Know your Software Risk

– Nohau helps to identify security risk of the device and detect vulnerabilities early avoiding expensive consequences from attacks.

Cyber attacks on critical infrastructure are on the increase and are a growing concern for both system operators and the device manufacturers who supply equipment to these systems. Attacks on critical infrastructure can severely impact service uptime, data integrity, compliance and even public safety.

Solution

Nohau’s Code Security Analysis service identifies a security risk level existing in embedded software of a device and allows fixing security issues proactively. We offer a service that reveals quickly vulnerabilities in code and software architectural level with a focus on attacker-accessible interfaces. Based on research even 75% of cyber attacks are targeted to application level and utilizes defects in code level. We utilize commonly used security coding standards and report any violation against the rules. The service can be extended by consultative code review and fixing of issues.

Benefits

  • Provides evidence for further analysis
    Supplies direction for areas of greatest concern and justifies budget for further analysis
  • Enhances product security
    Focuses on addressing most critical weaknesses and reduces need for product recalls
  • Protects brand reputation
    Reduces the possibility of public vulnerability disclosures

Deliverables

Contents

  • Consulting work 3-5 days depending on Project scope
  • An analysis of one device and one firmware/software
  • Tool licenses for consulting time
  • Report describing the risk status and list of issues found

Reports

  • Executive summary
  • Brief description of assessment
  • Any identified vulnerabilities, areas of weakness and areas of concern. Listing line level information of issues found
  • Scope for full assessment (as appropriate)

Why Nohau?

Unlike assessment services from other vendors, our service features work conducted by embedded software domain expert with the most advanced tools. All Nohau assessments are based on technical expertise developed over many years in code analysis and security for embedded systems and related tools.

The Security Code Analysis may also include or be extended by:

  • Security Architecture Review
  • Communications Robustness Check

Contact us for more information..

Do you wish more information!

Contact us for offers, information or advice!