The rapid growth in software-driven content for embedded devices is not new - nor is the recognition that connectivity and the Internet of Things are fundamentally changing the ways that OEMs deliver value to end clients.
The ways in which OEMs are responding to these new content and feature creation requirements, however, are adding new layers of complexity to the SDLC - and vulnerabilities - to their products. While many engineering organizations are scaling internal software development efforts and receiving a increasing percentage of their code bases from third-party sources, they are often not placing proportional investments into their security and quality assurance processes and tools.
While there is no silver bullet to eliminate code defects and vulnerabilities, the best practices to develop high-integrity software are no secret either. Solutions like static analysis tools and premium requirements and variant management tools can help OEMs limit the introduction of some defects and identify many others in advance of product deployment. In an industry where connectivity and security risks are increasing dramatically with each product generation, engineering organizations must recalibrate their risk assessment calculus and prioritize software defect and security vulnerability mitigation.
Tomorrow, Wednesday December 11th, I will be digging more into these trends and challenges facing our industry during a webcast at 2pm ET, sponsored by Klocwork.
Register here: http://bit.ly/1hZoaGs
Comments
You can follow this conversation by subscribing to the comment feed for this post.