VITA Technologies
  • VME
  • XMC
  • FMC
  • PMC
  • VNX
  • VPX
Menu
  • VME
  • XMC
  • FMC
  • PMC
  • VNX
  • VPX
  • Articles
  • White Papers
  • Products
  • News
Menu
  • Articles
  • White Papers
  • Products
  • News
  Industry News  GrammaTech Announces First Fully Compatible Static-Analysis Tool for MITRE’s Common Weakness Enumeration Security Standard
Industry News

GrammaTech Announces First Fully Compatible Static-Analysis Tool for MITRE’s Common Weakness Enumeration Security Standard

GrammaTechGrammaTech—March 18, 20080
FacebookTwitterPinterestLinkedInTumblrRedditVKWhatsAppEmail

ITHACA, NY–March 18, 2008–GrammaTech, Inc., a leading provider of source-code analysis tools, declared today that CodeSonar Enterprise is the first static-analysis tool that is compatible with all aspects of MITREs Common Weakness Enumeration (CWE) standard. CodeSonar has now entered CWEs Evaluation Phase, after which CWE compatibility will become official.

CWE, developed by the MITRE Corporation under the sponsorship of the National Cyber Security Division of the Department of Homeland Security, provides a standard language for describing software security weaknesses. Standard terminology makes it easier for organizations to identify, understand and eliminate the myriad of security weaknesses that can occur in software.

More stories

Curtiss-Wright’s CHAMP-AV6 VPX DSP Engine Achieves Unmatched 8.68 GB/s Sustained Inter-Card Data Rates

April 2, 2008

Curtiss-Wright Controls Announces Its High Sampling Rate Dual-Channel ADC FMC Card for Rugged DSP Applications

March 2, 2009

GOEPEL Electronic’s Boundary Scan Hardware Platform SCANFLEX Receives Best-In-Test Award

January 17, 2006

Mercury Systems Receives $32.5M LTSA for GPS Modules for Precision Guided Munitions Application

October 12, 2016

“Leveraging efforts on this topic from academia, the commercial sector, and government, CWE unites the most valuable breadth and depth of content and structure to serve as a unified standard. Our objective is to help shape the code security assessment industry and also dramatically accelerate the use and utility of software assurance capabilities for organizations in reviewing the software systems they acquire or develop,” said Robert Martin, CWE project leader.

“GrammaTechs CodeSonar is a static analysis tool for identifying programming flaws and security vulnerabilities in code. CWE is an important and valuable initiative that will help CodeSonar users understand the state of their code more effectively. GrammaTech is pleased to participate in this effort and proud to be the first vendor to offer a static-analysis tool that is compatible in all aspects,” said Paul Anderson, VP of Engineering at GrammaTech.

Software acquirers want assurance that the software products they are obtaining are reviewed for known types of security flaws, and the acquisition groups in large government and private organizations are moving forward to use these types of reviews as part of future contracts. However, the tools and services that can be used for this type of review are new at best and there is no nomenclature, taxonomies, or standards to define the capabilities and coverage of these tools and services. This makes it difficult to comparatively decide which tool/service is best suited for a particular job. What is needed is a standard list and classification of software security weaknesses to serve as a unifying language of discourse and a measuring stick for tools and services. CWE was created specifically to address these problems. More information about CWE can be found at cwe.mitre.org/about/index.html.

About GrammaTech

GrammaTechs static-analysis tools are used worldwide by startups, Fortune 500 companies, educational institutions and government agencies. The staff includes ten PhD-level experts in programming languages and program analysis. The company has offices in Ithaca, New York, and San Jose, California. More information about GrammaTech can be found at www.grammatech.com.

GrammaTech and CodeSonar are trademarks of GrammaTech, Inc. All other trademarks are property of their respective companies.

The URL for this release is located at: www.grammatech.com/news/2008/releases/03-18-08.[…].

FacebookTwitterPinterestLinkedInTumblrRedditVKWhatsAppEmail
Boeing Flight-Tests 2-Pound Imaging Radar Aboard ScanEagle Unmanned Aircraft
A unique portal to trade software IPs, Codecs, Reference Design or Patents.
Related posts
  • Related posts
  • More from author
Eletter Products

SPONSORED: SpaceVPX Solutions From Pixus Technologies

May 28, 20250
Eletter Products

SPONSORED: Mission-Ready Chassis Management Aligned to SOSA®

May 28, 20250
Eletter Products

SPONSORED: 2300W Intelligent VPX Power Supply

May 21, 20250
Load more
Read also
Eletter Products

SPONSORED: SpaceVPX Solutions From Pixus Technologies

May 28, 20250
Eletter Products

SPONSORED: Mission-Ready Chassis Management Aligned to SOSA®

May 28, 20250
Eletter Products

SPONSORED: 2300W Intelligent VPX Power Supply

May 21, 20250
Eletter Products

SPONSORED: Small Scale 4 Slot OpenVPX and SOSA Aligned System Development

May 21, 20250
Eletter Products

SPONSORED: 3U VPX HD Switch Doubles Backplane Density

May 14, 20250
Eletter Products

SPONSORED: Rugged 1/2 ATR Aligned to SOSA, CMFF and SAVE Ready

January 30, 20250
Load more

Recent Comments

No comments to show.
  • Articles
  • White Papers
  • Products
  • News
Menu
  • Articles
  • White Papers
  • Products
  • News
  • VME
  • XMC
  • FMC
  • PMC
  • VNX
  • VPX
Menu
  • VME
  • XMC
  • FMC
  • PMC
  • VNX
  • VPX

© 2023 VITA Technologies. All rights Reserved.