News

GrammaTech’s David Melski in Embedded Computing Design

Posted on

by

David Melski’s article “Improving reliability and security by analyzing executables” was published today in Embedded Computing Design. An excerpt appears below, with a link to the full article.

Improving reliability and security by analyzing executables

By David Melski

[…]

For organizations developing security or high reliability applications, the inability to assess the quality of third-party components is a significant problem. It is not surprising that one of the earliest proponents of developing better technology for analyzing executables was the National Security Agency, which in 2004 publicly emphasized the importance of tools that analyze binaries[13]. Of particular concern is software used in the nation’s critical infrastructure, such as emergency preparedness communications and power plants.

Machine code analysis offers a way to assess third-party code, even when the source is unavailable. The ability to detect defects, vulnerabilities, and intentionally inserted malicious code allows users to regain some control in determining if a piece of software meets their acceptance criteria. Users need not blindly trust the software producer.

[…]

Click here to see the full article on the Embedded Computing Design website

About GrammaTech:
GrammaTech’s static-analysis tools are used worldwide by startups, Fortune 500 companies, educational institutions, and government agencies. The staff includes fourteen researchers with PhDs in programming languages and program analysis.

Book a Demo

We’re ready to help you integrate SAST and SCA security into your DevSecOps flow. Get a personally guided tour of our solution offerings to ensure you are receiving the right solution for your development team. 

book now