SlideShare a Scribd company logo

Achieving Software Safety, Security, and Reliability Part 2

Perforce
Perforce

In Part 2, we will focus on the automotive industry, as it leads the way in enforcing safety, security, and reliability standards as well as best practices for software development. We will then examine how other industries could adopt similar practices.

Software
1 of 22
Download to read offline
© 2019 Perforce Software, Inc. Achieving Software Safety, Security, and Reliability PART 2: APPLYING LESSONS FROM THE AUTOMOTIVE INDUSTRY
perforce.com2 | © 2019 Perforce Software, Inc. Presenter Richard Bellairs Product Marketing Manager Richard has 20+ years of experience across a wide range of industries. He held electronics and software engineering positions in the manufacturing, defense, and test and measurement industries in the nineties and early noughties before moving to product management and product marketing. He now champions Perforce’s market-leading code quality management solution.
perforce.com3 | © 2019 Perforce Software, Inc. Achieving Software Safety, Security, and Reliability Common Industry Challenges 1 Applying Lessons From the Automotive Industry 2 What Does the Future Hold? 3
perforce.com4 | © 2019 Perforce Software, Inc. Here’s What We’ll Cover Today (Lessons from the Automotive Industry) 1 2 3 Automotive Tech Trends Automotive Standards Lessons for Other Sectors
perforce.com5 | © 2019 Perforce Software, Inc. Electrification Autonomous Driving Connectivity Automotive Tech Trends The Automotive World is Increasingly Software-centred
perforce.com6 | © 2019 Perforce Software, Inc. https://www.embitel.com/blog/embedded-blog/automotive-control-units-development-innovations-mechanical-to-electronics Event Data Recorder Voice/Data Communications Electric Power Steering Blindspot Detection Electronic Stability Control Entertainment System Digital Turn Signals Head-up Display of innovations driven by electronics and software. of vehicle development costs.40%90% Navigation System
perforce.com7 | © 2019 Perforce Software, Inc. Vehicle Attack Surface Source: PenTestPartners LLP USB, CD, and SD Cards (firmware updates) MITM attack Attack from Mobile device apps OTA Malware delivered through encoded music RF: Cellular, WiFi, Bluetooth, FM, DAB Telematics Remote keyless entry Malicious firmware updates Tyre Pressure Monitoring System Attack on vehicle BUS Direct to CAN – physical access to CAN wiring externally Open source software vulnerabilities Attack on certificate & key stores Sniffing of user data through screens and keypads, transmitted to outside world Attack from downloaded apps
perforce.com8 | © 2019 Perforce Software, Inc. https://emarketing.alixpartners.com/rs/emsimages/2018/pubs/EI/AP_Auto_Industry_Recall_Problem_Jan_2018.pdf SINCE 2013, ELECTRONICS RELATED RECALLS HAVE GROWN SIX TIMES FASTER THAN IN PRIOR YEARS
perforce.com9 | © 2019 Perforce Software, Inc. Automotive Software Standards Process Functional Safety Coding Cybersecurity Automotive SPICE ISO 26262 MISRA, AUTOSAR SAE J3061 ISO/SAE 21434
perforce.com10 | © 2019 Perforce Software, Inc. Software Development Standards: Common Themes Traceability Configuration Management Coding standards Testing Requirements Management Hazard analysis Security analysis Documentation
perforce.com11 | © 2019 Perforce Software, Inc. Sources of Defects REQUIREMENTS ARCHITECTURE DESIGN SOURCE CODE TEST MATERIALS DOCUMENTS DATABASE WEBSITES
perforce.com12 | © 2019 Perforce Software, Inc. Coding standards help to ensure that software is: • Safe: It can be used without causing harm. • Secure: It can’t be hacked. • Reliable: It functions as it should — every time. • Testable: It can be tested at the code level. • Maintainable: It can be maintained, even as your codebase grows. • Portable: It works the same in every environment. Achieve High Code Quality by Using a Coding Standard
perforce.com13 | © 2019 Perforce Software, Inc. Consistent code quality — no matter who writes the code. Software security from the start. Reduced development costs Accelerated time to market. Compliance with industry standards (e.g., ISO). Why Use a Coding Standard? 1 2 3 4 5
perforce.com14 | © 2019 Perforce Software, Inc. Achieve High Code Quality by Deploying Static Analysis
perforce.com15 | © 2019 Perforce Software, Inc. Types of Statically Detectable Code Defects Defect Type Example Static Memory Static buffer overrun Dynamic Memory Dynamic buffer overrun Stack-related Stack overflow Numerical Division by zero Resource Management Invalid access already freed memory Pointer-related Dereferencing a NULL pointer Concurrency Deadlock Inappropriate code Redundant code Other Uninitialized variables
Electric Sports Car Innovator, Reported Benefits of Helix QAC: • MISRA C Compliance: • Implicitly required by ISO 26262 • Fewer unintentional (human) errors: • No NULL pointer dereferences • No indexing overflows • Etc. • Trained engineers: • Writing (almost) MIRA compliant code • Enforcing new code design guidelines • Improved quality of process and code: • Code will not be merged to development branch if it contains any MISRA violation
perforce.com17 | © 2019 Perforce Software, Inc. Functional Safety Standards Image from: https://www.tuvsud.com/en/resource-centre/infographics/functional-safety-regulation-landscape
Comparing the Medical Device Standard, ISO 62304 with the Automotive Standard, ISO 26262
perforce.com19 | © 2019 Perforce Software, Inc.
perforce.com20 | © 2019 Perforce Software, Inc. ISO 62304 ISO 26262 (Automotive Functional Safety) “ where applicable, unit acceptance criteria should be defined for: a) proper event sequence; b) data and control flow; c) planned resource allocation; d) fault handling (error definition, isolation, and recovery); e) initialisation of variables; f) self-diagnostics; g) memory management and memory overflows; and h) boundary conditions. “ ….but only for Class C devices! Apparently it is okay to leave out these checks for Class B devices, which can cause injury, and can certainly pose serious security risks! COM PREHENSIVE CODING REQUIREM ENTS
perforce.com21 | © 2019 Perforce Software, Inc. Part 3: What Does the Future Hold? Next Time:
Questions?

Recommended

Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Perforce
 
Automotive safety, automotive systems standard, automotive safety management ...
Automotive safety, automotive systems standard, automotive safety management ...Automotive safety, automotive systems standard, automotive safety management ...
Automotive safety, automotive systems standard, automotive safety management ...
Bryan Len
 
Software defined vehicles,automotive standards (safety, security), agile cont...
Software defined vehicles,automotive standards (safety, security), agile cont...Software defined vehicles,automotive standards (safety, security), agile cont...
Software defined vehicles,automotive standards (safety, security), agile cont...
Dr. Anish Cheriyan (PhD)
 
Five ways to protect your software supply chain from hacks, quacks, and wrecks
Five ways to protect your software supply chain from hacks, quacks, and wrecksFive ways to protect your software supply chain from hacks, quacks, and wrecks
Five ways to protect your software supply chain from hacks, quacks, and wrecks
Rogue Wave Software
 
Webinar misra and security
Webinar misra and securityWebinar misra and security
Webinar misra and security
Perforce
 
20100121 04 - Présentation du CISQ par cast software
20100121 04 - Présentation du CISQ par cast software20100121 04 - Présentation du CISQ par cast software
20100121 04 - Présentation du CISQ par cast software
LeClubQualiteLogicielle
 
Importance of APIs and their Management in Digitalisation Initiatives
Importance of APIs and their Management in Digitalisation InitiativesImportance of APIs and their Management in Digitalisation Initiatives
Importance of APIs and their Management in Digitalisation Initiatives
SEEBURGER
 
Embedded systems Technology
Embedded systems TechnologyEmbedded systems Technology
Embedded systems Technology
Ashok Kumar.k
 

Recommended

Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Perforce
 
Automotive safety, automotive systems standard, automotive safety management ...
Automotive safety, automotive systems standard, automotive safety management ...Automotive safety, automotive systems standard, automotive safety management ...
Automotive safety, automotive systems standard, automotive safety management ...
Bryan Len
 
Software defined vehicles,automotive standards (safety, security), agile cont...
Software defined vehicles,automotive standards (safety, security), agile cont...Software defined vehicles,automotive standards (safety, security), agile cont...
Software defined vehicles,automotive standards (safety, security), agile cont...
Dr. Anish Cheriyan (PhD)
 
Five ways to protect your software supply chain from hacks, quacks, and wrecks
Five ways to protect your software supply chain from hacks, quacks, and wrecksFive ways to protect your software supply chain from hacks, quacks, and wrecks
Five ways to protect your software supply chain from hacks, quacks, and wrecks
Rogue Wave Software
 
Webinar misra and security
Webinar misra and securityWebinar misra and security
Webinar misra and security
Perforce
 
20100121 04 - Présentation du CISQ par cast software
20100121 04 - Présentation du CISQ par cast software20100121 04 - Présentation du CISQ par cast software
20100121 04 - Présentation du CISQ par cast software
LeClubQualiteLogicielle
 
Importance of APIs and their Management in Digitalisation Initiatives
Importance of APIs and their Management in Digitalisation InitiativesImportance of APIs and their Management in Digitalisation Initiatives
Importance of APIs and their Management in Digitalisation Initiatives
SEEBURGER
 
Embedded systems Technology
Embedded systems TechnologyEmbedded systems Technology
Embedded systems Technology
Ashok Kumar.k
 
Cybersecurity Application Installation with no Shutdown Required webinar Slides
Cybersecurity Application Installation with no Shutdown Required webinar SlidesCybersecurity Application Installation with no Shutdown Required webinar Slides
Cybersecurity Application Installation with no Shutdown Required webinar Slides
Yokogawa1
 
Prepare Your DevOps Culture to Withstand the Digital Experience Onslaught
Prepare Your DevOps Culture to Withstand the Digital Experience OnslaughtPrepare Your DevOps Culture to Withstand the Digital Experience Onslaught
Prepare Your DevOps Culture to Withstand the Digital Experience Onslaught
DevOps.com
 
ISO26262 Conference 2019
ISO26262 Conference 2019ISO26262 Conference 2019
ISO26262 Conference 2019
Torben Haagh
 
Securing your IoT Thing
Securing your IoT ThingSecuring your IoT Thing
Securing your IoT Thing
Duncan Purves
 
Desktop Software Asset Management – Today and Tomorrow
Desktop Software Asset Management – Today and TomorrowDesktop Software Asset Management – Today and Tomorrow
Desktop Software Asset Management – Today and Tomorrow
Flexera
 
Security Considerations on Hybrid Cloud
Security Considerations on Hybrid CloudSecurity Considerations on Hybrid Cloud
Security Considerations on Hybrid Cloud
davsor1
 
The Future of PLC Programming by WonderLogix
The Future of PLC Programming by WonderLogixThe Future of PLC Programming by WonderLogix
The Future of PLC Programming by WonderLogix
salesbuddy
 
FossilShale Corporate Overview
FossilShale Corporate OverviewFossilShale Corporate Overview
FossilShale Corporate Overview
Mariappan Amirthalingam (Mars)
 
F-Secure Corporation
F-Secure CorporationF-Secure Corporation
F-Secure Corporation
Pratima Potturu
 
Verivo and Forrester Mobile Strategies
Verivo and Forrester Mobile StrategiesVerivo and Forrester Mobile Strategies
Verivo and Forrester Mobile Strategies
VerivoSoftware
 
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
Ivanti
 
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
AppDynamics
 
Android App Security Solution
Android App Security SolutionAndroid App Security Solution
Android App Security Solution
Jay Li
 
FCI-company profile
FCI-company profileFCI-company profile
FCI-company profileAmit Sardar
 
Webinar- How Software License Optimization Empowers IT Procurement
Webinar- How Software License Optimization Empowers IT ProcurementWebinar- How Software License Optimization Empowers IT Procurement
Webinar- How Software License Optimization Empowers IT Procurement
Flexera
 
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
mfrancis
 
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...Allied Market Research
 
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage StrategyHow to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
Perfecto by Perforce
 
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
IBM Security
 
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CTDeliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Perfecto by Perforce
 
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Perforce
 
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected VehiclesWebinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
HARMAN Connected Services
 

More Related Content

What's hot

Cybersecurity Application Installation with no Shutdown Required webinar Slides
Cybersecurity Application Installation with no Shutdown Required webinar SlidesCybersecurity Application Installation with no Shutdown Required webinar Slides
Cybersecurity Application Installation with no Shutdown Required webinar Slides
Yokogawa1
 
Prepare Your DevOps Culture to Withstand the Digital Experience Onslaught
Prepare Your DevOps Culture to Withstand the Digital Experience OnslaughtPrepare Your DevOps Culture to Withstand the Digital Experience Onslaught
Prepare Your DevOps Culture to Withstand the Digital Experience Onslaught
DevOps.com
 
ISO26262 Conference 2019
ISO26262 Conference 2019ISO26262 Conference 2019
ISO26262 Conference 2019
Torben Haagh
 
Securing your IoT Thing
Securing your IoT ThingSecuring your IoT Thing
Securing your IoT Thing
Duncan Purves
 
Desktop Software Asset Management – Today and Tomorrow
Desktop Software Asset Management – Today and TomorrowDesktop Software Asset Management – Today and Tomorrow
Desktop Software Asset Management – Today and Tomorrow
Flexera
 
Security Considerations on Hybrid Cloud
Security Considerations on Hybrid CloudSecurity Considerations on Hybrid Cloud
Security Considerations on Hybrid Cloud
davsor1
 
The Future of PLC Programming by WonderLogix
The Future of PLC Programming by WonderLogixThe Future of PLC Programming by WonderLogix
The Future of PLC Programming by WonderLogix
salesbuddy
 
FossilShale Corporate Overview
FossilShale Corporate OverviewFossilShale Corporate Overview
FossilShale Corporate Overview
Mariappan Amirthalingam (Mars)
 
F-Secure Corporation
F-Secure CorporationF-Secure Corporation
F-Secure Corporation
Pratima Potturu
 
Verivo and Forrester Mobile Strategies
Verivo and Forrester Mobile StrategiesVerivo and Forrester Mobile Strategies
Verivo and Forrester Mobile Strategies
VerivoSoftware
 
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
Ivanti
 
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
AppDynamics
 
Android App Security Solution
Android App Security SolutionAndroid App Security Solution
Android App Security Solution
Jay Li
 
FCI-company profile
FCI-company profileFCI-company profile
FCI-company profileAmit Sardar
 
Webinar- How Software License Optimization Empowers IT Procurement
Webinar- How Software License Optimization Empowers IT ProcurementWebinar- How Software License Optimization Empowers IT Procurement
Webinar- How Software License Optimization Empowers IT Procurement
Flexera
 
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
mfrancis
 
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...Allied Market Research
 
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage StrategyHow to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
Perfecto by Perforce
 
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
IBM Security
 
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CTDeliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Perfecto by Perforce
 

What's hot (20)

Cybersecurity Application Installation with no Shutdown Required webinar Slides
Cybersecurity Application Installation with no Shutdown Required webinar SlidesCybersecurity Application Installation with no Shutdown Required webinar Slides
Cybersecurity Application Installation with no Shutdown Required webinar Slides
 
Prepare Your DevOps Culture to Withstand the Digital Experience Onslaught
Prepare Your DevOps Culture to Withstand the Digital Experience OnslaughtPrepare Your DevOps Culture to Withstand the Digital Experience Onslaught
Prepare Your DevOps Culture to Withstand the Digital Experience Onslaught
 
ISO26262 Conference 2019
ISO26262 Conference 2019ISO26262 Conference 2019
ISO26262 Conference 2019
 
Securing your IoT Thing
Securing your IoT ThingSecuring your IoT Thing
Securing your IoT Thing
 
Desktop Software Asset Management – Today and Tomorrow
Desktop Software Asset Management – Today and TomorrowDesktop Software Asset Management – Today and Tomorrow
Desktop Software Asset Management – Today and Tomorrow
 
Security Considerations on Hybrid Cloud
Security Considerations on Hybrid CloudSecurity Considerations on Hybrid Cloud
Security Considerations on Hybrid Cloud
 
The Future of PLC Programming by WonderLogix
The Future of PLC Programming by WonderLogixThe Future of PLC Programming by WonderLogix
The Future of PLC Programming by WonderLogix
 
FossilShale Corporate Overview
FossilShale Corporate OverviewFossilShale Corporate Overview
FossilShale Corporate Overview
 
F-Secure Corporation
F-Secure CorporationF-Secure Corporation
F-Secure Corporation
 
Verivo and Forrester Mobile Strategies
Verivo and Forrester Mobile StrategiesVerivo and Forrester Mobile Strategies
Verivo and Forrester Mobile Strategies
 
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
 
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
 
Android App Security Solution
Android App Security SolutionAndroid App Security Solution
Android App Security Solution
 
FCI-company profile
FCI-company profileFCI-company profile
FCI-company profile
 
Webinar- How Software License Optimization Empowers IT Procurement
Webinar- How Software License Optimization Empowers IT ProcurementWebinar- How Software License Optimization Empowers IT Procurement
Webinar- How Software License Optimization Empowers IT Procurement
 
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
 
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...
 
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage StrategyHow to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
 
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
 
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CTDeliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CT
 

Similar to Achieving Software Safety, Security, and Reliability Part 2

Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Perforce
 
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected VehiclesWebinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
HARMAN Connected Services
 
Webinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or RealityWebinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or Reality
Synopsys Software Integrity Group
 
IBM elm alm overview-software engineerin-lifecycle-management
IBM elm alm overview-software engineerin-lifecycle-managementIBM elm alm overview-software engineerin-lifecycle-management
IBM elm alm overview-software engineerin-lifecycle-management
Imran Hashmi
 
QRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTXQRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTX
NatashaVerma29
 
Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...
Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...
Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...
BIS Research Inc.
 
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays
 
Strategy Analytics - Automotive Cyber Security - Oct 2020.pptx
Strategy Analytics - Automotive Cyber Security - Oct 2020.pptxStrategy Analytics - Automotive Cyber Security - Oct 2020.pptx
Strategy Analytics - Automotive Cyber Security - Oct 2020.pptx
NiteshKumar958846
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD Pipeline
DevOps.com
 
Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...
Denim Group
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
IBM
 
Automotive Cybersecurity: The Gap Still Exists
Automotive Cybersecurity: The Gap Still ExistsAutomotive Cybersecurity: The Gap Still Exists
Automotive Cybersecurity: The Gap Still Exists
OnBoard Security, Inc. - a Qualcomm Company
 
Network Security for Automotive Embedded Systems
Network Security for Automotive Embedded SystemsNetwork Security for Automotive Embedded Systems
Network Security for Automotive Embedded Systems
Tonex
 
Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive Software
Parasoft
 
Revealed: The State of Automotive Software Development in 2019
Revealed: The State of Automotive Software Development in 2019Revealed: The State of Automotive Software Development in 2019
Revealed: The State of Automotive Software Development in 2019
Perforce
 
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
JessiRyan1
 
Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...
Denim Group
 
Info sec for startups
Info sec for startupsInfo sec for startups
Info sec for startups
Kesava Reddy
 
Embedded software validation best practices with NI and RQM
Embedded software validation best practices with NI and RQMEmbedded software validation best practices with NI and RQM
Embedded software validation best practices with NI and RQM
Paul Urban
 
Value Journal - October 2020
Value Journal - October 2020Value Journal - October 2020
Value Journal - October 2020
Redington Value Distribution
 

Similar to Achieving Software Safety, Security, and Reliability Part 2 (20)

Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
 
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected VehiclesWebinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
 
Webinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or RealityWebinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or Reality
 
IBM elm alm overview-software engineerin-lifecycle-management
IBM elm alm overview-software engineerin-lifecycle-managementIBM elm alm overview-software engineerin-lifecycle-management
IBM elm alm overview-software engineerin-lifecycle-management
 
QRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTXQRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTX
 
Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...
Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...
Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...
 
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
 
Strategy Analytics - Automotive Cyber Security - Oct 2020.pptx
Strategy Analytics - Automotive Cyber Security - Oct 2020.pptxStrategy Analytics - Automotive Cyber Security - Oct 2020.pptx
Strategy Analytics - Automotive Cyber Security - Oct 2020.pptx
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD Pipeline
 
Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 
Automotive Cybersecurity: The Gap Still Exists
Automotive Cybersecurity: The Gap Still ExistsAutomotive Cybersecurity: The Gap Still Exists
Automotive Cybersecurity: The Gap Still Exists
 
Network Security for Automotive Embedded Systems
Network Security for Automotive Embedded SystemsNetwork Security for Automotive Embedded Systems
Network Security for Automotive Embedded Systems
 
Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive Software
 
Revealed: The State of Automotive Software Development in 2019
Revealed: The State of Automotive Software Development in 2019Revealed: The State of Automotive Software Development in 2019
Revealed: The State of Automotive Software Development in 2019
 
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
 
Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...
 
Info sec for startups
Info sec for startupsInfo sec for startups
Info sec for startups
 
Embedded software validation best practices with NI and RQM
Embedded software validation best practices with NI and RQMEmbedded software validation best practices with NI and RQM
Embedded software validation best practices with NI and RQM
 
Value Journal - October 2020
Value Journal - October 2020Value Journal - October 2020
Value Journal - October 2020
 

More from Perforce

How to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning NeedsHow to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning Needs
Perforce
 
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Perforce
 
Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Perforce
 
Understanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPsUnderstanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPs
Perforce
 
Branching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development ProcessBranching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development Process
Perforce
 
How to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOpsHow to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOps
Perforce
 
How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog
Perforce
 
Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team
Perforce
 
Shift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New WorkflowShift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New Workflow
Perforce
 
Hybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated WorldHybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated World
Perforce
 
Better, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the EnterpriseBetter, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the Enterprise
Perforce
 
Easier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALMEasier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALM
Perforce
 
How To Master Your Mega Backlog
How To Master Your Mega Backlog How To Master Your Mega Backlog
How To Master Your Mega Backlog
Perforce
 
How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure
Perforce
 
Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?
Perforce
 
What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4
Perforce
 
Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison
Perforce
 
5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis 5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis
Perforce
 
Code Quality Management Best Practices
Code Quality Management Best Practices Code Quality Management Best Practices
Code Quality Management Best Practices
Perforce
 
Scale Kanban Beyond Team Level
Scale Kanban Beyond Team Level Scale Kanban Beyond Team Level
Scale Kanban Beyond Team Level
Perforce
 

More from Perforce (20)

How to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning NeedsHow to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning Needs
 
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
 
Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...
 
Understanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPsUnderstanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPs
 
Branching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development ProcessBranching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development Process
 
How to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOpsHow to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOps
 
How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog
 
Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team
 
Shift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New WorkflowShift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New Workflow
 
Hybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated WorldHybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated World
 
Better, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the EnterpriseBetter, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the Enterprise
 
Easier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALMEasier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALM
 
How To Master Your Mega Backlog
How To Master Your Mega Backlog How To Master Your Mega Backlog
How To Master Your Mega Backlog
 
How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure
 
Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?
 
What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4
 
Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison
 
5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis 5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis
 
Code Quality Management Best Practices
Code Quality Management Best Practices Code Quality Management Best Practices
Code Quality Management Best Practices
 
Scale Kanban Beyond Team Level
Scale Kanban Beyond Team Level Scale Kanban Beyond Team Level
Scale Kanban Beyond Team Level
 

Recently uploaded

First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
Globus
 
top nidhi software solution freedownload
top nidhi software solution freedownloadtop nidhi software solution freedownload
top nidhi software solution freedownload
vrstrong314
 
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Anthony Dahanne
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Globus
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
Juraj Vysvader
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Mind IT Systems
 
Using IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New ZealandUsing IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New Zealand
IES VE
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus
 
RISE with SAP and Journey to the Intelligent Enterprise
RISE with SAP and Journey to the Intelligent EnterpriseRISE with SAP and Journey to the Intelligent Enterprise
RISE with SAP and Journey to the Intelligent Enterprise
Srikant77
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume MontevideoVitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
Google
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
AMB-Review
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Globus
 
Graphic Design Crash Course for beginners
Graphic Design Crash Course for beginnersGraphic Design Crash Course for beginners
Graphic Design Crash Course for beginners
e20449
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
Georgi Kodinov
 
Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
WSO2
 

Recently uploaded (20)

First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
 
top nidhi software solution freedownload
top nidhi software solution freedownloadtop nidhi software solution freedownload
top nidhi software solution freedownload
 
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
 
SOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar Research Team: Latest Activities of IntelBroker
SOCRadar Research Team: Latest Activities of IntelBroker
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
 
Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024Globus Connect Server Deep Dive - GlobusWorld 2024
Globus Connect Server Deep Dive - GlobusWorld 2024
 
Prosigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns: Transforming Business with Tailored Technology Solutions
Prosigns: Transforming Business with Tailored Technology Solutions
 
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...
 
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
Custom Healthcare Software for Managing Chronic Conditions and Remote Patient...
 
Using IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New ZealandUsing IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New Zealand
 
Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus Compute wth IRI Workflows - GlobusWorld 2024
Globus Compute wth IRI Workflows - GlobusWorld 2024
 
RISE with SAP and Journey to the Intelligent Enterprise
RISE with SAP and Journey to the Intelligent EnterpriseRISE with SAP and Journey to the Intelligent Enterprise
RISE with SAP and Journey to the Intelligent Enterprise
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume MontevideoVitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume Montevideo
 
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteAI Pilot Review: The World’s First Virtual Assistant Marketing Suite
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
 
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...
 
Graphic Design Crash Course for beginners
Graphic Design Crash Course for beginnersGraphic Design Crash Course for beginners
Graphic Design Crash Course for beginners
 
2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx2024 RoOUG Security model for the cloud.pptx
2024 RoOUG Security model for the cloud.pptx
 
Accelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with PlatformlessAccelerate Enterprise Software Engineering with Platformless
Accelerate Enterprise Software Engineering with Platformless
 

Achieving Software Safety, Security, and Reliability Part 2

  • 1. © 2019 Perforce Software, Inc. Achieving Software Safety, Security, and Reliability PART 2: APPLYING LESSONS FROM THE AUTOMOTIVE INDUSTRY
  • 2. perforce.com2 | © 2019 Perforce Software, Inc. Presenter Richard Bellairs Product Marketing Manager Richard has 20+ years of experience across a wide range of industries. He held electronics and software engineering positions in the manufacturing, defense, and test and measurement industries in the nineties and early noughties before moving to product management and product marketing. He now champions Perforce’s market-leading code quality management solution.
  • 3. perforce.com3 | © 2019 Perforce Software, Inc. Achieving Software Safety, Security, and Reliability Common Industry Challenges 1 Applying Lessons From the Automotive Industry 2 What Does the Future Hold? 3
  • 4. perforce.com4 | © 2019 Perforce Software, Inc. Here’s What We’ll Cover Today (Lessons from the Automotive Industry) 1 2 3 Automotive Tech Trends Automotive Standards Lessons for Other Sectors
  • 5. perforce.com5 | © 2019 Perforce Software, Inc. Electrification Autonomous Driving Connectivity Automotive Tech Trends The Automotive World is Increasingly Software-centred
  • 6. perforce.com6 | © 2019 Perforce Software, Inc. https://www.embitel.com/blog/embedded-blog/automotive-control-units-development-innovations-mechanical-to-electronics Event Data Recorder Voice/Data Communications Electric Power Steering Blindspot Detection Electronic Stability Control Entertainment System Digital Turn Signals Head-up Display of innovations driven by electronics and software. of vehicle development costs.40%90% Navigation System
  • 7. perforce.com7 | © 2019 Perforce Software, Inc. Vehicle Attack Surface Source: PenTestPartners LLP USB, CD, and SD Cards (firmware updates) MITM attack Attack from Mobile device apps OTA Malware delivered through encoded music RF: Cellular, WiFi, Bluetooth, FM, DAB Telematics Remote keyless entry Malicious firmware updates Tyre Pressure Monitoring System Attack on vehicle BUS Direct to CAN – physical access to CAN wiring externally Open source software vulnerabilities Attack on certificate & key stores Sniffing of user data through screens and keypads, transmitted to outside world Attack from downloaded apps
  • 8. perforce.com8 | © 2019 Perforce Software, Inc. https://emarketing.alixpartners.com/rs/emsimages/2018/pubs/EI/AP_Auto_Industry_Recall_Problem_Jan_2018.pdf SINCE 2013, ELECTRONICS RELATED RECALLS HAVE GROWN SIX TIMES FASTER THAN IN PRIOR YEARS
  • 9. perforce.com9 | © 2019 Perforce Software, Inc. Automotive Software Standards Process Functional Safety Coding Cybersecurity Automotive SPICE ISO 26262 MISRA, AUTOSAR SAE J3061 ISO/SAE 21434
  • 10. perforce.com10 | © 2019 Perforce Software, Inc. Software Development Standards: Common Themes Traceability Configuration Management Coding standards Testing Requirements Management Hazard analysis Security analysis Documentation
  • 11. perforce.com11 | © 2019 Perforce Software, Inc. Sources of Defects REQUIREMENTS ARCHITECTURE DESIGN SOURCE CODE TEST MATERIALS DOCUMENTS DATABASE WEBSITES
  • 12. perforce.com12 | © 2019 Perforce Software, Inc. Coding standards help to ensure that software is: • Safe: It can be used without causing harm. • Secure: It can’t be hacked. • Reliable: It functions as it should — every time. • Testable: It can be tested at the code level. • Maintainable: It can be maintained, even as your codebase grows. • Portable: It works the same in every environment. Achieve High Code Quality by Using a Coding Standard
  • 13. perforce.com13 | © 2019 Perforce Software, Inc. Consistent code quality — no matter who writes the code. Software security from the start. Reduced development costs Accelerated time to market. Compliance with industry standards (e.g., ISO). Why Use a Coding Standard? 1 2 3 4 5
  • 14. perforce.com14 | © 2019 Perforce Software, Inc. Achieve High Code Quality by Deploying Static Analysis
  • 15. perforce.com15 | © 2019 Perforce Software, Inc. Types of Statically Detectable Code Defects Defect Type Example Static Memory Static buffer overrun Dynamic Memory Dynamic buffer overrun Stack-related Stack overflow Numerical Division by zero Resource Management Invalid access already freed memory Pointer-related Dereferencing a NULL pointer Concurrency Deadlock Inappropriate code Redundant code Other Uninitialized variables
  • 16. Electric Sports Car Innovator, Reported Benefits of Helix QAC: • MISRA C Compliance: • Implicitly required by ISO 26262 • Fewer unintentional (human) errors: • No NULL pointer dereferences • No indexing overflows • Etc. • Trained engineers: • Writing (almost) MIRA compliant code • Enforcing new code design guidelines • Improved quality of process and code: • Code will not be merged to development branch if it contains any MISRA violation
  • 17. perforce.com17 | © 2019 Perforce Software, Inc. Functional Safety Standards Image from: https://www.tuvsud.com/en/resource-centre/infographics/functional-safety-regulation-landscape
  • 18. Comparing the Medical Device Standard, ISO 62304 with the Automotive Standard, ISO 26262
  • 19. perforce.com19 | © 2019 Perforce Software, Inc.
  • 20. perforce.com20 | © 2019 Perforce Software, Inc. ISO 62304 ISO 26262 (Automotive Functional Safety) “ where applicable, unit acceptance criteria should be defined for: a) proper event sequence; b) data and control flow; c) planned resource allocation; d) fault handling (error definition, isolation, and recovery); e) initialisation of variables; f) self-diagnostics; g) memory management and memory overflows; and h) boundary conditions. “ ….but only for Class C devices! Apparently it is okay to leave out these checks for Class B devices, which can cause injury, and can certainly pose serious security risks! COM PREHENSIVE CODING REQUIREM ENTS
  • 21. perforce.com21 | © 2019 Perforce Software, Inc. Part 3: What Does the Future Hold? Next Time: