Discover how automated static code analysis can enhance software project safety and security in this 31-minute conference talk from code::dive 2021. Learn the importance of static analysis in software development and explore methods to prove the absence of runtime errors using formal methods-based tools. Delve into topics such as the cost of failure, embedded software security challenges, and the limitations of traditional testing and reviews. Watch a demonstration on bug detection and gain insights into exhaustive testing techniques. Explore the PolyspaceTM Code Prover color scheme and understand how formal analysis works through semantic analysis examples. Presented by Adam Pietrzyk, an Application Engineer at Oprogramowanie Naukowo-Techniczne and MathWorks authorized reseller, this talk offers valuable knowledge for developers seeking to implement innovations safely and securely.
Overview
Syllabus
Intro
The Cost of Failure.
Embedded Software Security New Challenge
Problem: Tests and reviews aren't exhaustive
Demo: Can You Find A Bug?
How does Static Code Analysis help you?
Exhaustive testing
PolyspaceTM Code Prover color scheme
How does Formal Analysis works? Semantic Analysis Example
Polyspace Tools
Taught by
code::dive conference
Related Courses
-
Static & Dynamic Analysis for Technical Testing
-
Application Security for Developers and DevOps Professionals
-
DevSecOps Fundamentals
-
Static Code Analysis in Software Development Process
-
How to Conduct a Product Security Test and How it Fits Into the Larger Security Strategy
-
Bugs Ruin Everything - Keynote on Vulnerability Analysis and Exploitation
