English
Building more secure embedded software with code coverage analysis
David and Mike Kleidermacher, Green Hills Software
embedded.com (September 18, 2013)
A comprehensive test regimen, including functional, regression, performance, and coverage testing, is one of the best mechanisms to assure that software is reliable and secure. Indeed, testing is an important component of many high-assurance development standards and guidance documents, such as that promulgated by the U.S. Food and Drug Administration.
In addition, two approaches to testing are almost always required to ensure security. First, all software within security-critical components must be covered by some form of functional test: white-box, black box, fault-based, error-based and stress.. Then coverage is verified using code coverage tools. Further, all security-critical software must be traceable to the software’s component requirements. Software that fails to trace back to a test and to a requirement is more likely to introduce latent security vulnerabilities.
|
E-mail This Article | 
|
|
Printer-Friendly Page |
|
||||||
Related Articles
- Five steps to reliable, low-cost, bug-free software with static code analysis
- Making source code analysis part of the software development process
- Design-Stage Analysis, Verification, and Optimization for Every Designer
- Optimizing embedded software for real-time multimedia processing
- Will Generative AI Help or Harm Embedded Software Developers?
New Articles
- Discover new Tessent UltraSight-V from Siemens EDA, and accelerate your RISC-V development.
- The Critical Factors of a High-performance Audio Codec - What Chip Designers Need to Know
- Density Management in Analog Layout Design: Addressing Issues and Ensuring Consistency
- Nexus: A Lightweight and Scalable Multi-Agent Framework for Complex Tasks Automation
- How the Ability to Manage Register Specifications Helps You Create More Competitive Products
Most Popular
- System Verilog Assertions Simplified
- System Verilog Macro: A Powerful Feature for Design Verification Projects
- Synthesis Methodology & Netlist Qualification
- Discover new Tessent UltraSight-V from Siemens EDA, and accelerate your RISC-V development.
- Understanding Logic Equivalence Check (LEC) Flow and Its Challenges and Proposed Solution