Home > About Us > Markets > Security

Register

Security-Critical Software Development Process

The current political and economic environment has dictated that organisations engaged in the security industry are at the forefront of decision making for systems development managers in industries as varied as transportation, defense, financial, and energy.

The Software developed for these markets often requires systems to mitigate the risk of one component of the software affecting another. Often, these components operate at different security or trust levels, and the separation of these components must be assured.

LDRA has experience in the following areas:

• Supporting organisations with the IEC/ISO Common Criteria for Information Technology Security Evaluation
• Certification of security and safety-critical projects
• Providing the analysis and verification artifacts for certification authorities
• Certification for MILS architectures

Security Based Static Analysis

With the increased connectivity of software systems, there has been an increase in the number of software security attacks. Our society has become highly dependent on software applications in mission-, business-, and safety-critical systems.

Studies indicate that a majority of vulnerabilities in these systems can be traced back to a set of common programming errors. The CERT C standard aims to reduce these risks through software testing and analysis tools that identify these problems before they enter production code.

Static analysers such as the LDRA tool suite are used to discover difficult to find programming errors before run time when they may be more difficult or impossible to find.

LDRA has experience in the following areas:

• CERT C
• Memory and pointer runtime analysis

For more information

For more information on support for Security-Critical Software Development or Security Based Static Analysis with the LDRA tool suite please click here.