Top White Papers

The business case for earlier software defect detection and compliance

Regardless of the industry your business operates in, software is likely all around it. Software powers our cars, airplanes, and even the medical devices we rely on to diagnose and treat illness...

Continue Reading Here

Software security begins with flaw-free, standards-compliant code

Research shows that improving code security starts with developers.

Continue Reading Here

Security in practice: Creating bulletproof software

The ramifications of a security lapse are well known to business executives. Many of the largest brands in the world have paid a heavy price for failing to protect customer information.

Continue Reading Here

Defend against injection attacks

This paper explores the risk of injection attacks, how to prevent these vulnerabilities in your software, and how static code analysis can help.

Continue Reading Here

White Papers

Prototype to production with IMSL Numerical Libraries

In the development of software that requires advanced math, statistics, or analytics, there is often a disconnect early in the development process. This occurs at the transition from algorithm selection and testing to the beginning of coding in the actual compiled language. We refer to this as the prototype to production transition.

To address the disconnect during prototype to production, we are presenting a method to run IMSL Numerical Libraries routines in R or Matlab. The goal is not to replace the algorithm developer’s tool of choice but to run a compiled version of the code in parallel. Pitfalls can be caught early, and data discrepancies can be resolved quickly by running the script version and compiled version side by side.

Continue Reading Here

Deterministically troubleshooting network distributed applications

Debugging is all about understanding what your software is really doing. Computers are unforgiving readers; they never pay attention to what you mean, and always insist on doing what the code says.

Debugging happens naturally when actively developing code and troubleshooting a problem. The same kind of investigation is also a great way to learn about programs that are working just fine. It pays to look closely at what programs are really doing when you re-introduce yourself to code that you wrote a long time ago, or when you try to understand a new bit of code that you encounter for the first time.

Continue Reading Here

Car cybersecurity: What do the automakers really think?

The Ponemon Institute recently conducted a cybersecurity survey sponsored by Rogue Wave Software and Security Innovation of over 500 automotive developers, engineers, and executives, primarily from automotive OEMs and tier one suppliers.

This paper analyzes the survey results, and provided new insights to help automotive software suppliers understand the current mindset of their developers and build security and safety into their software.

Continue Reading Here

Top 3 strategies to reduce risk in automotive / in-vehicle software development

Developing in-vehicle embedded applications is a safety, security, and quality challenge. Given that cars and trucks are increasingly connected to each other and to the devices around them, it’s becoming harder and harder to ensure that software is functional and free from risk. Development teams, especially the managers who are ultimately responsible, face incredible challenges when building such applications, and are learning that team members need to do more than just catch code defects during verification and validation testing. The new imperative: Identify and address security and compliance concerns earlier in the lifecycle, all while delivering innovative and differentiating features.

Continue Reading Here

Software as a process

Today’s software products are the result of many suppliers, vendors, open source repositories, and legacy code coming together in a mix of different processes, standards, and cultures. Each input offers a chance to introduce safety, security, or performance-related errors.

This paper explains the challenges of this polyglot environment and how strategies and tools proven in a number of industries can be applied to your organization to reduce defects, meet requirements, and minimize costs.

Continue Reading Here

Coding to standards and quality: supply-chain application development

The monolithic codebase is dead. Modern applications are built of code from a variety of sources including employees, partners, and contractors from different geographies, with different skill levels, and working on a number of platforms. Application development is a supply chain, with dependencies supported by a network of systems ranging from greenfield development to legacy integrations, and utilizing a patchwork of code from custom, open-source, and commercial third-party sources. Ensuring consistency, security, and standards in such an environment can be challenging, but is essential for maintaining reputation, relationships, and customers.

Continue Reading Here

Displaying results 1-10 (of 27)
 |<  < 1 - 2 - 3  >  >|