This interview is part of an ongoing series VDC conducts with IoT and embedded software solution providers to share views on their company, products, and state of the market.
VDC: LDRA has been providing automated code analysis and software testing solutions for safety-, mission-, security-, and business-critical markets since 1975. Can you briefly introduce the company to our readers?
Jim: With over 40 years of embedded software experience and offices around the globe, LDRA provides software quality tools and expertise in critical software development industries such as aerospace, defense, automotive, industrial, medical, and rail transportation. We enable our customers with software tools to produce high assurance applications.
VDC: What are some of the main challenges embedded engineers face today when designing and developing systems and how are embedded software suppliers responding?
Jim: There’s no question that software complexity is on the rise and that there are accelerating demands for safety and security. To address ever increasing software complexity and the standards compliance requirements that are prevalent in today's markets, software tool suppliers are focusing on helping software developers and verification engineers be more productive while ensuring that they adhere to the latest safety and security standards such as DO-178 (aerospace), ISO 26262 (automotive), IEC 62304 (medical), IEC 61508 (industrial), IEC 60880 (nuclear), NIST SP800-160 (infrastructure cyber security), ISA 62443-4-1 (industrial automation and control systems security). To achieve compliance with these standards, software organizations need to produce not only clean, consistent, and maintainable code, but auditable and traceable results. By leveraging requirements traceability, static code analysis with coding standards compliance, dynamic coverage analysis, and automated unit/integration testing, software organizations can produce the required artifacts for compliance efficiently and cost effectively.
VDC: How do you see the need for security impacting the application and evolution of automated test tools?
Jim: The reality is that security is now a dominant theme in today's critical embedded software markets. Security must be accounted for during the requirements, design, and development phases and not bolted on at the end of the software development lifecycle. As a result, all tools in the development lifecycle need to address the various aspects of security, not just automated test tools. Providing a clear, traceable, auditable, and transparent software development lifecycle is essential for addressing the development of secure software. From the tools perspective, security requirements will need to be developed, traced, and accounted for throughout the software development lifecycle, just as functional requirements have been addressed historically. Static analysis tools need to evolve to keep up with the best practices in developing secure code, eliminating the introduction of unsafe constructs in the code. Coverage analysis tools will need to ensure the applications are adequately tested, and new and improved testing techniques will need to be automated to ensure the code is free from vulnerabilities and resilient to attack.
Jim McElroy, Vice President of Marketing at LDRA Technology, is focused on expanding LDRA business in the embedded software verification market by improving developer productivity and software quality in critical application development. Before joining LDRA, McElroy held executive-level marketing and business development positions with Green Hills Software, Telelogic North America, and I-Logix as well as holding industry-level software development positions at Lockheed Martin and Raytheon. McElroy has a Master of Science in Computer Science from Fitchburg State College and a Bachelor of Science in Computer Science from the University of Massachusetts.
View the 2017 IoT & Embedded Technology Research Outline to learn more.