Top White Papers

The business case for earlier software defect detection and compliance

Regardless of the industry your business operates in, software is likely all around it. Software powers our cars, airplanes, and even the medical devices we rely on to diagnose and treat illness...

Continue Reading Here

Reduce your open source security risk: Strategies, tactics, and tools

Open source software is here to stay but that doesn't mean that developers can use it without considering the vulnerabilities and security issues they may introduce into their development projects.

Continue Reading Here

A fast, scalable solution for solving the transportation problem

While the family of transportation problems can be solved by hand, at least for relatively small problems, the IMSL Library includes an algorithm that is fast and scalable.

Continue Reading Here

Prioritize defects faster with Klocwork SmartRank

The faster a bug is identified in code, the easier it is to fix. Klocwork SmartRank helps identify which issues to fix first.

Continue Reading Here

White Papers

Lessons learned: Using a static analysis tool within a continuous integration system

Static analysis tools are used for improving software quality and reliability. Since these tools can be time consuming when used for analysis of big codebases, they are normally run during scheduled (e.g. nightly) builds. However, the sooner a defect is found, the easier it is to fix efficiently.

In order to detect defects faster, some analysis tools offer an integration with the integrated development environment of the developers at the cost of not always detecting all the issues. To detect defects earlier and still provide a reliable solution, one could think of running an analysis tool at every build of a continuous integration system.

In this IEEE paper, we share the lessons learned during the integration of the static analysis tool Klocwork (that we are developing) with our continuous integration system. We think that the lessons learned will be beneficial for most companies developing safety-critical software (or less critical systems) that wish to run their analysis tool more often in their build system. We report these lessons learned along with examples of our successes and failures.

Continue Reading Here

Using IMSL C on relational data with SourcePro DB

SourcePro DB supports a wide variety of databases and can be used to retrieve, manipulate, and analyze data, including very large data, using the statistical analysis functions provided by the IMSL C Numerical Library.

This paper provides a code example that uses SourcePro DB to harvest data from a database, analyzes that data using IMSL C, and then updates the database with the processed data.

Continue Reading Here

Overcoming relational database limitations with NoSQL

​Relational databases are the workhorses of the modern database industry. They have limitations, however, when it comes to handling some types of data, in particular the large quantities of free-form data generated through mobile technology. NoSQL databases provide solutions for some of these problems but they introduce another problem in having no single query language that drives them.

This paper examines the problem, surveys the solutions, and answers the question of how to implement the solutions through a consistent API.

Continue Reading Here

Using Redis with SourcePro DB

SourcePro DB provides a unique feature to manage both relational and NoSQL data through the ODBC connection support allowing connections to industry-leading databases.

This paper describes how to connect and use with Redis, a NoSQL database specialized as a key-value, in-memory data structure store.

Continue Reading Here

Fitting static code analysis into continuous integration

One of the hottest topics in DevOps is Continuous Integration (CI), a software development practice where members of a team integrate their new code frequently — perhaps multiple times per day. Each integration kicks off an automated build and test process to expose any defects and report status as quickly as possible.

Learn about the benefits of CI and how to maximize their impact on your software development practices.

Continue Reading Here

Top automotive security vulnerabilities

Trying to build connected automotive software that’s both bulletproof and secure is a big task; knowing where to focus time and energy can be half the challenge. According to research conducted by CX3 Marketing on behalf of Rogue Wave Software, nearly 90 percent of all detected security holes can be traced back to just ten types of vulnerabilities.

In this paper we’ll explore the ten most common vulnerabilities for 2015, with examples from actual source code, and look at what changes can be made to coding style or processes to avoid them.

Continue Reading Here

Prototype to production with IMSL Numerical Libraries

In the development of software that requires advanced math, statistics, or analytics, there is often a disconnect early in the development process. This occurs at the transition from algorithm selection and testing to the beginning of coding in the actual compiled language. We refer to this as the prototype to production transition.

To address the disconnect during prototype to production, we are presenting a method to run IMSL Numerical Libraries routines in R or Matlab. The goal is not to replace the algorithm developer’s tool of choice but to run a compiled version of the code in parallel. Pitfalls can be caught early, and data discrepancies can be resolved quickly by running the script version and compiled version side by side.
 

Continue Reading Here

Deterministically troubleshooting network distributed applications

Debugging is all about understanding what your software is really doing. Computers are unforgiving readers; they never pay attention to what you mean, and always insist on doing what the code says.

Debugging happens naturally when actively developing code and troubleshooting a problem. The same kind of investigation is also a great way to learn about programs that are working just fine. It pays to look closely at what programs are really doing when you re-introduce yourself to code that you wrote a long time ago, or when you try to understand a new bit of code that you encounter for the first time.

Continue Reading Here

Car cybersecurity: What do the automakers really think?

The Ponemon Institute recently conducted a cybersecurity survey sponsored by Rogue Wave Software and Security Innovation of over 500 automotive developers, engineers, and executives, primarily from automotive OEMs and tier one suppliers.

This paper analyzes the survey results, and provided new insights to help automotive software suppliers understand the current mindset of their developers and build security and safety into their software.
 

Continue Reading Here

Displaying results 1-10 (of 44)
 |<  < 1 - 2 - 3 - 4 - 5  >  >|