News

Paul Anderson Published in Embedded Intel Solutions

Posted on

by

“Analyze x86 Executables to Improve Software Quality” by Paul Anderson was published today in Embedded Intel Solutions. An excerpt appears below, with a link to the full article.

Analyze x86 Executables to Improve Software Quality

By Paul Anderson

[…]

The disadvantage of source-only analyses is that it’s very rare that all of the source code for an application is available. Almost all applications link with third-party libraries including operating- system libraries. A source-code analysis tool is blind to any non-source components.[…] Even in cases where the source code is available, it’s helpful to analyze the object code instead. After all, computers don’t execute source code. They execute machine code. There may be subtle yet important differences between the apparent semantics of source code and the semantics of the machine code to which it’s compiled. This is known as the What You See Is Not What You eXecute (WYSINWYX) effect [1].

[…]

Click here to see the article on the Embedded Intel Solutions website.

About GrammaTech:
GrammaTech’s static-analysis tools are used worldwide by startups, Fortune 500 companies, educational institutions, and government agencies. The staff includes fourteen researchers with PhDs in programming languages and program analysis.

Book a Demo

We’re ready to help you integrate SAST and SCA security into your DevSecOps flow. Get a personally guided tour of our solution offerings to ensure you are receiving the right solution for your development team. 

book now