Top White Papers

Software security begins with flaw-free, standards-compliant code

Research shows that improving code security starts with developers.

Continue Reading Here

Security in practice: Creating bulletproof software

The ramifications of a security lapse are well known to business executives. Many of the largest brands in the world have paid a heavy price for failing to protect customer information.

Continue Reading Here

The business case for earlier software defect detection and compliance

Regardless of the industry your business operates in, software is likely all around it. Software powers our cars, airplanes, and even the medical devices we rely on to diagnose and treat illness...

Continue Reading Here

Reduce your open source security risk: Strategies, tactics, and tools

Open source software is here to stay but that doesn't mean that developers can use it without considering the vulnerabilities and security issues they may introduce into their development projects.

Continue Reading Here

White Papers

Fitting static code analysis into continuous integration

One of the hottest topics in DevOps is Continuous Integration (CI), a software development practice where members of a team integrate their new code frequently — perhaps multiple times per day. Each integration kicks off an automated build and test process to expose any defects and report status as quickly as possible.

Learn about the benefits of CI and how to maximize their impact on your software development practices.

Continue Reading Here

Top automotive security vulnerabilities

Trying to build connected automotive software that’s both bulletproof and secure is a big task; knowing where to focus time and energy can be half the challenge. According to research conducted by CX3 Marketing on behalf of Rogue Wave Software, nearly 90 percent of all detected security holes can be traced back to just ten types of vulnerabilities.

In this paper we’ll explore the ten most common vulnerabilities for 2015, with examples from actual source code, and look at what changes can be made to coding style or processes to avoid them.

Continue Reading Here

Prototype to production with IMSL Numerical Libraries

In the development of software that requires advanced math, statistics, or analytics, there is often a disconnect early in the development process. This occurs at the transition from algorithm selection and testing to the beginning of coding in the actual compiled language. We refer to this as the prototype to production transition.

To address the disconnect during prototype to production, we are presenting a method to run IMSL Numerical Libraries routines in R or Matlab. The goal is not to replace the algorithm developer’s tool of choice but to run a compiled version of the code in parallel. Pitfalls can be caught early, and data discrepancies can be resolved quickly by running the script version and compiled version side by side.
 

Continue Reading Here

Deterministically troubleshooting network distributed applications

Debugging is all about understanding what your software is really doing. Computers are unforgiving readers; they never pay attention to what you mean, and always insist on doing what the code says.

Debugging happens naturally when actively developing code and troubleshooting a problem. The same kind of investigation is also a great way to learn about programs that are working just fine. It pays to look closely at what programs are really doing when you re-introduce yourself to code that you wrote a long time ago, or when you try to understand a new bit of code that you encounter for the first time.

Continue Reading Here

Car cybersecurity: What do the automakers really think?

The Ponemon Institute recently conducted a cybersecurity survey sponsored by Rogue Wave Software and Security Innovation of over 500 automotive developers, engineers, and executives, primarily from automotive OEMs and tier one suppliers.

This paper analyzes the survey results, and provided new insights to help automotive software suppliers understand the current mindset of their developers and build security and safety into their software.
 

Continue Reading Here

Top 3 strategies to reduce risk in automotive / in-vehicle software development

Developing in-vehicle embedded applications is a safety, security, and quality challenge. Given that cars and trucks are increasingly connected to each other and to the devices around them, it’s becoming harder and harder to ensure that software is functional and free from risk. Development teams, especially the managers who are ultimately responsible, face incredible challenges when building such applications, and are learning that team members need to do more than just catch code defects during verification and validation testing. The new imperative: Identify and address security and compliance concerns earlier in the lifecycle, all while delivering innovative and differentiating features.

Continue Reading Here

Software as a process

Today’s software products are the result of many suppliers, vendors, open source repositories, and legacy code coming together in a mix of different processes, standards, and cultures. Each input offers a chance to introduce safety, security, or performance-related errors.

This paper explains the challenges of this polyglot environment and how strategies and tools proven in a number of industries can be applied to your organization to reduce defects, meet requirements, and minimize costs.

Continue Reading Here

Coding to standards and quality: supply-chain application development

The monolithic codebase is dead. Modern applications are built of code from a variety of sources including employees, partners, and contractors from different geographies, with different skill levels, and working on a number of platforms. Application development is a supply chain, with dependencies supported by a network of systems ranging from greenfield development to legacy integrations, and utilizing a patchwork of code from custom, open-source, and commercial third-party sources. Ensuring consistency, security, and standards in such an environment can be challenging, but is essential for maintaining reputation, relationships, and customers.

Continue Reading Here

Displaying results 1-10 (of 37)
 |<  < 1 - 2 - 3 - 4  >  >|