Trojan Source Code Vulnerabilities: No More with ECLAIR
A very recent paper presents a new type of attack: source code can be maliciously encoded so that compared to a compiler human readers will interpret it differently.
Compiler Warnings: Use Them, Don't Trust Them
Compiler warnings are useful, but they are highly unreliable. In addition, they are no substitute for language subsetting, as mandated by most functional safety standards and typically achieved by complying to the MISRA coding standards.
MISRA Compliance for Project Managers
MISRA Training Requirements
MISRA compliance is becoming a more stringent requirement in all industry sectors where critical systems are being developed. Developers and QA people need to receive appropriate MISRA training: this is well known and mandated by MISRA.
Requirement Traceability with All Substance and No Fuss
There is a popular quote in the software verification and validation community:
"Without a specification, a system cannot be right or wrong, it can only be surprising!"
(Paraphrased from W. D. Young, W. E. Boebert, and R. Y. Kain; "Proving a Computer System Secure", The Scientific Honeyweller 6(2), pp. 18-27, 1985.)
MISRA C/C++ and adopted code: 5 ingredients for success
Help! Are compiler defects bugging my code?
MISRA C in the medical sector: are you ready?
The European Medical Device Regulation (MDR) comes into force on 26 May 2021. While this is good news for public safety, it puts considerable extra pressure on medical device manufacturers. It also brings some new, perhaps not strictly medical, products into regulatory scope.
Static analysis: On-Prem or as SaaS?
MISRA compliance troubleshooting for project success
Celebrating 10 years of BUGSENG
Game-changing qualification services and tool features
This month, the BUGSENG team is launching a raft of new services and support for developers, QA and safety teams. We’ve designed them in response to feedback from our customers about the continual challenges you face balancing safety with available resources, budgets and project deadlines. Our new ECLAIR 3.9.0 release has three valuable new features to help you.
Driving smarter ECU consolidation
Engineers must provide evidence of how their software ensures freedom of interference, independence, and absence of interference.
New Webinar: Language subsetting and compiler qualification
Developing critical systems software in C saves time and money if you have proper language subsetting and compiler qualification.
BUGSENG’s ECLAIR static analyzer could save you its license fee in just one project
You probably know the expression ‘prevention is better than cure’. Nowhere is this truer than in developing safety critical software. We have seen enough accident investigations to know there are no upper limits to the potential costs that errors can incur
The ECLAIR static analysis tool boosts productivity and ROI
Managing software development projects is a tough job. You’re constantly juggling resources, deadlines, budgets and risk. It’s like running a small city.
What are the costs of false positives and false negatives?
False positives and false negatives are as dangerous in static analysis tools as they are in Covid-19 testing. False positives say you have a problem when you don’t. False negatives tell you everything is fine when it isn’t.
ECLAIR 3.7 launches with 3 new code analysis benefits
We initially created ECLAIR, our static code analysis tool, back in 2008. Our aim was, and still is, to help developers build better, more reliable systems. At the same time, we want to help managers ensure code safety, portability and reliability.
Register for our new FREE MISRA C/C++ and BARR-C webinars
BUGSENG have been running MISRA C/C++ workshops, seminars and presentations across Europe and India in recent years. As a result, we’ve had several requests for some of this learning and expertise to be translated to a webinar format. We’re delighted to announce we’ve done just that and will be running the first five webinars from March to June.
What does MISRA C/C++ compliance really involve?
Some organizations believe they can claim MISRA compliance for their software simply by buying any one of the many MISRA-checking tools on the market. That’s not the case. In fact, this approach is extremely risky.
Meet BUGSENG at Embedded World 2020
BUGSENG’s 2019 review and 2020 vision
Launching new products, speaking at international conferences, running training courses and publishing papers. It’s been an incredibly busy and successful year for BUGSENG. We asked CTO, Roberto Bagnara, to give us a brief round up of what’s been happening in 2019 and reveal some of BUGSENG’s plans for next year.
BUGSENG’s joint paper with Michael Barr
Roberto Bagnara and Dr Patricia Hill of BUGSENG are currently working on a joint paper with Michael Barr, a leading embedded systems software engineer and consultant. The paper discusses the relationship between BARR-C: 2018 and MISRA C: 2012. These are the two most widely used C coding standards and the paper details their parallel and serial adoption.
Three big BUGSENG announcements
We’ve been busy at BUGSENG recently and are now delighted to be able to share three exciting news stories.
Launch: ECLAIR Qualification Kits
Competition time: Test your C programming skills
When Lonely Planet asked travelers for their ‘lost in translation’ photos of signs and menus from around the world, they had over 1,000, often hilarious, responses. Even when communicating in natural languages and dialects, the potential for confusion is immense. We see a similar but more serious issue of confusion around the C programming language.
Meet one of the inspirations for BUGSENG’s success
Dr Patricia Hill (or Pat as she’s known around here) makes an unassuming hero. However, she’s been part of the BUGSENG journey since the start and her experience contributes to our success every day. Her career story is inspiring and exhausting in equal measure, so we persuaded her to pause and reflect on what she’s learnt so far.
Three safety critical software trends shaping industry
Why is MISRA C/C++ compliance great for business?
[Please read to the end for details of our free MISRA C workshop in Italy.]
Our philosophy: No shortcuts, no compromises, no excuses
Why can’t I use a Bug Finder tool for MISRA compliance?
Feeling overwhelmed by MISRA C compliance?
How can you avoid the C/C++ traps and pitfalls
Three headaches with MISRA compliance
