TrustInSoft announced an Application Security Test (AST) specifically designed to mathematically guarantee bug-free code in embedded Internet of Things (IoT) devices.
This AST for IoT is based on TrustInSoft’s Analyzer to provide the equivalent of static and dynamic code analysis of C/C++ source code using Formal Methods testing to guarantee the absence of undefined source code behaviors.
Security testing is critical to bring reliable IoT systems to market. However, traditional static and dynamic analysis methods are slowing deployment because testing is replicated for each process.
Formal Methods testing speeds up the process by producing a mathematical twin of C/C++ source code to prove the absence of source code bugs for any input. Customers who use TrustInSoft’s Analyzer with Formal Methods for embedded software testing can decrease IoT device rollout times by reducing bug detection time up to 40X and decreasing code verification time by 4X.
This is good news for software and software infrastructure vendors looking to be compliant with the new guidelines published by the Biden Administration, intended for technology companies to help mitigate the growing threat of cyberinfrastructure intrusions from hostile actors.
Recent high-profile cyber-attacks in key industries have caused the White House to issue this guidance, with direct implications for any vendor of software and software infrastructures. This statement explicitly outlines that vendors should invest and implement automated tools to check for vulnerabilities in their source code products, as part of the “minimum standards for vendors’ testing of their software source code”.
TrustInSoft provides fast and efficient compliance to these regulations and ensures your IoT products do not become a vector for cyber intrusions.
“Life is never error-free but your source code can be,” said Fabrice Derepas, Founder and CEO of TrustInSoft. “A bug found after release can cost up to 640 times more than when found in development. Formal Methods testing is the most direct way to check for vulnerabilities in embedded IoT devices during development, instead of fixing costly errors after deployment.”
from Help Net Security https://ift.tt/3y9dI8a
0 comments:
Post a Comment