Static Application Security Testing – SAST
With the increasing integration and accessibility of embedded systems, safety alone is no longer sufficient for safety; in addition, there is the demand for security. In contrast to safety, the focus here is not on the risk of the coincidence of events or deviations from the intended function, but on the defence against active attacks on the embedded system. If an attacker can at least partially take control of the embedded system, the safety of the system is at stake in addition to possible economic losses.
If a system is accessible via the Internet, there can be no safety without security. Axivion Suite supports you in achieving your safety goals as well as your security goals with vulnerability scans.
Axivion Suite supports Static Application Security Testing (SAST) with coding guidelines for CERT C and CERT C++, for C Secure Coding as well as for CWE.
With the architecture analysis, you can monitor compliance with your software architecture. Security aspects can additionally be modelled in security architectures. The architecture analysis of Axivion Suite also ensures compliance with the security architecture and it warns of violations.
Axivion Suite is available both on the developer’s workstation and in the CI / DevOps pipeline on the build server or in the cloud.
This makes Axivion Suite part of your CI/CD strategy and quality assurance.