Rutul Dave, Coverity
Nearly half of all critical security leaks in embedded software are due to heap overflows. Stack-based buffer overflows account for a smaller percentage, but are exploited with the same technique to inject and execute unauthorized code or change execution flow. Instead of policing such attacks to manage security risk, a better approach is to use the strength of quality software development and code testing with static analysis to find and fix the underlying defects that lead to security vulnerability.
Static analysis testing has evolved into a best practice for eliminating overflows that compromise software security.
Contextual information is a valuable asset that enhances static code analysis in the quest for error-free software.