LDRA at embedded world: simplify software verification activities

LDRAvault enhances the management of certification endeavours by automatically compiling reports and outcomes from the LDRA tool suite across a certification project team and over the project's lifespan. This includes stages such as code reviews, code coverage analysis, and unit testing. It produces visual representations of verification outcomes and trends, while also automatically preserving snapshots of the project and milestones as defined by the user. The visualisations provided by LDRAvault aid project and engineering management in making well-informed choices to minimise costs and reduce time to market.

Within the embedded market, the call for greater transparency and visibility in software development and verification workflows is intensifying, especially given the evolving nature of certification and regulatory requirements. Historically, gathering and examining verification data from various teams has been challenging, as developers seek to enhance the overall quality of organisational software via process enhancements. With the industry progressively embracing continuous integration and continuous delivery/deployment (CI/CD), LDRAvault's automated information aggregation facilitates these processes by providing immediate, current access to comprehensive software quality analysis and verification outcomes across multiple projects and team members.

“The last thing critical software teams want is to spend time searching for and analysing verification and validation artifacts when release schedules and compliance signoffs are on the line,” said Ian Hennell, Operations Director, LDRA. “The LDRAvault web application accelerates certification by sharing all the insights managers need to make informed decisions, such as progress against project milestones, with snapshots and trends from one central accessible interface.”

LDRAvault capitalises on the capabilities of the LDRA tool suite, encompassing static and dynamic analysis, unit/system testing, and reporting, to create visualisations like heat maps and trend graphs. These allow users to delve into and tackle the underlying causes of potential critical software issues. Trend graphs further illustrate the progression of an organisation in its verification and validation efforts throughout the development lifecycle. All sectors within the embedded market, including aerospace and defence, automotive, industrial controls, energy, and medical devices, can utilise this feature for immediate access to comprehensive software quality analysis and verification outcomes. LDRAvault ultimately aids organisations in reducing the costs, time, and risks associated with managing their certification artefacts and their verification and validation processes.

Four new security first capabilities

LDRA also announced at the show the availability of four new security-first capabilities in the LDRA tool suite: security vulnerability reports, security audits, security reviews and taint analysis.

Each capability thoroughly investigates and addresses critical security vulnerabilities affecting the intricate and interconnected embedded software applications of today. In contrast to other software verification tools, which focus on traceability and standards compliance, the LDRA tool suite streamlines the analysis outcomes through user-friendly experience techniques. This approach assists developers in comprehending the findings and incorporating them into their DevSecOps procedures.

Development teams benefit from:

• Improved breadth of and confidence in vulnerability analysis of critical embedded software
• Reduced time to remediation with security reporting, audits and heat maps that pinpoint vulnerabilities in code
• Deep visibility into component-level vulnerabilities, software complexity and memory allocation impacts
• Less time spent on compliance with automated CWE, MISRA, and CERT-C security reviews

Productivity packages

LDRA has introduced industry-specific software productivity packages for its tool suite, streamlining the workflow for functional safety and security standards across various embedded sectors, including aerospace and defence, automotive, industrial controls, rail transportation, energy, consumer devices, and medical devices. These packages simplify the workflow by replacing the expense and complexity associated with operating multiple traceability, software analysis, and compliance reporting solutions with a single, cohesive process.

Each productivity package provides a tailored set of tool capabilities that align with the specific certification standards of various industries. These packages are designed to offer value that is particular to each industry, guaranteeing quality, functional safety, and security compliance. They also provide clients of any size the flexibility to select a package that precisely meets their unique requirements.

The LDRA productivity packages encompass a wide range of capabilities, from static and dynamic analysis with unit and integration testing to comprehensive compliance reporting for specific industry standards and assurance levels. At the core of each package are functional safety and security, incorporating features like coding standards compliance, security assessments, automatic test case generation and execution, artifact creation, and compliance reporting. Additionally, these packages are complemented with add-in products designed to meet the distinct needs of each industry, application, and integration requirement.