TBsecure®

TBsecure complete with CERT C Secure Coding programming checker

TBsecure Overview

TBsecure enables developers to easily see how the source code performs against security vulnerabilities, fault-detection and adherence to the required quality standards.

As its primary role, TBsecure applies the CERT C secure coding rules and relays findings to TBvision, which graphically shows code quality, fault detection and avoidance measures through call graphs, flow graphs and code review reports.

Using the TBsecure plug-in, managers, team workers and individual developers are able to collectively monitor the implementation of security metrics in their applications in an easy-to-read, intuitive format.

TBsecure Programming Rules

Through TBsecure, the LDRA tool suite has been extended to support a wide range of programming rules that enable increased application security using the following classification of security issues:

• Dynamic Memory Allocation (A) concerns: Dynamic memory management is a common source of programming flaws that can lead to security issues such as heap-buffer overflows, dangling pointers, and double-free issues. In particular, memory management encompasses allocating memory, reading and writing to memory, and deallocating memory.
• Vulnerabilities (V): These rules are intended to eliminate insecure coding practices aside from those associated with dynamic memory. Examples of insecure coding practices include array indices out of range and dereferencing a null pointer.

LDRA's provision of TBsecure and the CERT C secure coding programming checker extends its leadership in programming standards enforcement.

LDRA's Programming Standards Track Record

Through advanced code analysis capabilities, the LDRA tool suite provides compliance checking for the MISRA-C:1998, MISRA-C:2004, & MISRA C+:2008 guidelines. In addition, LDRA has worked with Lockheed Martin in developing the JSF++ AV standard, and is able to enforce Meyers Effective C++ and Effective STL coding guidelines amongst others.

TBsecure Summary

TBsecure delivers tangible benefits that assist in assessing the quality of the code produced and deliver immediate return on investment.

The LDRA tool suite can be configured for compiler dependent features for host or target testing.

Obtaining Further Information

For further information on TBsecure complete the LDRA reply form or email  This e-mail address is being protected from spambots. You need JavaScript enabled to view it .

* MISRA is a registered trademark of MIRA Ltd, on behalf of the MISRA Consortium. No endorsement by MISRA is claimed or implied for any product.