Latest Blog Posts

As we pointed out in the previous blog, before we qualify a compiler for a safety-critical project, it’s essential we know all the compiler options that the project intends to use. With typical projects being highly complex, like a...

Compilers comprise a complex pipeline of analysis and transformation stages. Changes in one stage are frequently amplified by subsequent stages. It makes compilers very sensitive to configuration, with a seemingly minor change to the...

CEA List and Solid Sands entered into a partner agreement to make SuperTest available to the Frama-C team. Frama-C is a platform for source-code analysis of C software. The Frama-C analyzers assist with various source-code-related...

We are pleased to see many companies in the automotive, industrial, medical, aviation, robotics and railway industries taking the safety of critical C++ applications seriously. With the latest safety-critical applications handling...

In the previous blog I argued in favor of undefined behavior in C. The behaviors I was talking about, such as integer overflow, would be inefficient or counter-intuitive if they were defined. Nevertheless, it does mean that in their...

Undefined behavior remains an elusive subject. On the one hand, it potentially exposes your program to dangerous situations and exploitations. On the other hand, it enables the speed and portability that the C programming language is...

Library qualification is key, because code from the library is linked into the application and installed onto the target device. Over the last few years, we have spoken many times about this topic in our blogs and webinars. We are...

A study by the University of Turku, Finland (A Large-Scale Security-Oriented Static Analysis of Python Packages in PyPI) showed that 46% of 224,651 open source Python Packages displayed one or more security issues. Is that good news,...

For me as a software engineer, it is difficult to suppress the urge to automate. Regardless the complexity of a task, in my ideal world everything would be automated. Generating tests is no exception to this rule, so naturally we...

As Qualification Lead Engineer, my main role at Solid Sands is leading compiler qualification projects as part of our Compiler Qualification Service. In the four years I have worked here, I have seen many compilers, many compiler...