general manager of Synopsys’ Software Integrity Group. “The Coverity 8.5 release increases the breadth and depth of the tool’s analysis capabilities to better serve the needs of enterprise application security market, as well as safety-critical industries like automotive that are facing constantly evolving security threats.”

The latest release also brings enhanced integration and reporting features to Coverity users, including updates and support for the latest IDE (integrated development environment) releases, and the introduction of a new “Software Integrity Report,” a dashboard-level report that aggregates software issues detected by Coverity and other tools in the Software Integrity Platform, including the Defensics® fuzz testing tool and ProtecodeSupply Chain software composition analysis tool.

To support its growing customer base and expand its software integrity business in Asia Pacific, Synopsys is now offering a localized version of Coverity 8.5 in simplified Chinese, including a localized user interface, reporting, IDE plugins and documentation.

About the Synopsys Software Integrity Platform

Through its Software Integrity Platform, Synopsys provides advanced solutions for improving software quality and security. This comprehensive platform of automated analysis and testing technologies integrates seamlessly into the software development process and enables organizations to detect and remediate quality defects, security vulnerabilities and compliance issues early in the software development lifecycle, as well as to gain security assurance with and visibility into their software supply chain.

About Synopsys

Synopsys, Inc. (Nasdaq:SNPS) is the Silicon to Software™ partner for innovative companies developing the electronic products and software applications we rely on every day. As the world’s 15th largest software company, Synopsys has a long history of being a global leader in electronic design automation (EDA) and semiconductor IP and is also growing its leadership in software quality and security solutions. Whether you’re a system-on-chip (SoC) designer creating advanced semiconductors, or a software developer writing applications that require the highest quality and security, Synopsys has the solutions needed to deliver innovative, high-quality, secure products. Learn more at www.synopsys.com.

Leave a Reply

featured blogs
How Synopsys IP and TSMC’s N12e Process are Driving AIoT
May 8, 2024
Learn how artificial intelligence of things (AIoT) applications at the edge rely on TSMC's N12e manufacturing processes and specialized semiconductor IP.The post How Synopsys IP and TSMC’s N12e Process are Driving AIoT appeared first on Chip Design....
More from Synopsys...
Captivating Component Art
May 2, 2024
I'm envisioning what one of these pieces would look like on the wall of my office. It would look awesome!...
More from Max's Cool Beans...

featured video

Introducing Altera® Agilex 5 FPGAs and SoCs

Sponsored by Intel

Learn about the Altera Agilex 5 FPGA Family for tomorrow’s edge intelligent applications.

To learn more about Agilex 5 visit: Agilex™ 5 FPGA and SoC FPGA Product Overview

featured paper

Achieve Greater Design Flexibility and Reduce Costs with Chiplets

Sponsored by Keysight

Chiplets are a new way to build a system-on-chips (SoCs) to improve yields and reduce costs. It partitions the chip into discrete elements and connects them with a standardized interface, enabling designers to meet performance, efficiency, power, size, and cost challenges in the 5 / 6G, artificial intelligence (AI), and virtual reality (VR) era. This white paper will discuss the shift to chiplet adoption and Keysight EDA's implementation of the communication standard (UCIe) into the Keysight Advanced Design System (ADS).

Dive into the technical details – download now.

featured chalk talk

Neutrik powerCON®: Twist and Latch Locking AC Power Connectors
Sponsored by Mouser Electronics and Neutrik
If your next design demands frequent connector mating and unmating and use in countries throughout the world, a twist and latch locking AC power connector would be a great addition to your system design. In this episode of Chalk Talk, Amelia Dalton and Fred Morgenstern from Neutrik explore the benefits of Neutrik's powerCON® AC power connectors, the electrical and environmental specifications included in this connector family, and why these connectors are a great fit for a variety of AV and industrial applications. 
Click here for more information about Neutrik powerCON® Blue/Gray Connectors
Nov 27, 2023
22,906 views