LOGIN | REGISTER NOW | SUBSCRIBE
 
Print

LDRA adds CERT C standard to test tools suite


By David Rubinstein


 David Rubinstein
Email
October 27, 2008 —  Test tool provider LDRA is now offering its TBrun unit test tool as a standalone product in an attempt to get more developers writing safety-critical applications for unit testing earlier in the development process.

The company also announced that its entire suite of test tools now supports the security-based CERT C Secure Coding Standard. The announcements were made today at the Embedded Systems Conference in Boston.

The company cited research that it said shows unit testing not being done early or often enough, preventing developers from catching errors and fixing them at a time when the cost is relatively low.

TBrun can do both unit and regression testing, and with a plug-in called TBeXtreme, can enable the creation of test cases and automate test process integration. TBrun can run on Linux, Unix and Windows, and it sells for US$10,000 per seat. The plug-in costs $2,000.

CERT C is a standard for secure coding created by the Carnegie Mellon Software Engineering Institute (CMSEI); version 1.0 was unveiled today at the SD Best Practices conference, also in Boston.

The CERT C standard, according to CMSEI, provides rules and recommendations for secure coding in the C programming language, and is designed to be operating system and platform neutral.

LDRA's TBsecure programming checker plugs in to TBvision, a tool that shows developers how software is performing against known security vulnerabilities, enabling development managers to see how the code measures up against established security metrics. Among the things it addresses are dynamic memory allocation, which can lead to vulnerabilities such as buffer overflows, and other coding practices such as out-of-range array indices and null pointer dereferencing. TBsecure costs $2,000.

LDRA positions its test suite as unique, as it has the ability to send the results of tests back to a requirements tool, so not only are code defects being identified earlier, but deviations from the requirements can also be spotted earlier in the development process, according to John Greenland, vice president of business development for LDRA.

"We see a focus on unit tests, or systems tests, or static analysis—compliance and runtime analysis. No one is tying it back to requirements," Greenland said. "With runtime defect analysis, they're trying to prove a program is error-free, not that it does what it was spec'd out to do. We're trying to prove the program is doing what it's expected to do."




Related Search Term(s): CERT C, security, testing, CMSEI, LDRA


Share this link: http://sdt.bz/33007
 
Most Read  Latest News  Resources
SAP unveils SAP HANA platform innovations for Big Data and spatial processing
Features include smart data access and expanded cloud deployment options
Alteryx raises $12 million to put Big Data analytics in the hands of all business analysts
Quest founder's firm, Toba Capital, selects Alteryx as its first analytics investment
Google I/O kicks off
Developers get new APIs and tools, and the Go language hits version 1.1
Jelastic launches new version of its Java and PHP hosting platform
Jelastic today announced the launch of a new version of its ultra-scalable cloud hosting platform
Digg!  Digg
Reddit  Reddit
Slashdot  Slashdot
Share on facebook  Facebook
Share on Twitter  Twitter


close
NEXT ARTICLE
LDRA improves testing suite
Updates to LDRA 7.7 include enhancements to the TBreq and TBvision tools. Editor configuration has also been improved, with the ability for the user to select a default source code editor added Read More...
 
 
 




News on Monday  more>>
Android Developer News  more>>
SharePoint Tech Report  more>>
Big Data TechReport  more>>

   
 
 

 


Download Current Issue
MAY 2013 PDF ISSUE

Need Back Issues?
DOWNLOAD HERE

Want to subscribe?