Abstract — Ensuring reliability and quality of software has become a necessity. This is especially true for safety critical systems. To do so, different techniques have been established in industry…
Common Weakness Enumeration
The Common Weakness Enumeration (CWE) is a collection and categorisation of vulnerabilities in software and hardware. CWE focuses on security vulnerabilities and thus the area of cybersecurity and IT security. So, CWE differs fundamentally from rule sets such as MISRA or AUTOSAR, which focus more on safety aspects. Another difference between CWE and standards such as C Secure Coding (ISO/IEC TS 17961) is that CWE does not specify concrete rules to be followed when implementing a checker. Instead, CWE provides a list of vulnerabilities to avoid in your software projects.
Security Vulnerability Analysis with CWE and Axivion Suite
Axivion Suite provides you with the Common Weakness Enumeration Checker, a tool for static code analysis that allows you to check your code for many of the security issues listed in the CWE as a preventive measure.
We have focused on the typical problems that are central to automotive software security, but also in embedded software in other industries such as medical technology, household appliances and agricultural machinery.
In addition, Axivion Suite can also support you in analysing your software architecture and thus help identify security vulnerabilities caused by the architecture. Automated checks of coding guidelines such as naming conventions and metrics monitoring also help you maintain the maintainability of your software.
In addition to static code analysis, Axivion Suite also helps you to avoid future security problems and thus to avoid other problems listed in the CWE.
Together with the other rule checkers of the Axivion Suite, you get a comprehensive check of your code regarding problems relevant for maintenance, safety, and security. This allows you to counter their effects directly during development at an early stage.
Structured analysis process for existing projects
Axivion’s unique delta mechanism helps you focus on your daily work of producing secure code. In reviews, delta analysis makes it easy to identify deviations from the rules created by sprints, releases, feature branches, etc.
Workplace and DevOps/CI integration
Axivion’s CWE Checker results integrate with IDEs and CI environments, allowing easy integration into your processes from local checks to full-blown automated checks in your CI environment with the same configuration and results.
Focus through severity grading and reporting
Severity classification of rules and rule groups allows you to prioritise your work. By means of justifications, deviations from the rules in the work process can be dealt with in a structured and systematic way in order to develop in conformity with standards. Generate reports about the check of your code for the weak points in the CWE.
Request a free demo to try out this feature for yourself.