ITHACA, NY – GrammaTech, Inc., a leading maker of tools that improve and accelerate embedded software development, today announced the company achieved a 60 percent increase in annual sales for its fiscal year, which closed on July 31. The increase in sales is due to the expanding commercial success of CodeSonar, the company’s flagship software analysis tool for C/C++, Java, and binaries. GrammaTech’s rapidly expanding success has been driven by new capabilities in CodeSonar for achieving standards compliance, eliminating challenging multi-core issues, analyzing third-party code, and improving software security by addressing dangerous information flows.
“We were impressed by CodeSonar’s accuracy and quality of defect identification compared to the competition,” Achilleas Tsoukalis, Director of R&D for Micrel Medical Devices explained. “It performed extremely well in the tests and delivered the deepest analysis of our test code base. CodeSonar is now part of our software development process because it is a key tool for helping us deliver the most reliable code.”
Designed for failure-intolerant embedded environments, CodeSonar analyzes both source code and binaries, to identify serious security and quality liabilities that cause system crashes, memory corruption, leaks, data races, and other unexpected vulnerabilities. A number of advances in CodeSonar have fueled GrammaTech’s growth, including:
- Embedded Security Visualization – CodeSonar’s new visual taint analysis tracks potentially hazardous data flows in applications that are too complicated for developers to trace manually. Unlike other tools that provide simple warnings for tainted values, CodeSonar’s proprietary visualization engine presents vulnerabilities to developers in a more actionable interface.
- Analysis of third-party code – Binary analysis is now integrated into CodeSonar, which empowers developers to analyze externally produced software without access to its source code. This eliminates dangerous quality and security blind spots created by using open source or third-party components and libraries.
- Standards Compliance – CodeSonar now adds analysis for MISRA C 2012 to its existing standards-compliance capabilities. Further, CodeSonar was certified for use in developing safety-critical software for the ISO 26262, EN 50128, and IEC 61508 standards.
- Multi-Core Development – CodeSonar delivers new Java-specific concurrency defect detection capabilities to defend against errors like race conditions, deadlocks, and livelocks.
“The cost of software defects in embedded systems is so high – static analysis tools like GrammaTech’s CodeSonar are becoming increasing critical, especially for any organization developing safety or mission-critical systems,” said Andre Girard, Senior Analyst at VDC. “We are seeing embedded developers gravitate to tools that advance the state of the art in automated software analysis and we expect more value to be placed on new capabilities like tainted data analysis and binary analysis for third party code in the future.”
“We are sincerely thankful to our customers for the strategic investment they place in CodeSonar every year,” said Tim Teitelbaum, Chairman and CEO of GrammaTech. “Our dramatic growth over the past fiscal year is a testament to the special relationship we have with our customers. We listen to them and use their counsel to inform our product direction so we can help them build the most secure and reliable embedded software systems in the world.”
To learn more about how CodeSonar accelerates, improves, and secures the production of embedded software, please download GrammaTech’s white paper Embedded Software Design: Best Practices for Static Analysis Tools.
About GrammaTech:
GrammaTech tools are used by software developers worldwide in embedded software industries including avionics, government, medical, military, industrial control, and other applications where reliability and security are paramount. Originally developed within Cornell University, GrammaTech is now a leading research center for software security and a commercial vendor of software-assurance tools and advanced cyber-security solutions. With both static and dynamic analysis tools that analyze source code as well as binary executables, GrammaTech continues to advance the science of superior software analysis, providing technology for developers to produce safer software.