Software tool suite achieves Homeland Security compatibility
ProductJune 22, 2011
In this age of Internet-connected everything, software becomes increasingly vulnerable to security breaches. However, the U.S. Department of Homeland Security's National Cyber Security Division and the nonprofit MITRE Corporation have created and manage the Common Weakness Enumeration (CWE) Compatibility achievement just earned by LDRA for LDRA?s tool suite.
In this age of Internet-connected everything, software becomes increasingly vulnerable to security breaches. However, the U.S. Department of Homeland Security’s National Cyber Security Division and the nonprofit MITRE Corporation have created and manage the Common Weakness Enumeration (CWE) Compatibility achievement just earned by LDRA for LDRA’s tool suite. CWE is an international-in-scope strategic initiative to identify and formally list core software weaknesses that lead to software security vulnerabilities. CWE also aims to create and foster automated tools capable of preventing, fixing, and identifying such software flaws; thus, LDRA’s tool suite – including its dynamic and static analysis tools, along with its TBvision and LDRA Testbed – falls into lockstep with this goal.
To achieve CWE compatibility, LDRA had to synch up the LDRA tool suite with CWE coding rules, which means that the LDRA tool suite can successfully document, reference, and ID the specified software code security weaknesses. Meanwhile, TBvision is an automated code test/analysis tool rendering software source-code transparency and providing monitoring of memory errors, quality metrics, test, and security vulnerabilities. Additionally, the LDRA Testbed serves as a software quality-control tool for verification/validation/test, rendering analyses applicable to further dynamic and static analysis.