GrammaTech announces binary analysis support for ARM

GrammaTech announced expansion of CodeSonar’s static analysis engine to include binary analysis for ARM, the dominant processor of the Internet of Things. CodeSonar is the only commercially-available static analysis tool on the market to provide binary analysis, allowing engineering teams to analyze application software, middleware, and firmware.

Today’s systems are at significant risk without knowing exactly what defects and vulnerabilities may lie within operating systems, drivers, middleware, or supplier applications. CodeSonar’s binary analysis allows you to analyze your x86 or ARM system via binary-only or mixed-mode analysis, identifying both source and binary defects hazardous to your device.

CodeSonar’s analysis tracks potentially hazardous input data, to further mitigate risks from third-party and open-source code. With binary analysis, CodeSonar can identify potential exploitable data flows within an application, or between the application and libraries and drivers — so you can track potentially tainted inputs not just throughout your own code but also into or out from something you’re not writing but is critical to your potential functional flow (such as the many users of openssl discovered when the Heartbleed vulnerability was brought to light). Results of this analysis can be superimposed on a high-level graphical visualization of the architecture of the whole system, to allow engineers to see those notoriously hard-to-find tainted data pathways.

By analyzing the machine code, teams can find anomalies that may not exist in source, created by unexpected build optimizations or through backdoors created by the build tool chain. 

More Information...

Latest News from GrammaTech

GrammaTech: Risk Dashboard, a new feature in CodeSonar 4.5
GrammaTech: focus on cyber-security at embedded world
GrammaTech: software hardening for securing IoT devices
GrammaTech’s team TECHx places second in DARPA’s Cyber Grand Challenge
GrammaTech enhances CodeSonar offering for large-scale enterprise teams
GrammaTech adds hardening techniques to software assurance portfolio
GrammaTech announces binary analysis support for ARM
GrammaTech: CodeSonar 4.1 certified for use in developing safety-critical software