VITA Technologies
  • VME
  • XMC
  • FMC
  • PMC
  • VNX
  • VPX
Menu
  • VME
  • XMC
  • FMC
  • PMC
  • VNX
  • VPX
  • Articles
  • White Papers
  • Products
  • News
Menu
  • Articles
  • White Papers
  • Products
  • News
  Industry News  GrammaTech Announces First Fully Compatible Static-Analysis Tool for MITRE’s Common Weakness Enumeration Security Standard
Industry News

GrammaTech Announces First Fully Compatible Static-Analysis Tool for MITRE’s Common Weakness Enumeration Security Standard

GrammaTechGrammaTech—March 18, 20080
FacebookTwitterPinterestLinkedInTumblrRedditVKWhatsAppEmail

ITHACA, NY–March 18, 2008–GrammaTech, Inc., a leading provider of source-code analysis tools, declared today that CodeSonar Enterprise is the first static-analysis tool that is compatible with all aspects of MITREs Common Weakness Enumeration (CWE) standard. CodeSonar has now entered CWEs Evaluation Phase, after which CWE compatibility will become official.

CWE, developed by the MITRE Corporation under the sponsorship of the National Cyber Security Division of the Department of Homeland Security, provides a standard language for describing software security weaknesses. Standard terminology makes it easier for organizations to identify, understand and eliminate the myriad of security weaknesses that can occur in software.

More stories

Power Architecture(r) Presentations and Multicore and Virtualization Demonstrations Focus of DesignCon Conference

January 29, 2009

Live E-cast Event: January 29, 2009 (2:00p.m. ET/11:00 a.m. PT) Secure Operating Systems and Tools for Next-Generation Software-Defined Radios; special guests from IBM/Telelogic, LynuxWorks, Inc. and Objective Interface Systems to participate in OpenSystems Media’s E-cast

January 29, 2009

GE Aviation Expands Its U.S. Network of Operations

February 14, 2012

RTI Facilitates Enterprise Application Integration Among Real-Time Applications, Data and Devices

October 23, 2006

“Leveraging efforts on this topic from academia, the commercial sector, and government, CWE unites the most valuable breadth and depth of content and structure to serve as a unified standard. Our objective is to help shape the code security assessment industry and also dramatically accelerate the use and utility of software assurance capabilities for organizations in reviewing the software systems they acquire or develop,” said Robert Martin, CWE project leader.

“GrammaTechs CodeSonar is a static analysis tool for identifying programming flaws and security vulnerabilities in code. CWE is an important and valuable initiative that will help CodeSonar users understand the state of their code more effectively. GrammaTech is pleased to participate in this effort and proud to be the first vendor to offer a static-analysis tool that is compatible in all aspects,” said Paul Anderson, VP of Engineering at GrammaTech.

Software acquirers want assurance that the software products they are obtaining are reviewed for known types of security flaws, and the acquisition groups in large government and private organizations are moving forward to use these types of reviews as part of future contracts. However, the tools and services that can be used for this type of review are new at best and there is no nomenclature, taxonomies, or standards to define the capabilities and coverage of these tools and services. This makes it difficult to comparatively decide which tool/service is best suited for a particular job. What is needed is a standard list and classification of software security weaknesses to serve as a unifying language of discourse and a measuring stick for tools and services. CWE was created specifically to address these problems. More information about CWE can be found at cwe.mitre.org/about/index.html.

About GrammaTech

GrammaTechs static-analysis tools are used worldwide by startups, Fortune 500 companies, educational institutions and government agencies. The staff includes ten PhD-level experts in programming languages and program analysis. The company has offices in Ithaca, New York, and San Jose, California. More information about GrammaTech can be found at www.grammatech.com.

GrammaTech and CodeSonar are trademarks of GrammaTech, Inc. All other trademarks are property of their respective companies.

The URL for this release is located at: www.grammatech.com/news/2008/releases/03-18-08.[…].

FacebookTwitterPinterestLinkedInTumblrRedditVKWhatsAppEmail
Boeing Flight-Tests 2-Pound Imaging Radar Aboard ScanEagle Unmanned Aircraft
A unique portal to trade software IPs, Codecs, Reference Design or Patents.
Related posts
  • Related posts
  • More from author
Articles

The VITA Technologies 2025 Resource Guide is here!

June 19, 20250
Articles

Next-gen fiber optics for aviation: Expanded Beam performance with VITA 95/96

June 3, 20250
Articles

Embedded Tech Trends 2025 Wrapup

June 3, 20250
Load more
Read also
Articles

The VITA Technologies 2025 Resource Guide is here!

June 19, 20250
Articles

Next-gen fiber optics for aviation: Expanded Beam performance with VITA 95/96

June 3, 20250
Articles

Embedded Tech Trends 2025 Wrapup

June 3, 20250
Consortia and Working Groups

VITA standards activity updates

June 3, 20250
Articles

Leveraging AI in standards

June 3, 20250
Eletter Products

SPONSORED: SpaceVPX Solutions From Pixus Technologies

May 28, 20250
Load more

Recent Comments

No comments to show.
  • Articles
  • White Papers
  • Products
  • News
Menu
  • Articles
  • White Papers
  • Products
  • News
  • VME
  • XMC
  • FMC
  • PMC
  • VNX
  • VPX
Menu
  • VME
  • XMC
  • FMC
  • PMC
  • VNX
  • VPX

© 2023 VITA Technologies. All rights Reserved.