�ݺ�ߣshows by User: ChantalWauters

�ݺ�ߣshows by User: ChantalWauters / http://www.slideshare.net/images/logo.gif �ݺ�ߣshows by User: ChantalWauters / Tue, 12 Mar 2019 09:57:53 GMT �ݺ�ߣShare feed for �ݺ�ߣshows by User: ChantalWauters Accelerating MISRA and CERT coding standards compliance with dedicated reporting and workflow management /slideshow/accelerating-misra-and-cert-coding-standards-compliance-with-dedicated-reporting-and-workflow-management/135837784 acceleratingcompliancefinalversion-190312095753
Static analysis is standard practice these days. No one questions the value of having the code base compliant with safety-oriented standards like MISRA, AUTOSAR or security standards like CERT or UL2900. Majority of the organizations developing functional safety-oriented products have this practice established and well grounded. Despite the fact that static analysis tools are relatively simple to implement, organizations very often settle on suboptimal processes for achieving compliance. Frequently, violations are being removed in firefighting mode just before the release, and teams rarely analyze how to do it efficiently and get the most value out of invested time. Especially problematic is cleaning legacy code bases or open source libraries which were created without compliance in mind. Where to start? which violations shall be removed first? What is the estimated cost? Do we have enough resources? These are all very important questions, that can help in improving efficiency of the compliance process. In addition, organizations struggle with defining the outputs of the compliance process, how do I demonstrate my compliance? What kind of documents shall I prepare? During this session, we would like to demonstrate Parasoft static analysis solution with dedicated compliance reporting and workflow management which streamlines the process of achieving compliance and automatically generates all required documentation. ]]>
Static analysis is standard practice these days. No one questions the value of having the code base compliant with safety-oriented standards like MISRA, AUTOSAR or security standards like CERT or UL2900. Majority of the organizations developing functional safety-oriented products have this practice established and well grounded. Despite the fact that static analysis tools are relatively simple to implement, organizations very often settle on suboptimal processes for achieving compliance. Frequently, violations are being removed in firefighting mode just before the release, and teams rarely analyze how to do it efficiently and get the most value out of invested time. Especially problematic is cleaning legacy code bases or open source libraries which were created without compliance in mind. Where to start? which violations shall be removed first? What is the estimated cost? Do we have enough resources? These are all very important questions, that can help in improving efficiency of the compliance process. In addition, organizations struggle with defining the outputs of the compliance process, how do I demonstrate my compliance? What kind of documents shall I prepare? During this session, we would like to demonstrate Parasoft static analysis solution with dedicated compliance reporting and workflow management which streamlines the process of achieving compliance and automatically generates all required documentation. ]]> Tue, 12 Mar 2019 09:57:53 GMT /slideshow/accelerating-misra-and-cert-coding-standards-compliance-with-dedicated-reporting-and-workflow-management/135837784 ChantalWauters@slideshare.net(ChantalWauters) Accelerating MISRA and CERT coding standards compliance with dedicated reporting and workflow management ChantalWauters Static analysis is standard practice these days. No one questions the value of having the code base compliant with safety-oriented standards like MISRA, AUTOSAR or security standards like CERT or UL2900. Majority of the organizations developing functional safety-oriented products have this practice established and well grounded. Despite the fact that static analysis tools are relatively simple to implement, organizations very often settle on suboptimal processes for achieving compliance. Frequently, violations are being removed in firefighting mode just before the release, and teams rarely analyze how to do it efficiently and get the most value out of invested time. Especially problematic is cleaning legacy code bases or open source libraries which were created without compliance in mind. Where to start? which violations shall be removed first? What is the estimated cost? Do we have enough resources? These are all very important questions, that can help in improving efficiency of the compliance process. In addition, organizations struggle with defining the outputs of the compliance process, how do I demonstrate my compliance? What kind of documents shall I prepare? During this session, we would like to demonstrate Parasoft static analysis solution with dedicated compliance reporting and workflow management which streamlines the process of achieving compliance and automatically generates all required documentation. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/acceleratingcompliancefinalversion-190312095753-thumbnail.jpg?width=120&height=120&fit=bounds" /> Static analysis is standard practice these days. No one questions the value of having the code base compliant with safety-oriented standards like MISRA, AUTOSAR or security standards like CERT or UL2900. Majority of the organizations developing functional safety-oriented products have this practice established and well grounded. Despite the fact that static analysis tools are relatively simple to implement, organizations very often settle on suboptimal processes for achieving compliance. Frequently, violations are being removed in firefighting mode just before the release, and teams rarely analyze how to do it efficiently and get the most value out of invested time. Especially problematic is cleaning legacy code bases or open source libraries which were created without compliance in mind. Where to start? which violations shall be removed first? What is the estimated cost? Do we have enough resources? These are all very important questions, that can help in improving efficiency of the compliance process. In addition, organizations struggle with defining the outputs of the compliance process, how do I demonstrate my compliance? What kind of documents shall I prepare? During this session, we would like to demonstrate Parasoft static analysis solution with dedicated compliance reporting and workflow management which streamlines the process of achieving compliance and automatically generates all required documentation.

Accelerating MISRA and CERT coding standards compliance with dedicated reporting and workflow management from ChantalWauters

]]> 91 1 https://cdn.slidesharecdn.com/ss_thumbnails/acceleratingcompliancefinalversion-190312095753-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Navigating the jungle of Secure Coding Standards /slideshow/navigating-the-jungle-of-secure-coding-standards/135835928 session6-190312094653
In a world where software can be found everywhere and potential security holes can be exploited at any time to gain unprivileged access to important systems, most organizations make some efforts to ensure the software they produce is safe and secure. Usually this is done in the form of black-box testing or penetration testing, which is great, but an even better way is of course to produce software that is more secure and reliable in the first place. To do so, it is helpful to leverage industry coding standards, but there is a veritable jungle of information to tackle, including security coding standards (i.e. CERT, OWASP, CWE) and numerous domain-specific standards (i.e. MISRA, AUTOSAR, and a whole family of IEC 61508-based standards). It can be challenging to determine the set of coding standards that should be applied to a specific project, and even more challenging to do so in the middle of software development, when the already-existing software needs to suddenly be tuned to comply to such a standard. ]]>
In a world where software can be found everywhere and potential security holes can be exploited at any time to gain unprivileged access to important systems, most organizations make some efforts to ensure the software they produce is safe and secure. Usually this is done in the form of black-box testing or penetration testing, which is great, but an even better way is of course to produce software that is more secure and reliable in the first place. To do so, it is helpful to leverage industry coding standards, but there is a veritable jungle of information to tackle, including security coding standards (i.e. CERT, OWASP, CWE) and numerous domain-specific standards (i.e. MISRA, AUTOSAR, and a whole family of IEC 61508-based standards). It can be challenging to determine the set of coding standards that should be applied to a specific project, and even more challenging to do so in the middle of software development, when the already-existing software needs to suddenly be tuned to comply to such a standard. ]]> Tue, 12 Mar 2019 09:46:53 GMT /slideshow/navigating-the-jungle-of-secure-coding-standards/135835928 ChantalWauters@slideshare.net(ChantalWauters) Navigating the jungle of Secure Coding Standards ChantalWauters In a world where software can be found everywhere and potential security holes can be exploited at any time to gain unprivileged access to important systems, most organizations make some efforts to ensure the software they produce is safe and secure. Usually this is done in the form of black-box testing or penetration testing, which is great, but an even better way is of course to produce software that is more secure and reliable in the first place. To do so, it is helpful to leverage industry coding standards, but there is a veritable jungle of information to tackle, including security coding standards (i.e. CERT, OWASP, CWE) and numerous domain-specific standards (i.e. MISRA, AUTOSAR, and a whole family of IEC 61508-based standards). It can be challenging to determine the set of coding standards that should be applied to a specific project, and even more challenging to do so in the middle of software development, when the already-existing software needs to suddenly be tuned to comply to such a standard. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/session6-190312094653-thumbnail.jpg?width=120&height=120&fit=bounds" /> In a world where software can be found everywhere and potential security holes can be exploited at any time to gain unprivileged access to important systems, most organizations make some efforts to ensure the software they produce is safe and secure. Usually this is done in the form of black-box testing or penetration testing, which is great, but an even better way is of course to produce software that is more secure and reliable in the first place. To do so, it is helpful to leverage industry coding standards, but there is a veritable jungle of information to tackle, including security coding standards (i.e. CERT, OWASP, CWE) and numerous domain-specific standards (i.e. MISRA, AUTOSAR, and a whole family of IEC 61508-based standards). It can be challenging to determine the set of coding standards that should be applied to a specific project, and even more challenging to do so in the middle of software development, when the already-existing software needs to suddenly be tuned to comply to such a standard.

Navigating the jungle of Secure Coding Standards from ChantalWauters

]]> 357 2 https://cdn.slidesharecdn.com/ss_thumbnails/session6-190312094653-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Embedded world 2017 /ChantalWauters/embedded-world-2017 embeddedworld2017-170323121921
Embedded software engineering has become a much bigger and more complex domain than we could have imagined. As devices are expected to communicate with other devices and embedded subsystems, a much larger surface area has emerged for defects that threaten the safety, security, and reliability of the software. For example, the connected car not only introduces software safety and security concerns within the car as a system, interactions with environmental components, such as communicating with 'smart traffic lights' and vehicle-to-vehicle communication, potentially expose additional risk. Additionally, as car makers develop and merge functionality into 'the autopilot' mode, driver-assist technologies have become safety-critical technologies. Embedded software organizations have always taken a 'shift-left' approach to software quality, rigorously applying defect prevention techniques early in the lifecycle. The demand for IoT requires a new testing paradigm that more closely resembles the challenges that Enterprise IT have faced for decades. As enterprise IT struggles to 'shift-left', embedded systems are struggling to 'shift-right' by testing more componentized and distributed architectures.]]>
Embedded software engineering has become a much bigger and more complex domain than we could have imagined. As devices are expected to communicate with other devices and embedded subsystems, a much larger surface area has emerged for defects that threaten the safety, security, and reliability of the software. For example, the connected car not only introduces software safety and security concerns within the car as a system, interactions with environmental components, such as communicating with 'smart traffic lights' and vehicle-to-vehicle communication, potentially expose additional risk. Additionally, as car makers develop and merge functionality into 'the autopilot' mode, driver-assist technologies have become safety-critical technologies. Embedded software organizations have always taken a 'shift-left' approach to software quality, rigorously applying defect prevention techniques early in the lifecycle. The demand for IoT requires a new testing paradigm that more closely resembles the challenges that Enterprise IT have faced for decades. As enterprise IT struggles to 'shift-left', embedded systems are struggling to 'shift-right' by testing more componentized and distributed architectures.]]> Thu, 23 Mar 2017 12:19:21 GMT /ChantalWauters/embedded-world-2017 ChantalWauters@slideshare.net(ChantalWauters) Embedded world 2017 ChantalWauters Embedded software engineering has become a much bigger and more complex domain than we could have imagined. As devices are expected to communicate with other devices and embedded subsystems, a much larger surface area has emerged for defects that threaten the safety, security, and reliability of the software. For example, the connected car not only introduces software safety and security concerns within the car as a system, interactions with environmental components, such as communicating with 'smart traffic lights' and vehicle-to-vehicle communication, potentially expose additional risk. Additionally, as car makers develop and merge functionality into 'the autopilot' mode, driver-assist technologies have become safety-critical technologies. Embedded software organizations have always taken a 'shift-left' approach to software quality, rigorously applying defect prevention techniques early in the lifecycle. The demand for IoT requires a new testing paradigm that more closely resembles the challenges that Enterprise IT have faced for decades. As enterprise IT struggles to 'shift-left', embedded systems are struggling to 'shift-right' by testing more componentized and distributed architectures. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/embeddedworld2017-170323121921-thumbnail.jpg?width=120&height=120&fit=bounds" /> Embedded software engineering has become a much bigger and more complex domain than we could have imagined. As devices are expected to communicate with other devices and embedded subsystems, a much larger surface area has emerged for defects that threaten the safety, security, and reliability of the software. For example, the connected car not only introduces software safety and security concerns within the car as a system, interactions with environmental components, such as communicating with 'smart traffic lights' and vehicle-to-vehicle communication, potentially expose additional risk. Additionally, as car makers develop and merge functionality into 'the autopilot' mode, driver-assist technologies have become safety-critical technologies. Embedded software organizations have always taken a 'shift-left' approach to software quality, rigorously applying defect prevention techniques early in the lifecycle. The demand for IoT requires a new testing paradigm that more closely resembles the challenges that Enterprise IT have faced for decades. As enterprise IT struggles to 'shift-left', embedded systems are struggling to 'shift-right' by testing more componentized and distributed architectures.

Embedded world 2017 from ChantalWauters

]]> 90 2 https://cdn.slidesharecdn.com/ss_thumbnails/embeddedworld2017-170323121921-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Ukstar 2017 london- Parasoft /ChantalWauters/ukstar-2017-london-parasoft rixgroenboom-ukstar2017-170302160346
Parasoft - UKstar 2017 Testing anything any time with containerized service virtualization]]>
Parasoft - UKstar 2017 Testing anything any time with containerized service virtualization]]> Thu, 02 Mar 2017 16:03:46 GMT /ChantalWauters/ukstar-2017-london-parasoft ChantalWauters@slideshare.net(ChantalWauters) Ukstar 2017 london- Parasoft ChantalWauters Parasoft - UKstar 2017 Testing anything any time with containerized service virtualization <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/rixgroenboom-ukstar2017-170302160346-thumbnail.jpg?width=120&height=120&fit=bounds" /> Parasoft - UKstar 2017 Testing anything any time with containerized service virtualization

Ukstar 2017 london- Parasoft from ChantalWauters

]]> 122 9 https://cdn.slidesharecdn.com/ss_thumbnails/rixgroenboom-ukstar2017-170302160346-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Parasoft Testing anything, any time with containerized service virtualization /slideshow/parasoft-testing-anything-any-time-with-containerized-service-virtualization/72273192 oop-new-format-170217142238
Continuous integration and delivery makes early and fast testing mission-critical for a lot of organizations. However, test execution is blocked by application dependencies being unavailable, not having the right amount of test data or otherwise being access-restricted. Service virtualization is an approach that can be used to create, deploy and exercise virtual assets that your test team has full control over. Now, by combining service virtualization with container and cloud technology, like Docker and Azure, development teams can create, share, use and destroy test environments on-demand, in seconds. It allows easy integration into continuous integration and delivery pipelines, enabling teams to regain full control over their test environments and the testing process.]]>
Continuous integration and delivery makes early and fast testing mission-critical for a lot of organizations. However, test execution is blocked by application dependencies being unavailable, not having the right amount of test data or otherwise being access-restricted. Service virtualization is an approach that can be used to create, deploy and exercise virtual assets that your test team has full control over. Now, by combining service virtualization with container and cloud technology, like Docker and Azure, development teams can create, share, use and destroy test environments on-demand, in seconds. It allows easy integration into continuous integration and delivery pipelines, enabling teams to regain full control over their test environments and the testing process.]]> Fri, 17 Feb 2017 14:22:38 GMT /slideshow/parasoft-testing-anything-any-time-with-containerized-service-virtualization/72273192 ChantalWauters@slideshare.net(ChantalWauters) Parasoft Testing anything, any time with containerized service virtualization ChantalWauters Continuous integration and delivery makes early and fast testing mission-critical for a lot of organizations. However, test execution is blocked by application dependencies being unavailable, not having the right amount of test data or otherwise being access-restricted. Service virtualization is an approach that can be used to create, deploy and exercise virtual assets that your test team has full control over. Now, by combining service virtualization with container and cloud technology, like Docker and Azure, development teams can create, share, use and destroy test environments on-demand, in seconds. It allows easy integration into continuous integration and delivery pipelines, enabling teams to regain full control over their test environments and the testing process. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/oop-new-format-170217142238-thumbnail.jpg?width=120&height=120&fit=bounds" /> Continuous integration and delivery makes early and fast testing mission-critical for a lot of organizations. However, test execution is blocked by application dependencies being unavailable, not having the right amount of test data or otherwise being access-restricted. Service virtualization is an approach that can be used to create, deploy and exercise virtual assets that your test team has full control over. Now, by combining service virtualization with container and cloud technology, like Docker and Azure, development teams can create, share, use and destroy test environments on-demand, in seconds. It allows easy integration into continuous integration and delivery pipelines, enabling teams to regain full control over their test environments and the testing process.

Parasoft Testing anything, any time with containerized service virtualization from ChantalWauters

]]> 265 11 https://cdn.slidesharecdn.com/ss_thumbnails/oop-new-format-170217142238-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 https://public.slidesharecdn.com/v2/images/profile-picture.png https://cdn.slidesharecdn.com/ss_thumbnails/acceleratingcompliancefinalversion-190312095753-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/accelerating-misra-and-cert-coding-standards-compliance-with-dedicated-reporting-and-workflow-management/135837784 Accelerating MISRA and... https://cdn.slidesharecdn.com/ss_thumbnails/session6-190312094653-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/navigating-the-jungle-of-secure-coding-standards/135835928 Navigating the jungle ... https://cdn.slidesharecdn.com/ss_thumbnails/embeddedworld2017-170323121921-thumbnail.jpg?width=320&height=320&fit=bounds ChantalWauters/embedded-world-2017 Embedded world 2017