SlideShare a Scribd company logo

Achieving Software Safety, Security, and Reliability Part 2

Perforce
Perforce

In Part 2, we will focus on the automotive industry, as it leads the way in enforcing safety, security, and reliability standards as well as best practices for software development. We will then examine how other industries could adopt similar practices.

Software
1 of 22
Download to read offline
© 2019 Perforce Software, Inc. Achieving Software Safety, Security, and Reliability PART 2: APPLYING LESSONS FROM THE AUTOMOTIVE INDUSTRY
perforce.com2 | © 2019 Perforce Software, Inc. Presenter Richard Bellairs Product Marketing Manager Richard has 20+ years of experience across a wide range of industries. He held electronics and software engineering positions in the manufacturing, defense, and test and measurement industries in the nineties and early noughties before moving to product management and product marketing. He now champions Perforce’s market-leading code quality management solution.
perforce.com3 | © 2019 Perforce Software, Inc. Achieving Software Safety, Security, and Reliability Common Industry Challenges 1 Applying Lessons From the Automotive Industry 2 What Does the Future Hold? 3
perforce.com4 | © 2019 Perforce Software, Inc. Here’s What We’ll Cover Today (Lessons from the Automotive Industry) 1 2 3 Automotive Tech Trends Automotive Standards Lessons for Other Sectors
perforce.com5 | © 2019 Perforce Software, Inc. Electrification Autonomous Driving Connectivity Automotive Tech Trends The Automotive World is Increasingly Software-centred
perforce.com6 | © 2019 Perforce Software, Inc. https://www.embitel.com/blog/embedded-blog/automotive-control-units-development-innovations-mechanical-to-electronics Event Data Recorder Voice/Data Communications Electric Power Steering Blindspot Detection Electronic Stability Control Entertainment System Digital Turn Signals Head-up Display of innovations driven by electronics and software. of vehicle development costs.40%90% Navigation System
perforce.com7 | © 2019 Perforce Software, Inc. Vehicle Attack Surface Source: PenTestPartners LLP USB, CD, and SD Cards (firmware updates) MITM attack Attack from Mobile device apps OTA Malware delivered through encoded music RF: Cellular, WiFi, Bluetooth, FM, DAB Telematics Remote keyless entry Malicious firmware updates Tyre Pressure Monitoring System Attack on vehicle BUS Direct to CAN – physical access to CAN wiring externally Open source software vulnerabilities Attack on certificate & key stores Sniffing of user data through screens and keypads, transmitted to outside world Attack from downloaded apps
perforce.com8 | © 2019 Perforce Software, Inc. https://emarketing.alixpartners.com/rs/emsimages/2018/pubs/EI/AP_Auto_Industry_Recall_Problem_Jan_2018.pdf SINCE 2013, ELECTRONICS RELATED RECALLS HAVE GROWN SIX TIMES FASTER THAN IN PRIOR YEARS
perforce.com9 | © 2019 Perforce Software, Inc. Automotive Software Standards Process Functional Safety Coding Cybersecurity Automotive SPICE ISO 26262 MISRA, AUTOSAR SAE J3061 ISO/SAE 21434
perforce.com10 | © 2019 Perforce Software, Inc. Software Development Standards: Common Themes Traceability Configuration Management Coding standards Testing Requirements Management Hazard analysis Security analysis Documentation
perforce.com11 | © 2019 Perforce Software, Inc. Sources of Defects REQUIREMENTS ARCHITECTURE DESIGN SOURCE CODE TEST MATERIALS DOCUMENTS DATABASE WEBSITES
perforce.com12 | © 2019 Perforce Software, Inc. Coding standards help to ensure that software is: • Safe: It can be used without causing harm. • Secure: It can’t be hacked. • Reliable: It functions as it should — every time. • Testable: It can be tested at the code level. • Maintainable: It can be maintained, even as your codebase grows. • Portable: It works the same in every environment. Achieve High Code Quality by Using a Coding Standard
perforce.com13 | © 2019 Perforce Software, Inc. Consistent code quality — no matter who writes the code. Software security from the start. Reduced development costs Accelerated time to market. Compliance with industry standards (e.g., ISO). Why Use a Coding Standard? 1 2 3 4 5
perforce.com14 | © 2019 Perforce Software, Inc. Achieve High Code Quality by Deploying Static Analysis
perforce.com15 | © 2019 Perforce Software, Inc. Types of Statically Detectable Code Defects Defect Type Example Static Memory Static buffer overrun Dynamic Memory Dynamic buffer overrun Stack-related Stack overflow Numerical Division by zero Resource Management Invalid access already freed memory Pointer-related Dereferencing a NULL pointer Concurrency Deadlock Inappropriate code Redundant code Other Uninitialized variables
Electric Sports Car Innovator, Reported Benefits of Helix QAC: • MISRA C Compliance: • Implicitly required by ISO 26262 • Fewer unintentional (human) errors: • No NULL pointer dereferences • No indexing overflows • Etc. • Trained engineers: • Writing (almost) MIRA compliant code • Enforcing new code design guidelines • Improved quality of process and code: • Code will not be merged to development branch if it contains any MISRA violation
perforce.com17 | © 2019 Perforce Software, Inc. Functional Safety Standards Image from: https://www.tuvsud.com/en/resource-centre/infographics/functional-safety-regulation-landscape
Comparing the Medical Device Standard, ISO 62304 with the Automotive Standard, ISO 26262
perforce.com19 | © 2019 Perforce Software, Inc.
perforce.com20 | © 2019 Perforce Software, Inc. ISO 62304 ISO 26262 (Automotive Functional Safety) “ where applicable, unit acceptance criteria should be defined for: a) proper event sequence; b) data and control flow; c) planned resource allocation; d) fault handling (error definition, isolation, and recovery); e) initialisation of variables; f) self-diagnostics; g) memory management and memory overflows; and h) boundary conditions. “ ….but only for Class C devices! Apparently it is okay to leave out these checks for Class B devices, which can cause injury, and can certainly pose serious security risks! COM PREHENSIVE CODING REQUIREM ENTS
perforce.com21 | © 2019 Perforce Software, Inc. Part 3: What Does the Future Hold? Next Time:
Questions?

Recommended

Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...Perforce
 
Automotive safety, automotive systems standard, automotive safety management ...
Automotive safety, automotive systems standard, automotive safety management ...Automotive safety, automotive systems standard, automotive safety management ...
Automotive safety, automotive systems standard, automotive safety management ...Bryan Len
 
Software defined vehicles,automotive standards (safety, security), agile cont...
Software defined vehicles,automotive standards (safety, security), agile cont...Software defined vehicles,automotive standards (safety, security), agile cont...
Software defined vehicles,automotive standards (safety, security), agile cont...Dr. Anish Cheriyan (PhD)
 
Five ways to protect your software supply chain from hacks, quacks, and wrecks
Five ways to protect your software supply chain from hacks, quacks, and wrecksFive ways to protect your software supply chain from hacks, quacks, and wrecks
Five ways to protect your software supply chain from hacks, quacks, and wrecksRogue Wave Software
 
Webinar misra and security
Webinar misra and securityWebinar misra and security
Webinar misra and securityPerforce
 
20100121 04 - Présentation du CISQ par cast software
20100121 04 - Présentation du CISQ par cast software20100121 04 - Présentation du CISQ par cast software
20100121 04 - Présentation du CISQ par cast softwareLeClubQualiteLogicielle
 
Importance of APIs and their Management in Digitalisation Initiatives
Importance of APIs and their Management in Digitalisation InitiativesImportance of APIs and their Management in Digitalisation Initiatives
Importance of APIs and their Management in Digitalisation InitiativesSEEBURGER
 
Embedded systems Technology
Embedded systems TechnologyEmbedded systems Technology
Embedded systems TechnologyAshok Kumar.k
 

Recommended

Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...
Achieving Software Safety, Security, and Reliability Part 1: Common Industry ...Perforce
 
Automotive safety, automotive systems standard, automotive safety management ...
Automotive safety, automotive systems standard, automotive safety management ...Automotive safety, automotive systems standard, automotive safety management ...
Automotive safety, automotive systems standard, automotive safety management ...Bryan Len
 
Software defined vehicles,automotive standards (safety, security), agile cont...
Software defined vehicles,automotive standards (safety, security), agile cont...Software defined vehicles,automotive standards (safety, security), agile cont...
Software defined vehicles,automotive standards (safety, security), agile cont...Dr. Anish Cheriyan (PhD)
 
Five ways to protect your software supply chain from hacks, quacks, and wrecks
Five ways to protect your software supply chain from hacks, quacks, and wrecksFive ways to protect your software supply chain from hacks, quacks, and wrecks
Five ways to protect your software supply chain from hacks, quacks, and wrecksRogue Wave Software
 
Webinar misra and security
Webinar misra and securityWebinar misra and security
Webinar misra and securityPerforce
 
20100121 04 - Présentation du CISQ par cast software
20100121 04 - Présentation du CISQ par cast software20100121 04 - Présentation du CISQ par cast software
20100121 04 - Présentation du CISQ par cast softwareLeClubQualiteLogicielle
 
Importance of APIs and their Management in Digitalisation Initiatives
Importance of APIs and their Management in Digitalisation InitiativesImportance of APIs and their Management in Digitalisation Initiatives
Importance of APIs and their Management in Digitalisation InitiativesSEEBURGER
 
Embedded systems Technology
Embedded systems TechnologyEmbedded systems Technology
Embedded systems TechnologyAshok Kumar.k
 
Cybersecurity Application Installation with no Shutdown Required webinar Slides
Cybersecurity Application Installation with no Shutdown Required webinar SlidesCybersecurity Application Installation with no Shutdown Required webinar Slides
Cybersecurity Application Installation with no Shutdown Required webinar SlidesYokogawa1
 
Prepare Your DevOps Culture to Withstand the Digital Experience Onslaught
Prepare Your DevOps Culture to Withstand the Digital Experience OnslaughtPrepare Your DevOps Culture to Withstand the Digital Experience Onslaught
Prepare Your DevOps Culture to Withstand the Digital Experience OnslaughtDevOps.com
 
ISO26262 Conference 2019
ISO26262 Conference 2019ISO26262 Conference 2019
ISO26262 Conference 2019Torben Haagh
 
Securing your IoT Thing
Securing your IoT ThingSecuring your IoT Thing
Securing your IoT ThingDuncan Purves
 
Desktop Software Asset Management – Today and Tomorrow
Desktop Software Asset Management – Today and TomorrowDesktop Software Asset Management – Today and Tomorrow
Desktop Software Asset Management – Today and TomorrowFlexera
 
Security Considerations on Hybrid Cloud
Security Considerations on Hybrid CloudSecurity Considerations on Hybrid Cloud
Security Considerations on Hybrid Clouddavsor1
 
The Future of PLC Programming by WonderLogix
The Future of PLC Programming by WonderLogixThe Future of PLC Programming by WonderLogix
The Future of PLC Programming by WonderLogixsalesbuddy
 
FossilShale Corporate Overview
FossilShale Corporate OverviewFossilShale Corporate Overview
FossilShale Corporate OverviewMariappan Amirthalingam (Mars)
 
F-Secure Corporation
F-Secure CorporationF-Secure Corporation
F-Secure CorporationPratima Potturu
 
Verivo and Forrester Mobile Strategies
Verivo and Forrester Mobile StrategiesVerivo and Forrester Mobile Strategies
Verivo and Forrester Mobile StrategiesVerivoSoftware
 
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation Ivanti
 
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...AppDynamics
 
Android App Security Solution
Android App Security SolutionAndroid App Security Solution
Android App Security SolutionJay Li
 
FCI-company profile
FCI-company profileFCI-company profile
FCI-company profileAmit Sardar
 
Webinar- How Software License Optimization Empowers IT Procurement
Webinar- How Software License Optimization Empowers IT ProcurementWebinar- How Software License Optimization Empowers IT Procurement
Webinar- How Software License Optimization Empowers IT ProcurementFlexera
 
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...mfrancis
 
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...Allied Market Research
 
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage StrategyHow to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage StrategyPerfecto by Perforce
 
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...IBM Security
 
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CTDeliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CTPerfecto by Perforce
 
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...Perforce
 
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected VehiclesWebinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected VehiclesHARMAN Connected Services
 

More Related Content

What's hot

Cybersecurity Application Installation with no Shutdown Required webinar Slides
Cybersecurity Application Installation with no Shutdown Required webinar SlidesCybersecurity Application Installation with no Shutdown Required webinar Slides
Cybersecurity Application Installation with no Shutdown Required webinar SlidesYokogawa1
 
Prepare Your DevOps Culture to Withstand the Digital Experience Onslaught
Prepare Your DevOps Culture to Withstand the Digital Experience OnslaughtPrepare Your DevOps Culture to Withstand the Digital Experience Onslaught
Prepare Your DevOps Culture to Withstand the Digital Experience OnslaughtDevOps.com
 
ISO26262 Conference 2019
ISO26262 Conference 2019ISO26262 Conference 2019
ISO26262 Conference 2019Torben Haagh
 
Securing your IoT Thing
Securing your IoT ThingSecuring your IoT Thing
Securing your IoT ThingDuncan Purves
 
Desktop Software Asset Management – Today and Tomorrow
Desktop Software Asset Management – Today and TomorrowDesktop Software Asset Management – Today and Tomorrow
Desktop Software Asset Management – Today and TomorrowFlexera
 
Security Considerations on Hybrid Cloud
Security Considerations on Hybrid CloudSecurity Considerations on Hybrid Cloud
Security Considerations on Hybrid Clouddavsor1
 
The Future of PLC Programming by WonderLogix
The Future of PLC Programming by WonderLogixThe Future of PLC Programming by WonderLogix
The Future of PLC Programming by WonderLogixsalesbuddy
 
Verivo and Forrester Mobile Strategies
Verivo and Forrester Mobile StrategiesVerivo and Forrester Mobile Strategies
Verivo and Forrester Mobile StrategiesVerivoSoftware
 
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation Ivanti
 
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...AppDynamics
 
Android App Security Solution
Android App Security SolutionAndroid App Security Solution
Android App Security SolutionJay Li
 
FCI-company profile
FCI-company profileFCI-company profile
FCI-company profileAmit Sardar
 
Webinar- How Software License Optimization Empowers IT Procurement
Webinar- How Software License Optimization Empowers IT ProcurementWebinar- How Software License Optimization Empowers IT Procurement
Webinar- How Software License Optimization Empowers IT ProcurementFlexera
 
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...mfrancis
 
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...Allied Market Research
 
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage StrategyHow to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage StrategyPerfecto by Perforce
 
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...IBM Security
 
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CTDeliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CTPerfecto by Perforce
 

What's hot (20)

Cybersecurity Application Installation with no Shutdown Required webinar Slides
Cybersecurity Application Installation with no Shutdown Required webinar SlidesCybersecurity Application Installation with no Shutdown Required webinar Slides
Cybersecurity Application Installation with no Shutdown Required webinar Slides
 
Prepare Your DevOps Culture to Withstand the Digital Experience Onslaught
Prepare Your DevOps Culture to Withstand the Digital Experience OnslaughtPrepare Your DevOps Culture to Withstand the Digital Experience Onslaught
Prepare Your DevOps Culture to Withstand the Digital Experience Onslaught
 
ISO26262 Conference 2019
ISO26262 Conference 2019ISO26262 Conference 2019
ISO26262 Conference 2019
 
Securing your IoT Thing
Securing your IoT ThingSecuring your IoT Thing
Securing your IoT Thing
 
Desktop Software Asset Management – Today and Tomorrow
Desktop Software Asset Management – Today and TomorrowDesktop Software Asset Management – Today and Tomorrow
Desktop Software Asset Management – Today and Tomorrow
 
Security Considerations on Hybrid Cloud
Security Considerations on Hybrid CloudSecurity Considerations on Hybrid Cloud
Security Considerations on Hybrid Cloud
 
The Future of PLC Programming by WonderLogix
The Future of PLC Programming by WonderLogixThe Future of PLC Programming by WonderLogix
The Future of PLC Programming by WonderLogix
 
FossilShale Corporate Overview
FossilShale Corporate OverviewFossilShale Corporate Overview
FossilShale Corporate Overview
 
F-Secure Corporation
F-Secure CorporationF-Secure Corporation
F-Secure Corporation
 
Verivo and Forrester Mobile Strategies
Verivo and Forrester Mobile StrategiesVerivo and Forrester Mobile Strategies
Verivo and Forrester Mobile Strategies
 
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
How to Cut Through the “Fog of More” to Achieve a Solid Security Foundation
 
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
Unlock The Power Of Real-Time Performance Data With Business iQ - AppD Global...
 
Android App Security Solution
Android App Security SolutionAndroid App Security Solution
Android App Security Solution
 
FCI-company profile
FCI-company profileFCI-company profile
FCI-company profile
 
Webinar- How Software License Optimization Empowers IT Procurement
Webinar- How Software License Optimization Empowers IT ProcurementWebinar- How Software License Optimization Empowers IT Procurement
Webinar- How Software License Optimization Empowers IT Procurement
 
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
OSGi Technology as it relates to Java, Smartcards, and the Automotive Industr...
 
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...
Ip video surveillance and v saa s market expected to reach $57.3 billion by 2...
 
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage StrategyHow to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
How to Eliminate Escaped Defects With a Proven Test Automation Coverage Strategy
 
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
5 Key Ways to Incorporate Security Protection into your Organization’s Mobile...
 
Deliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CTDeliver Flawless Mobile Apps Faster with CI/CD & CT
Deliver Flawless Mobile Apps Faster with CI/CD & CT
 

Similar to Achieving Software Safety, Security, and Reliability Part 2

Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...Perforce
 
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected VehiclesWebinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected VehiclesHARMAN Connected Services
 
IBM elm alm overview-software engineerin-lifecycle-management
IBM elm alm overview-software engineerin-lifecycle-managementIBM elm alm overview-software engineerin-lifecycle-management
IBM elm alm overview-software engineerin-lifecycle-managementImran Hashmi
 
QRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTXQRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTXNatashaVerma29
 
Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...
Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...
Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...BIS Research Inc.
 
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...apidays
 
Strategy Analytics - Automotive Cyber Security - Oct 2020.pptx
Strategy Analytics - Automotive Cyber Security - Oct 2020.pptxStrategy Analytics - Automotive Cyber Security - Oct 2020.pptx
Strategy Analytics - Automotive Cyber Security - Oct 2020.pptxNiteshKumar958846
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineDevOps.com
 
Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Denim Group
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM
 
Network Security for Automotive Embedded Systems
Network Security for Automotive Embedded SystemsNetwork Security for Automotive Embedded Systems
Network Security for Automotive Embedded SystemsTonex
 
Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareParasoft
 
Revealed: The State of Automotive Software Development in 2019
Revealed: The State of Automotive Software Development in 2019Revealed: The State of Automotive Software Development in 2019
Revealed: The State of Automotive Software Development in 2019Perforce
 
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!JessiRyan1
 
Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Denim Group
 
Info sec for startups
Info sec for startupsInfo sec for startups
Info sec for startupsKesava Reddy
 
Embedded software validation best practices with NI and RQM
Embedded software validation best practices with NI and RQMEmbedded software validation best practices with NI and RQM
Embedded software validation best practices with NI and RQMPaul Urban
 

Similar to Achieving Software Safety, Security, and Reliability Part 2 (20)

Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
Achieving Software Safety, Security, and Reliability Part 3: What Does the Fu...
 
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected VehiclesWebinar - Automotive SOC - Security Data Analytics for Connected Vehicles
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
 
Webinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or RealityWebinar–AppSec: Hype or Reality
Webinar–AppSec: Hype or Reality
 
IBM elm alm overview-software engineerin-lifecycle-management
IBM elm alm overview-software engineerin-lifecycle-managementIBM elm alm overview-software engineerin-lifecycle-management
IBM elm alm overview-software engineerin-lifecycle-management
 
QRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTXQRadar_on_Cloud_client_presentation.PPTX
QRadar_on_Cloud_client_presentation.PPTX
 
Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...
Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...
Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...
 
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
 
Strategy Analytics - Automotive Cyber Security - Oct 2020.pptx
Strategy Analytics - Automotive Cyber Security - Oct 2020.pptxStrategy Analytics - Automotive Cyber Security - Oct 2020.pptx
Strategy Analytics - Automotive Cyber Security - Oct 2020.pptx
 
Bridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD PipelineBridging the Security Testing Gap in Your CI/CD Pipeline
Bridging the Security Testing Gap in Your CI/CD Pipeline
 
Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 
Automotive Cybersecurity: The Gap Still Exists
Automotive Cybersecurity: The Gap Still ExistsAutomotive Cybersecurity: The Gap Still Exists
Automotive Cybersecurity: The Gap Still Exists
 
Network Security for Automotive Embedded Systems
Network Security for Automotive Embedded SystemsNetwork Security for Automotive Embedded Systems
Network Security for Automotive Embedded Systems
 
Driving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive SoftwareDriving Risks Out of Embedded Automotive Software
Driving Risks Out of Embedded Automotive Software
 
Revealed: The State of Automotive Software Development in 2019
Revealed: The State of Automotive Software Development in 2019Revealed: The State of Automotive Software Development in 2019
Revealed: The State of Automotive Software Development in 2019
 
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
Learn Why your Technology Toolkit needs a Low Code Platform Upgrade!
 
Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...Enabling Developers in Your Application Security Program With Coverity and Th...
Enabling Developers in Your Application Security Program With Coverity and Th...
 
Info sec for startups
Info sec for startupsInfo sec for startups
Info sec for startups
 
Embedded software validation best practices with NI and RQM
Embedded software validation best practices with NI and RQMEmbedded software validation best practices with NI and RQM
Embedded software validation best practices with NI and RQM
 
Value Journal - October 2020
Value Journal - October 2020Value Journal - October 2020
Value Journal - October 2020
 

More from Perforce

How to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning NeedsHow to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning NeedsPerforce
 
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...Perforce
 
Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...Perforce
 
Understanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPsUnderstanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPsPerforce
 
Branching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development ProcessBranching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development ProcessPerforce
 
How to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOpsHow to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOpsPerforce
 
How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog Perforce
 
Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team Perforce
 
Shift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New WorkflowShift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New WorkflowPerforce
 
Hybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated WorldHybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated WorldPerforce
 
Better, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the EnterpriseBetter, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the EnterprisePerforce
 
Easier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALMEasier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALMPerforce
 
How To Master Your Mega Backlog
How To Master Your Mega Backlog How To Master Your Mega Backlog
How To Master Your Mega Backlog Perforce
 
How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure Perforce
 
Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?Perforce
 
What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4Perforce
 
Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison Perforce
 
5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis 5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis Perforce
 
Code Quality Management Best Practices
Code Quality Management Best Practices Code Quality Management Best Practices
Code Quality Management Best Practices Perforce
 
Scale Kanban Beyond Team Level
Scale Kanban Beyond Team Level Scale Kanban Beyond Team Level
Scale Kanban Beyond Team Level Perforce
 

More from Perforce (20)

How to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning NeedsHow to Organize Game Developers With Different Planning Needs
How to Organize Game Developers With Different Planning Needs
 
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
Regulatory Traceability: How to Maintain Compliance, Quality, and Cost Effic...
 
Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...Efficient Security Development and Testing Using Dynamic and Static Code Anal...
Efficient Security Development and Testing Using Dynamic and Static Code Anal...
 
Understanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPsUnderstanding Compliant Workflow Enforcement SOPs
Understanding Compliant Workflow Enforcement SOPs
 
Branching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development ProcessBranching Out: How To Automate Your Development Process
Branching Out: How To Automate Your Development Process
 
How to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOpsHow to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOps
 
How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog How to Spark Joy In Your Product Backlog
How to Spark Joy In Your Product Backlog
 
Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team Going Remote: Build Up Your Game Dev Team
Going Remote: Build Up Your Game Dev Team
 
Shift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New WorkflowShift to Remote: How to Manage Your New Workflow
Shift to Remote: How to Manage Your New Workflow
 
Hybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated WorldHybrid Development Methodology in a Regulated World
Hybrid Development Methodology in a Regulated World
 
Better, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the EnterpriseBetter, Faster, Easier: How to Make Git Really Work in the Enterprise
Better, Faster, Easier: How to Make Git Really Work in the Enterprise
 
Easier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALMEasier Requirements Management Using Diagrams In Helix ALM
Easier Requirements Management Using Diagrams In Helix ALM
 
How To Master Your Mega Backlog
How To Master Your Mega Backlog How To Master Your Mega Backlog
How To Master Your Mega Backlog
 
How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure How to Scale With Helix Core and Microsoft Azure
How to Scale With Helix Core and Microsoft Azure
 
Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?Should You Break Up With Your Monolith?
Should You Break Up With Your Monolith?
 
What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4What's New in Helix ALM 2019.4
What's New in Helix ALM 2019.4
 
Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison Free Yourself From the MS Office Prison
Free Yourself From the MS Office Prison
 
5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis 5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis
 
Code Quality Management Best Practices
Code Quality Management Best Practices Code Quality Management Best Practices
Code Quality Management Best Practices
 
Scale Kanban Beyond Team Level
Scale Kanban Beyond Team Level Scale Kanban Beyond Team Level
Scale Kanban Beyond Team Level
 

Recently uploaded

GraphSummit Milan - Visione e roadmap del prodotto Neo4j
GraphSummit Milan - Visione e roadmap del prodotto Neo4jGraphSummit Milan - Visione e roadmap del prodotto Neo4j
GraphSummit Milan - Visione e roadmap del prodotto Neo4jNeo4j
 
Lessons Learned from Building a Serverless Notifications System.pdf
Lessons Learned from Building a Serverless Notifications System.pdfLessons Learned from Building a Serverless Notifications System.pdf
Lessons Learned from Building a Serverless Notifications System.pdfSrushith Repakula
 
CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...
CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...
CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...Neo4j
 
Effective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeConEffective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeConNatan Silnitsky
 
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAOpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAShane Coughlan
 
Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024
Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024
Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024SimonedeGijt
 
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...drm1699
 
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...Abortion Clinic
 
The mythical technical debt. (Brooke, please, forgive me)
The mythical technical debt. (Brooke, please, forgive me)The mythical technical debt. (Brooke, please, forgive me)
The mythical technical debt. (Brooke, please, forgive me)Roberto Bettazzoni
 
A Deep Dive into Secure Product Development Frameworks.pdf
A Deep Dive into Secure Product Development Frameworks.pdfA Deep Dive into Secure Product Development Frameworks.pdf
A Deep Dive into Secure Product Development Frameworks.pdfICS
 
[GRCPP] Introduction to concepts (C++20)
[GRCPP] Introduction to concepts (C++20)[GRCPP] Introduction to concepts (C++20)
[GRCPP] Introduction to concepts (C++20)Dimitrios Platis
 
Community is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea GouletCommunity is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea GouletAndrea Goulet
 
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-CloudAlluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-CloudAlluxio, Inc.
 
Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024Henry Schreiner
 
Novo Nordisk: When Knowledge Graphs meet LLMs
Novo Nordisk: When Knowledge Graphs meet LLMsNovo Nordisk: When Knowledge Graphs meet LLMs
Novo Nordisk: When Knowledge Graphs meet LLMsNeo4j
 

Recently uploaded (20)

Abortion Pill Prices Jane Furse ](+27832195400*)[🏥Women's Abortion Clinic in ...
Abortion Pill Prices Jane Furse ](+27832195400*)[🏥Women's Abortion Clinic in ...Abortion Pill Prices Jane Furse ](+27832195400*)[🏥Women's Abortion Clinic in ...
Abortion Pill Prices Jane Furse ](+27832195400*)[🏥Women's Abortion Clinic in ...
 
GraphSummit Milan - Visione e roadmap del prodotto Neo4j
GraphSummit Milan - Visione e roadmap del prodotto Neo4jGraphSummit Milan - Visione e roadmap del prodotto Neo4j
GraphSummit Milan - Visione e roadmap del prodotto Neo4j
 
Lessons Learned from Building a Serverless Notifications System.pdf
Lessons Learned from Building a Serverless Notifications System.pdfLessons Learned from Building a Serverless Notifications System.pdf
Lessons Learned from Building a Serverless Notifications System.pdf
 
CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...
CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...
CERVED e Neo4j su una nuvola, migrazione ed evoluzione di un grafo mission cr...
 
Effective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeConEffective Strategies for Wix's Scaling challenges - GeeCon
Effective Strategies for Wix's Scaling challenges - GeeCon
 
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAOpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
 
Abortion Pill Prices Rustenburg [(+27832195400*)] 🏥 Women's Abortion Clinic i...
Abortion Pill Prices Rustenburg [(+27832195400*)] 🏥 Women's Abortion Clinic i...Abortion Pill Prices Rustenburg [(+27832195400*)] 🏥 Women's Abortion Clinic i...
Abortion Pill Prices Rustenburg [(+27832195400*)] 🏥 Women's Abortion Clinic i...
 
Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024
Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024
Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024
 
Abortion Pill Prices Aliwal North ](+27832195400*)[ 🏥 Women's Abortion Clinic...
Abortion Pill Prices Aliwal North ](+27832195400*)[ 🏥 Women's Abortion Clinic...Abortion Pill Prices Aliwal North ](+27832195400*)[ 🏥 Women's Abortion Clinic...
Abortion Pill Prices Aliwal North ](+27832195400*)[ 🏥 Women's Abortion Clinic...
 
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
Abortion Pills For Sale WhatsApp[[+27737758557]] In Birch Acres, Abortion Pil...
 
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
 
Abortion Clinic In Stanger ](+27832195400*)[ 🏥 Safe Abortion Pills In Stanger...
Abortion Clinic In Stanger ](+27832195400*)[ 🏥 Safe Abortion Pills In Stanger...Abortion Clinic In Stanger ](+27832195400*)[ 🏥 Safe Abortion Pills In Stanger...
Abortion Clinic In Stanger ](+27832195400*)[ 🏥 Safe Abortion Pills In Stanger...
 
The mythical technical debt. (Brooke, please, forgive me)
The mythical technical debt. (Brooke, please, forgive me)The mythical technical debt. (Brooke, please, forgive me)
The mythical technical debt. (Brooke, please, forgive me)
 
A Deep Dive into Secure Product Development Frameworks.pdf
A Deep Dive into Secure Product Development Frameworks.pdfA Deep Dive into Secure Product Development Frameworks.pdf
A Deep Dive into Secure Product Development Frameworks.pdf
 
Abortion Clinic in Bloemfontein [(+27832195400*)]🏥Safe Abortion Pills In Bloe...
Abortion Clinic in Bloemfontein [(+27832195400*)]🏥Safe Abortion Pills In Bloe...Abortion Clinic in Bloemfontein [(+27832195400*)]🏥Safe Abortion Pills In Bloe...
Abortion Clinic in Bloemfontein [(+27832195400*)]🏥Safe Abortion Pills In Bloe...
 
[GRCPP] Introduction to concepts (C++20)
[GRCPP] Introduction to concepts (C++20)[GRCPP] Introduction to concepts (C++20)
[GRCPP] Introduction to concepts (C++20)
 
Community is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea GouletCommunity is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea Goulet
 
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-CloudAlluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
 
Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024
 
Novo Nordisk: When Knowledge Graphs meet LLMs
Novo Nordisk: When Knowledge Graphs meet LLMsNovo Nordisk: When Knowledge Graphs meet LLMs
Novo Nordisk: When Knowledge Graphs meet LLMs
 

Achieving Software Safety, Security, and Reliability Part 2

  • 1. © 2019 Perforce Software, Inc. Achieving Software Safety, Security, and Reliability PART 2: APPLYING LESSONS FROM THE AUTOMOTIVE INDUSTRY
  • 2. perforce.com2 | © 2019 Perforce Software, Inc. Presenter Richard Bellairs Product Marketing Manager Richard has 20+ years of experience across a wide range of industries. He held electronics and software engineering positions in the manufacturing, defense, and test and measurement industries in the nineties and early noughties before moving to product management and product marketing. He now champions Perforce’s market-leading code quality management solution.
  • 3. perforce.com3 | © 2019 Perforce Software, Inc. Achieving Software Safety, Security, and Reliability Common Industry Challenges 1 Applying Lessons From the Automotive Industry 2 What Does the Future Hold? 3
  • 4. perforce.com4 | © 2019 Perforce Software, Inc. Here’s What We’ll Cover Today (Lessons from the Automotive Industry) 1 2 3 Automotive Tech Trends Automotive Standards Lessons for Other Sectors
  • 5. perforce.com5 | © 2019 Perforce Software, Inc. Electrification Autonomous Driving Connectivity Automotive Tech Trends The Automotive World is Increasingly Software-centred
  • 6. perforce.com6 | © 2019 Perforce Software, Inc. https://www.embitel.com/blog/embedded-blog/automotive-control-units-development-innovations-mechanical-to-electronics Event Data Recorder Voice/Data Communications Electric Power Steering Blindspot Detection Electronic Stability Control Entertainment System Digital Turn Signals Head-up Display of innovations driven by electronics and software. of vehicle development costs.40%90% Navigation System
  • 7. perforce.com7 | © 2019 Perforce Software, Inc. Vehicle Attack Surface Source: PenTestPartners LLP USB, CD, and SD Cards (firmware updates) MITM attack Attack from Mobile device apps OTA Malware delivered through encoded music RF: Cellular, WiFi, Bluetooth, FM, DAB Telematics Remote keyless entry Malicious firmware updates Tyre Pressure Monitoring System Attack on vehicle BUS Direct to CAN – physical access to CAN wiring externally Open source software vulnerabilities Attack on certificate & key stores Sniffing of user data through screens and keypads, transmitted to outside world Attack from downloaded apps
  • 8. perforce.com8 | © 2019 Perforce Software, Inc. https://emarketing.alixpartners.com/rs/emsimages/2018/pubs/EI/AP_Auto_Industry_Recall_Problem_Jan_2018.pdf SINCE 2013, ELECTRONICS RELATED RECALLS HAVE GROWN SIX TIMES FASTER THAN IN PRIOR YEARS
  • 9. perforce.com9 | © 2019 Perforce Software, Inc. Automotive Software Standards Process Functional Safety Coding Cybersecurity Automotive SPICE ISO 26262 MISRA, AUTOSAR SAE J3061 ISO/SAE 21434
  • 10. perforce.com10 | © 2019 Perforce Software, Inc. Software Development Standards: Common Themes Traceability Configuration Management Coding standards Testing Requirements Management Hazard analysis Security analysis Documentation
  • 11. perforce.com11 | © 2019 Perforce Software, Inc. Sources of Defects REQUIREMENTS ARCHITECTURE DESIGN SOURCE CODE TEST MATERIALS DOCUMENTS DATABASE WEBSITES
  • 12. perforce.com12 | © 2019 Perforce Software, Inc. Coding standards help to ensure that software is: • Safe: It can be used without causing harm. • Secure: It can’t be hacked. • Reliable: It functions as it should — every time. • Testable: It can be tested at the code level. • Maintainable: It can be maintained, even as your codebase grows. • Portable: It works the same in every environment. Achieve High Code Quality by Using a Coding Standard
  • 13. perforce.com13 | © 2019 Perforce Software, Inc. Consistent code quality — no matter who writes the code. Software security from the start. Reduced development costs Accelerated time to market. Compliance with industry standards (e.g., ISO). Why Use a Coding Standard? 1 2 3 4 5
  • 14. perforce.com14 | © 2019 Perforce Software, Inc. Achieve High Code Quality by Deploying Static Analysis
  • 15. perforce.com15 | © 2019 Perforce Software, Inc. Types of Statically Detectable Code Defects Defect Type Example Static Memory Static buffer overrun Dynamic Memory Dynamic buffer overrun Stack-related Stack overflow Numerical Division by zero Resource Management Invalid access already freed memory Pointer-related Dereferencing a NULL pointer Concurrency Deadlock Inappropriate code Redundant code Other Uninitialized variables
  • 16. Electric Sports Car Innovator, Reported Benefits of Helix QAC: • MISRA C Compliance: • Implicitly required by ISO 26262 • Fewer unintentional (human) errors: • No NULL pointer dereferences • No indexing overflows • Etc. • Trained engineers: • Writing (almost) MIRA compliant code • Enforcing new code design guidelines • Improved quality of process and code: • Code will not be merged to development branch if it contains any MISRA violation
  • 17. perforce.com17 | © 2019 Perforce Software, Inc. Functional Safety Standards Image from: https://www.tuvsud.com/en/resource-centre/infographics/functional-safety-regulation-landscape
  • 18. Comparing the Medical Device Standard, ISO 62304 with the Automotive Standard, ISO 26262
  • 19. perforce.com19 | © 2019 Perforce Software, Inc.
  • 20. perforce.com20 | © 2019 Perforce Software, Inc. ISO 62304 ISO 26262 (Automotive Functional Safety) “ where applicable, unit acceptance criteria should be defined for: a) proper event sequence; b) data and control flow; c) planned resource allocation; d) fault handling (error definition, isolation, and recovery); e) initialisation of variables; f) self-diagnostics; g) memory management and memory overflows; and h) boundary conditions. “ ….but only for Class C devices! Apparently it is okay to leave out these checks for Class B devices, which can cause injury, and can certainly pose serious security risks! COM PREHENSIVE CODING REQUIREM ENTS
  • 21. perforce.com21 | © 2019 Perforce Software, Inc. Part 3: What Does the Future Hold? Next Time: