Resources

Welcome to GrammaTech's resource library. Here you will find useful information about software development in the IoT era, where devices must not only function with impeccable quality and safety but also remain resilient to cyber attacks.

Datasheets

CodeSonar

» View datasheet

CodeSonar for Binaries

» View datasheet

CodeSonar for Java

» View datasheet

Case Studies

Micrel Medical

When it came time to choose a static analysis tool, Micrel chose CodeSonar, impressed by CodeSonar's accuracy and quality of defect identification compared to the competition.

» Read more

Crank Software

To enhance quality and security, Crank's teams are now using CodeSonar to more efficiently find and fix quality and security issues within their code.

» Read more

Sypris Electronics

Extensibility was a key reason Sypris adopted CodeSonar – it can easily be configured or customized to enforce specific or unusual coding policies required.

» Read more


NASA

To boost the reliability of the Curiosity Mars rover, NASA used advanced static analysis from GrammaTech.

» Read more

FDA

The FDA recommends the use of static analysis tools to help manufacturers eliminate software defects during development. The FDA itself also uses CodeSonar to test medical devices.

» Read more

Boston Scientific

One of the world's largest medical device companies, Boston Scientific thought no automated tool provided the checks they needed until they started working with CodeSonar.

» Read more


Bay Computer Associates

Bay Computer adopted CodeSonar because it could be configured easily to fit the company's workflow and had a strong reputation in the medical device industry.

» Read more

Vivante

Vivante's integration of CodeSonar into their test and QA process help them maintain the highest standard of quality while maximizing developer efficiency to solve code problems.

» Read more

Critical Link

Critical Link uses CodeSonar for the automated static analysis component of their company-wide quality control processes.

» Read more


Harvard Apparatus

Harvard adopted CodeSonar after finding that it found more real issues than other automated tools and returned information in a way that made it easy to locate and fix problems.

» Read more

NASA

CodeSonar is used to improve software quality for human spaceflight, space science, and earth science missions that depend on NASA's satellite telecommunications network.

» Read more

Allworx

Allworx uses CodeSonar to improve system reliability and stability in VoIP phone systems.

» Read more

Whitepapers

The Role of Static Analysis in Management of Cybersecurity in Medical Devices

This paper describes how static analysis plays a key role in risk management of medical device software development.

» Read more

Making Safety-Critical Software Development Affordable with Static Analysis

With the growing reliance on software, the code size for safety-critical software has skyrocketed. This paper describes how to use static analysis tools to tackle the growing software affordability concern.

» Read more

Addressing IoT's Impact on Software Engineering

This paper discusses IoT development best practices and will help you understand how CodeSonar can help protect your company from IoT security risks.

» Read more


Measuring the Value of Static Analysis Tool Deployments

This paper presents a model for computing the value of using a static analysis tool. Using inputs such as engineering effort, the cost of an exploited security vulnerability, and some easily-measured tool properties, the model allows users to make rational decisions about how best to deploy static analysis.

» Read more

Reduce Automotive Software Failures with Static Analysis

This paper describes how to produce reliable safety-critical automotive software, using static analysis to find important defects that are missed during other V&V activities.

» Read more

A Four-Step Guide to Security Assurance for IoT Devices

How do device software processes evolve to better protect our next-generation IoT devices? This paper describes a four-step plan that includes next-generation software assurance and a "security-first" methodology.

» Read more


Protecting Against Tainted Data in Embedded Applications with Static Analysis

This paper describes how a static analysis technique called taint analysis can be used to find how potentially hazardous inputs can flow through a program to reach sensitive parts of code, empowering developers to identify and eliminate these dangerous vulnerabilities effectively.

» Read more

Eliminating Vulnerabilities in Third-Party Code with Binary Analysis

This paper describes how to use binary analysis to inspect your third-party code for security vulnerabilities and other errors.

» Read more

How Static Analysis Protects Critical Infrastructure from Cyber Threats

This paper will help developers of embedded and IoT systems learn how to build-in security and safeguards that are resistant to human error, natural disaster, and cyber attacks.

» Read more


Finding Concurrency Errors with GrammaTech Static Analysis

This paper describes some common concurrency pitfalls and explains how static analysis with CodeSonar can help find such defects without executing the program.

» Read more

How to Avoid Common Pitfalls in MISRA Compliance

This whitepaper describes how to use the MISRA C:2012 standard to reduce the risks of the C programming language by prohibiting the more unsafe practices used in programming with it.

» Read more

Software Quality and Security Challenges Growing from Rapid Rise of Third-Party Code

In this whitepaper, VDC Research reports on how accelerating the pace of development requires greater use of outside code resources, such as third-party code, which show promise but can inject additional risk of quality and security issues.

» Read more


Embedded Software Design: Best Practices for Static Analysis Tools

This paper reviews a number of growing complexities that embedded software development teams are facing, including the proliferation of third-party code, increased pressures to develop secure code, and the challenges of multi-threaded applications.

» Read more

Conquering Complex Java Concurrency Bugs with CodeSonar

This whitepaper describes the most detrimental concurrency bugs in Java, and addresses how to identify and eliminate these bugs using CodeSonar.

» Read more

Detecting Domain-Specific Coding Errors with Static Analysis

This paper describes how custom domain-specific checkers can be used to improve software quality in complex embedded systems.

» Read more


How CodeSonar Compares to PC-Lint (and similar tools)

Early generation static analysis tools like PC-lint are now primitive, as advanced tools like CodeSonar vastly outperform them. This paper describes the key differences.

» Read more

Advanced Driver Assistance Systems (ADAS), Safety, and Static Analysis

This paper discusses the role of static analysis tools within the development of an ADAS system, including the return on investment (ROI) for adopting them.

» Read more

New Approaches Needed for Medical Device Software Development

This paper discusses how to manage the evolving software supply chain risks in patient-critical systems, an increasingly critical part of medical device software development.

» Read more

Videos

Narrow-Solution Static Analysis Tools vs. CodeSonar

Static analysis tools range widely in scope.

» Watch the video

An Interview with GrammaTech's David Hauck

» Watch the video

Team TECHx: DARPA's Cyber Grand Challenge

» Watch the video


Software Assurance and Software Hardening

Source code analysis, binary code analysis, tainted data analysis, sophisticated multicore analyses, and more.

» Watch the video

Five Minutes with GrammaTech CEO, Tim Teitelbaum

Embedded Computing Design interviews Teitelbaum about participation in DARPA's Cyber Grand Challenge.

» Watch the video

What is Autonomic Computing?

» Watch the video


How Does CodeSonar Find More Real Bugs?

GrammaTech VP of Engineering Paul Anderson discusses CodeSonar's advanced static analysis engine.

» Watch the video

Performing a Security Audit with CodeSonar

» Watch the video

Don't leave your device software open to failure

» Watch the video


CodeSonar for Binaries

» Watch the video

CodeSonar for Java

» Watch the video

Software Visualization

» Watch the video


CodeSonar Overview

» Watch the video


More bugs found. More lives saved. More hacks prevented.

Begin Your Free Trial