AvionicsCommercialDefenceLatest NewsTesting

LDRA Elevates Its DevSecOps-Ready Platform with Actionable Security Analysis & Reporting

New security-first capabilities—including extended taint analysis and vulnerability heat maps —help embedded developers remediate critical issues earlier in the lifecycle

LDRA, the leader in automated software verification, traceability and standards compliance, today announced the availability of four new security-first capabilities in the LDRA tool suite: security vulnerability reports, security audits, security reviews and taint analysis. Each capability digs deep into identifying and remediating critical security vulnerabilities that impact today’s complex and connected embedded software applications. Unlike other software verification, traceability and standards compliance tools, the LDRA tool suite simplifies analysis results using accessible user-experience techniques to help developers understand the results and integrate them into their DevSecOps processes.

New security-first capabilities—including extended taint analysis and vulnerability heat maps — help embedded developers remediate critical issues earlier in the lifecycle.

“Security vulnerabilities in mission-critical systems are just waiting to be exploited, but LDRA can help developers identify and remediate them before release,” said Ian Hennell, Operations Director, LDRA. “The latest features in the LDRA tool suite abstract away much of the noise and complexity of traditional analysis tools to give developers clear, understandable results. Spending less time on “analysis paralysis” enables embedded software teams to focus on early vulnerability remediation and faster compliance.”

Early vulnerability detection, easy-to-understand results

Understanding and prioritizing analysis results consumes more time and skills than development teams can afford, often leading to shortcuts that may compromise the security of embedded systems. The new capabilities of the LDRA tool suite improve analysis effectiveness and reduce developers’ workloads for critical systems in aerospace, defense, automotive, industrial controls and medical devices.

Combining security vulnerability reports, security audits, security reviews, and taint analysis gives embedded software teams powerful ways to identify vulnerabilities earlier in the lifecycle and support DevSecOps practices.

Development teams benefit from:

  • Improved breadth of and confidence in vulnerability analysis of critical embedded software.
  • Reduced time to remediation with security reporting, audits and heat maps that pinpoint vulnerabilities in code.
  • Deep visibility into component-level vulnerabilities, software complexity and memory allocation impacts.
  • Less time spent on compliance with automated CWE, MISRA, and CERT-C security reviews.

“LDRA has always been at the forefront of advanced analysis tools that ease developers’ workloads,” Hennell added. “The latest capabilities of the LDRA tool suite refine our approaches to analysis effectiveness and usability to help enterprise organizations improve their secure software development processes without additional overhead.”

About LDRA For more than 45 years, LDRA has developed and driven the market for software that automates code analysis and software testing for safety-, mission-, security-, and business-critical markets. Working with clients to achieve early error identification and elimination and full compliance with industry standards, LDRA traces requirements through static and dynamic analysis to unit testing and verification for a wide variety of hardware and software platforms. Boasting a worldwide presence, LDRA has headquarters in the United Kingdom, United States, Germany, and India coupled with an extensive distributor network. For more information on the LDRA tool suite, please visit www.ldra.com