Hi [[ session.user.profile.firstName ]]

Achieving Industrial Functional Safety with IAR and GrammaTech

This broadcast reviews current functional safety standards including IEC61508, EN50128, ISO26262 and how to execute towards necessary safety requirements. IAR and GrammaTech discuss how security impacts safety, how to make sure you have security in the device and software development lifecycle levels, and ensuring you have the tools needed to follow the growing security standards.
Recorded Jan 20 2021 42 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Mark Hermeling, GrammaTech; Shawn Prestridge, IAR
Presentation preview: Achieving Industrial Functional Safety with IAR and GrammaTech

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Diving Into DevOps in 2021 Apr 13 2021 3:00 pm UTC 45 mins
    Vince Arneja, GrammaTech: Dan Beauregard, ZeroNorth, Asanka Abeysinghe, WSO2, Inc. Mary Grygleski, IBM
    Analysts are predicting that throughout 2021, we will continue to see the human element of DevOps shining through. Other predictions forecast that the role of AI and AIOps in DevOps teams will become more prominent and that DevOps will take a larger role in enterprise Digital Transformation efforts.

    As DevOps teams continue to grow and adapt to trends and changes that have emerged from the pandemic, it’s important to take a closer look at these changes and trends.

    Join this panel to learn what the emerging trends around DevOps are, and to hear best practices about how DevOps teams can continue to collaborate and thrive when dealing with new and increased pressures.
    Topics of discussion will include:
    - Key learnings DevOps team have experienced from the events of 2021
    - What the future for DevOps teams may look like, and how it can help businesses innovate
    - The most prominent trends impacting DevOps team and ways of working in 2021, from AIOps to new toolchains
    - And more
  • Safety and Security Critical Software: Start with the End in Mind Recorded: Feb 16 2021 67 mins
    Dr. Marcel Beemster, CTO of Solid Sands and Mark Hermeling, VP of Worldwide Sales @ GrammaTech
    Software development is hard work. Developing C or C++ software that has to be safe and secure is even more difficult. How do you ensure that your end-product behaves the way that you intend it to? As a first step, automated testing is really important. Though necessary, it is not sufficient as testing is limited by definition. There are other fault vectors to consider.



    The first line of defense in functional safety is typically your coding standard. These standards ensure that the team writes easy to understand, easy to maintain code. The next line of defense is dynamic testing, it checks whether the system behaves correctly, given a set of inputs. However, again, while necessary, this is not sufficient. There are often many paths through the system that your dynamic testing has not considered and that can lead to errors such as buffer overruns
or type overruns. These are hard to find problems and can lead to system failure.

    Static analysis is a technology that can help locate these types of errors early in the development cycle, thereby saving time and money.

 One more, sometimes overlooked, fault vector is the compiler: it is the one tool that is responsible for translating all of your source to the target processor. One error in this extremely complex tool can have an unpredictable effect on the application. 

    This is even more important in the age of DevSecOps in which code is always in a state ready to be released. You need to make sure you know that your compiler is up to the task. A compiler validation suite makes sure that you know how your compiler behaves. No compiler is perfect, that is why it is important to know about its weaknesses.

    

In this webinar Solid Sands and GrammaTech will cover these particular fault vectors and help you cover off these areas, which are often blind spots for software development teams.
  • Binaries - The Hidden Side of Software Composition Analysis (SCA) Recorded: Feb 4 2021 54 mins
    Sandy Carielli, Principal Analyst at Forrester & Vince Arneja, CPO at GrammaTech
    "The Hidden Side of Software Composition Analysis (SCA) – When Source Code is Unavailable"

    Many SCA solutions require source code for their bill-of-materials and vulnerability analysis. However, source code is not always available for much of the supply chain you use in your applications. This third-party content is often delivered as binaries and includes re-used open source or commercial components, many of which have known vulnerabilities that may be unknown to you. Getting a complete software bill-of-materials to fully understand your security exposure is becoming critical.

    In this on demand webinar:
    • Learn how these hidden vulnerabilities can cause major security headaches
    • Discover a new class of SCA products have emerged to meet this challenge
    • Hear success stories from GrammaTech and best practices from Forrester on how to implement binary SCA
  • Why Realizing Safe, Secure Software Requires Building on Strong Foundations Recorded: Jan 20 2021
    Mark Hermeling, GrammaTech
    The challenge of designing safe and secure software systems has never been greater. The emergence of increasingly complex cyber-physical systems, such as autonomous vehicles, demands that software be developed to the highest standards possible. Conventional software engineering practices are based on weak foundations that cannot deliver the basic rigor necessary to realize safe, secure systems.

    In this broadcast, learn how combining model driven analytical software development with static analysis provides the means to handle the increase in complexity and rapidly build robust, reliable and resilient cyber-physical systems based on strong foundations.
  • Combining SAST, Lean, Shift Left, DevSecOps Recorded: Jan 20 2021 45 mins
    Mark Hermeling, GrammaTech
    Wondering what you can do to maximize the efficiency of your software development teams? Watch our webinar to see how you can combine static analysis with concepts from Shift Left, Lean and DevSecOps to empower your software developers. We will look at more than ‘defect detection’ and focus on flexible workflows that allow developers to focus on their deliverables and integrate static analysis into their workflows without overhead.

    Whether you use GitHub, GitLab, raw git, SVN, RCS, ClearCase, TFS, Top, or any other tool, this broadcast will help you understand where static analysis fits in your workflow and how CodeSonar can be used to integrate into our CI/CD pipelines.

    The result: Better code quality, increased safety and security and satisfied developers.
  • Right Tool, Right Methodology: Developing Safety and Security Critical Systems Recorded: Jan 20 2021 46 mins
    Mark Hermeling, GrammaTech; Vince Hilderman, AFuzion
    Recently GrammaTech and AFuzion presented solutions to these questions:
    • Are you prepared enough in your knowledge of Safety-Critical or DO-178C to be “experts in the subject”?
    • Have you considered Cyber-Security/ DO-326A and its impact on your software?
    • Are you receiving RFPs that have a requirement to adhere to coding standards?
    • Are you currently doing manual peer review of code?
    • Does your static analysis check coding standards and detect bugs?
    • Do you need to analyze software of unknown provenance?

    GrammaTech’s CodeSonar for static analysis will help you find more defects in your code faster. AFuzion will show you the gaps in your Safety-Critical methodology and train you to harness the talent of your team - so you can get down to the business of releasing cutting-edge DoD-certified technology sooner, with peace of mind.
  • Tools to Perform a Security Review on Unknown Code with Imagix Recorded: Jan 20 2021 47 mins
    Mark Hermeling - GrammaTech, John Blattner - Imagix
    Performing a deep security review on third party code is hard. You typically receive a bunch of source code, no design documents, very little comments in the source code. Still, you have to do an assessment of the code and provide a risk score. Where do you get started?

    In this broadcast we show you how GrammaTech and Imagix can help. GrammaTech CodeSonar can perform deep static application security testing on the source code. The result is a set of warnings of things that may be risky. Still, to understand whether a problem, say a buffer overrun, is externally triggerable, you would need to understand the design of the application. This is where Imagix comes in, it can overlay the path of the static analysis warning over a design that is reverse engineered from the source code. And that is just one of the many tricks.
  • Functional Safety Certification with Exida and GrammaTech Recorded: Jan 20 2021 34 mins
    Mark Hermeling, Sr Dr of Worldwide Sales at GrammaTech; Dave Butler, Engineer at Exida; Ted Stewart, Program Dev at Exida
    At GrammaTech, we specialize in helping customers improve their software development processes. Many of our customers work with software that has to be certified to certain levels of functional safety, and we receive many questions on the ins-and-outs of functional safety. With our recent functional safety certification through Exida in IEC 61508, ISO 26262 and CENELEC EN 50128, we thought it would be beneficial to invite members of Exida's team to discuss the most frequently asked questions we receive.

    We hope this discussion will enlighten you and your team in how you approach functional safety and functional safety certification.
  • Achieving Industrial Functional Safety with IAR and GrammaTech Recorded: Jan 20 2021 42 mins
    Mark Hermeling, GrammaTech; Shawn Prestridge, IAR
    This broadcast reviews current functional safety standards including IEC61508, EN50128, ISO26262 and how to execute towards necessary safety requirements. IAR and GrammaTech discuss how security impacts safety, how to make sure you have security in the device and software development lifecycle levels, and ensuring you have the tools needed to follow the growing security standards.
  • A Demonstration on CodeSonar to Reduce Cost and Time in Software Development Recorded: Jan 20 2021 58 mins
    Mark Hermeling, Sr Director of Worldwide Sales; Matthew Tkac, Chief Engineer at CS Group
    Strong software development teams have a well-defined process and are supported by a strong tooling environment. CS Group USA and GrammaTech highlight in this webinar how CS Group’s LEAFS can be used in combination with GrammaTech’s CodeSonar to automate the process and help software developers efficiently deliver high quality code that needs to align to functional safety standards.

    View this webinar if you are building software that needs to adhere to functional safety standards and learn how you can further optimize your processes.
Improve Software Safety and Security
GrammaTech is a leading global provider of software analysis and testing solutions used by the world's most security conscious organizations to detect, measure, analyze and resolve security and safety vulnerabilities. The company is also a trusted cybersecurity research partner for the nation’s civil, defense, and intelligence communities.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Achieving Industrial Functional Safety with IAR and GrammaTech
  • Live at: Jan 20 2021 8:45 pm
  • Presented by: Mark Hermeling, GrammaTech; Shawn Prestridge, IAR
  • From:
Your email has been sent.
or close