Secure Coding Software Certification

In today’s connected economy, more and more systems are controlled by software-based systems. These systems provide functions ranging from basic to highly sophisticated, from applications such as basic servo actuation in a public water delivery system to crash avoidance systems in the latest generation of automobiles to robotic surgery systems.

Given these increased needs, demands, and their associated safety and security requirements, many industry vertical applications have created development best practices, guidelines, and certification processes. Today, several secure coding standards have been adopted by various industries, including the following: DO-178B/C (Aerospace), IEC 61508 and IEC 62443 (Industry / Energy), ISO 26262 (Automotive), and IEC 62304 (Medical).

Central to each of these secure coding standards is the security, risk, and safety of software. The risk is a function of frequency (or likelihood) of the hazardous event and the event consequence severity. The risk is reduced to a tolerable level by applying secure coding best practices, the elimination of defects/warnings that can increase likelihood, and safety functions which may consist of E/E/PES and/or other technologies.

Screen_Shot_2022-03-04_at_12.42.24_PM.png

Static analysis is a crucial capability in supporting all standards. Static analysis simplifies the enforcement of coding standards across teams, improving the overall compliance for a required certification standard and quality of the code. GrammaTech helps teams:

GrammaTech’s Software Certification solution helps your team meet the most rigorous safety and security requirements.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.

Articles in this section

See more
GrammaTech Resource Library
Welcome to GrammaTech's resource library. Here you will find useful information about software development in the IoT era, where devices must not only function with impeccable quality and safety but also remain resilient to cyber attacks.
Shift Left Academy
Shift Left Academy is an educational resource to help implement a security first approach. Shift Left focuses on finding and preventing defects and security vulnerabilities early in the software development process
Blog
Posts by topic including static analysis, software assurance, and binary analysis