Webinar: How to avoid Safety Defects and Security Vulnerabilities in safety-critical systems
In recent years, security concerns have become more and more relevant for safety-critical systems, not least due to the increasing importance of highly-automated driving and pervasive connectivity. In general, safety and security goals can diverge or even conflict. However, under a code quality perspective, there is a significant overlap between safety and security goals.
Especially in safety-critical systems, automatic static and dynamic analysis tools offer a tremendous increase in productivity by automatically checking the code under a wide range of criteria. They can be applied to show compliance to coding guidelines, such as MISRA C/C++, ISO/TS 17961, CWE, etc and to comply to functional safety standards such as ISO 26262, IEC 61508 or IEC 62304. Sound static analyzers can demonstrate the absence of critical programming errors, including runtime errors and data races.Dynamic software testing ensures that the application behaves as intended in all imaginable situations and enables the determination of code coverage. By combining static and dynamic code analysis in a continuous testing process, it is possible to efficiently achieve sustainable quality, safety and security improvements.
In this webinar we will give an overview of safety- and security-relevant programming defects. We will show how static and dynamic code analysis can be applied to simultaneously address safety and security goals in a seamless test/analysis workflow.
Speakers are Daniel Kästner (AbsInt), Ingo Nickles (VECTOR), and Winfried Schröder (VECTOR).
