White-box fuzz testing has proven highly effective in finding critical bugs and vulnerabilities. Tech giants like Google and Microsoft uncover thousands of issues using this method. But why doesn’t every company adopt fuzz testing as part of their testing strategy? The main barrier is the high level of manual effort and the extensive time required to properly set it up and maintain it.

The market of embedded computing has been growing constantly, and this trend is expected to continue in the near future. Notably, embedded systems are key components for the Internet of Things (IoT) and for Cyber Physical Systems (CPSs). In the embedded software industry, secure software development is critical. This is especially true because embedded software often involves vital industries, such as medical devices or automotive solutions.

We are beyond excited to share some fantastic news with our community: Jazzer is now fully open source again under the Apache 2.0 license!

Buffer overflows are one of the oldest and most dangerous vulnerabilities in software security. A heap buffer overflow was the second most exploited vulnerability in 2023. Over the years, it has enabled countless attacks, often with severe consequences, such as Cloudbleed in 2017. Despite advances in security practices, buffer overflows continue to pose significant risks, especially in software written in low-level languages like C and C++.

Testing Classic AUTOSAR applications has long been a significant challenge due to the reliance on hardware-in-the-loop (HiL) setups, which are costly, complex, and hard to scale. Code Intelligence’s new lightweight AUTOSAR simulator revolutionizes this process by enabling entire AUTOSAR applications to run on x86 Linux systems, thus facilitating software-in-the-loop (SiL) testing.

Eric Brüggemann, the new CEO of Code Intelligence, stepped into the role in September. We asked him about his vision of the role and future of AI and fuzz testing in securing automotive software.

Out-of-bounds memory access, also known as buffer overflow, occurs when a program tries to read from or write to a memory location outside the bounds of the memory buffer that has been allocated for it. This type of vulnerability is particularly dangerous because it can lead to various issues, including crashes, data corruption, sensitive data leaks, and even the execution of malicious code.

Embedded software development presents unique challenges due to its close integration with hardware, strict real-time requirements, and the need for high reliability and safety. The V-Model, also known as the Verification and Validation model, offers a structured approach that effectively addresses these challenges. This blog post delves into the V-Model's intricacies and elucidates how it enhances the testing of embedded software.