Updates to LDRA Tool Suite Address Immediate Requirements for Software Security Analysis and Vulnerability Identification
Enhanced Static and Dynamic Analysis with new Visual Reporting Ensure Early Detection and Correction of Software Security Issues
Embedded World, Nürnberg, Germany. Responding to software development customers in the automotive,aerospace, defense, medical, industrial automation, energy, and rail transportation sectors, LDRA, the leader in standards compliance, automated software verification, source code analysis and test tools, today delivered Version 10 of the LDRA tool suite which includes proven software security functionality.
Developed to address real-world concerns such as the hacking and takeover of system controls in automobiles, medical devices, unmanned aircraft, Version 10 of the LDRA tool suite adds a new set of static and dynamic analysis capabilities that detect, analyse and help eliminate software vulnerabilities in security-critical embedded applications.
“Recent proven software security breaches, such as the hacking and complete take over of a major automobile maker’s top selling model while it was being driven, not only put lives in danger but have caused significant upheaval in the software industry,” said Ian Hennell, operations director, LDRA. “We have put our 40 years of experience into developing a first of its kind dynamic solution that lets product developers find these software vulnerabilities quickly and fix them long before products come to market.”
Version 10 of the LDRA tool suite includes the following new capabilities:
Enhanced in-depth static security analysis
Graphical data and control flow visualisation
Automated dynamic component-based robustness testing
In addition to the new automatic and dynamic robustness testing features, the LDRA tool suite provides a process-centric view of security with links from requirement into and throughout the development workflow. Furthermore, LDRA continues to lead the industry with its support for security standards such as CERT C, CERT C++, and CWE, enabling its customers to comply with these standards and produce high assurance and secure software.
“No longer is a safety-critical system safe unless it is also secure,” said Phil Magney, Founder & Principal Advisor, Vision Systems Intelligence, LLC. “Today’s cars, especially those that rely on lots of sensors for active safety or autonomous control features, require production software code to be certified to the highest ASIL levels according to ISO 26262. This requires special tools for static and dynamic software security analysis as well as traceability. LDRA’s tools find software security flaws and can help prevent serious system breaches in products for the automobile industry and other security-critical markets.”
# # #
For more than forty years, LDRA has developed and driven the market for software that automates code analysis and software testing for safety-, mission-, security-, and business-critical markets. Working with clients to achieve early error identification and full compliance with industry standards, LDRA traces requirements through static and dynamic analysis to unit testing and verification for a wide variety of hardware and software platforms. Boasting a worldwide presence, LDRA is headquartered in the United Kingdom with subsidiaries in the United States and India coupled with an extensive distributor network. For more information on the LDRA tool suite, please visit www.ldra.com.