TrustInSoft develops solutions for advanced software analysis that specialize in formal verification of C, C++ and Rust source code to ensure safety, security and reliability. 

Key Takeaways:

• High code coverage is crucial for minimizing vulnerabilities and improving software reliability.
• Combining exhaustive static analysis with runtime exploit prevention offers a  layered security strategy for 100% code coverage.
• TrustInSoft‘s tools and services offer exhaustive static analysis for early vulnerability detection, complemented by runtime protection tools like RunSafe Protect for comprehensive software security.

Introduction

Ensuring code reliability and security is paramount in software development today. Attackers actively look for vulnerabilities in code that can be exploited, leading to significant risks and potential damage. For example, in 2024, 768 CVEs were publicly reported as exploited in the wild for the first time.

Many security vendors work with independent testing institutions like AV-Test to validate the efficacy of their detection engines against malicious activity from bad actors that abuse known software vulnerabilities. The delta between the top vendors is typically only a few percentage points above 99% efficacy. However, though the top vendors achieve near 100% accuracy, bad actors continue to exploit known vulnerabilities within that small percentage gap. Early vulnerability detection using secure coding practices helps reduce the attack surface that bad actors often exploit.

Code coverage plays a vital role in mitigating these risks by measuring the extent to which source code is tested. This blog explores the role of code coverage in software security, the nuances of different code coverage metrics, and ways to address typical code coverage limitations by integrating exhaustive static analysis and runtime exploit prevention techniques to achieve resilient software that aligns with security standards and regulations. 

Code Coverage: Minimizing Vulnerabilities

Code coverage is a metric that measures the degree to which source code has been tested. The goal of achieving high code coverage is to reduce the number of undetected bugs and improve overall software reliability. While developers strive to test as much code as possible, attaining perfect coverage is rarely achieved.

Understanding Code Coverage Metrics

Several key metrics provide different perspectives on testing thoroughness:

• Statement Coverage: Measures whether each statement in the code has been executed.
• Branch Coverage: Measures whether each branch of control structures (e.g., if-else statements) has been executed.
• Condition Coverage: Measures whether each condition in a decision has affected all possible outcomes.
• Path Coverage: Measures whether all possible paths through the code have been executed.
• Modified Condition/Decision Coverage (MC/DC): Used in safety-critical systems to ensure each condition independently affects the decision outcome.

The type of coverage will usually be chosen in the project depending on its defined quality requirements. While aiming for 100% code coverage is ideal, it’s essential to recognize that it may not be achievable due to time constraints and complexity. Achieving high coverage doesn’t guarantee the absence of vulnerabilities, highlighting the need for additional security measures when full coverage cannot be attained. 

This is where TrustInSoft’s exhaustive static analysis solutions and RunSafe’s runtime exploit prevention technologies come into play, offering a more comprehensive approach to software security.

Benefits of High Code Coverage

Achieving high code coverage offers numerous benefits:

• Improved Software Quality and Reliability: Thoroughly tested code is less likely to contain bugs, leading to more reliable software.
• Early Error Detection: Identifying and fixing errors early in the development cycle reduces debugging costs and accelerates time to market.
• Reduced Maintenance Costs: High-quality, well-tested code requires less maintenance and fewer patches, reducing long-term costs.
• Compliance with Security Standards and Regulations: Many security standards and regulations require high code coverage as part of their compliance requirements.

Exhaustive Static Analysis for Early Vulnerability Detection

Static analysis involves evaluating code without the need for a target to run it on, allowing for the early identification of vulnerabilities and errors. Traditional static analysis tools using pattern-matching and rule-based scanning can identify potential issues, but they often produce false positives, slowing down the testing process and potentially overlooking critical vulnerabilities. 

TrustInSoft Analyzer utilizes a different technique that focuses on the behavior of C/C++ code, providing a more exhaustive analysis that reduces false positives and ensures no vulnerabilities are overlooked. 

Because the tool applies a formal methods approach internally, it can assert the absence of runtime errors and other critical software bugs. Besides the guarantee of finding all issues it searches for, the focus on the behavior means that TrustInSoft Analyzer keeps a trace of each reached part of the application and can produce a coverage report.

Runtime Exploit Prevention: Protecting Against Runtime Exploits

Runtime exploit prevention technologies protect applications by detecting and preventing attacks at runtime. Runtime protection is crucial because it addresses vulnerabilities that may not be discovered during the development phase without sufficient code coverage testing efforts. By monitoring application behavior and detecting anomalies, Runtime exploit prevention can prevent attackers from exploiting unforeseen weaknesses, ensuring the application remains secure even in the face of novel threats. RunSafe Security’s tools exemplify runtime exploit prevention, guarding against memory corruption using methods such as Load-time Function Randomization (LFR).

Runtime exploit prevention provides an additional layer of security against zero-day exploits and other sophisticated attacks that may bypass traditional testing methods. RunSafe’s solutions offer proactive runtime protection, complementing early vulnerability detection with exhaustive static analysis to create a comprehensive security posture.

Combining Exhaustive Static Analysis and Runtime Exploit Prevention

Integrating exhaustive static analysis and runtime exploit prevention creates a robust, layered defensive strategy. Static analysis using formal methods, like that offered by TrustInSoft Analyzer, focuses on early vulnerability detection, identifying potential issues before the code is ever executed. Where a hundred percent of code coverage is not attainable, runtime exploit prevention, such as RunSafe’s security measures, protects against runtime exploits by monitoring application behavior and preventing attacks in real-time.

These approaches are complementary, providing comprehensive protection throughout the software development lifecycle. By combining TrustInSoft Analyzer’s exhaustive static analysis with runtime protection tools like RunSafe, organizations can ensure their software is secure from development to even after deployment. This integrated approach ensures mathematically proven memory safety and regulatory compliance readiness. Combining these tools gives you assurance for all code covered through exhaustive code analysis with TrustInSoft Analyzer and a back up on unanalyzed code with RunSafe.

Conclusion

Achieving high code coverage is essential for developing reliable and secure software. Integrating exhaustive static analysis with runtime exploit prevention creates a comprehensive security strategy that protects against vulnerabilities at every stage of the software development lifecycle. Organizations should adopt a multi-faceted approach to security, combining tools like TrustInSoft Analyzer and runtime exploit prevention technologies like RunSafe to ensure robust and resilient software throughout the SDLC.

By prioritizing code coverage, leveraging exhaustive static analysis, and implementing runtime exploit prevention, organizations can deliver software that is not only functional but also secure and reliable through exhaustive code coverage on up to 100% of the code and runtime exploit mitigation for remaining code. 

TrustInSoft’s solutions provide mathematically proven memory safety, ensuring compliance and reducing the risk of costly vulnerabilities. For enhanced runtime protection, consider RunSafe’s innovative solutions. Both TrustInSoft and RunSafe offer valuable tools for creating a secure software ecosystem, request a demo of TrustInSoft Analyzer or deploy RunSafe’s tools for the ultimate protection against attacks.

The post Improving Code Coverage: The Benefits of Exhaustive Static Analysis & Runtime Exploit Prevention appeared first on RunSafe Security.

RunSafe Security and Lynx are partners in securing embedded software platforms.

For too long, open source vulnerability management has been treated as a reactive game of whack-a-mole: identify vulnerabilities, patch them, and repeat. This approach often leaves teams overwhelmed and constantly playing catch-up. 

What if we flipped the script? Vulnerabilities aren’t just problems—they’re signals. They reveal weaknesses, highlight opportunities, and guide better decisions. By treating vulnerabilities as feedback rather than failures, you can rethink how embedded systems in industries like aerospace, automotive, industrial automation, and medical devices are designed and secured. 

In this article, we explore five transformative strategies for addressing open source vulnerabilities that go beyond traditional practices, helping you move from firefighting to future-proofing your systems.

1. Redefine Your Relationship with Vulnerabilities

Most teams view vulnerabilities as failures, reacting only when an issue is discovered. But vulnerabilities are more than just bugs—they’re data points. When properly analyzed, they offer insight into design choices, team processes, and system architecture, providing an opportunity for improvement. 

How to Leverage Vulnerabilities as Feedback 

• Refine your software architecture: Use your SBOM (Software Bill of Materials) as a diagnostic tool. Are recurring vulnerabilities tied to a particular library or dependency? Consider switching to better-maintained or less vulnerable alternatives. 
• Understand system dynamics: Track patterns across projects and teams to identify development blind spots. 

Real-World Application:
Imagine an automotive team that regularly identified vulnerabilities in a third-party diagnostic library. By switching to an open-source alternative with a more active community, they reduced vulnerabilities by 40% and enhanced system reliability. 

This proactive approach fosters confidence in your processes, ensuring continuous improvement. 

What is an SBOM (Software Bill of Materials)? SBOMs are a list of all components in a software build, including libraries and dependencies, which helps teams identify and track vulnerabilities systematically. 

Understanding the full scope of an SBOM enables more informed decisions about system modifications and vulnerability management strategies, leading to more secure software architectures.

2. Embed Resilience Instead of Chasing Compliance

Compliance frameworks like DO-326A (aerospace cybersecurity), ISO/SAE 21434 (automotive cybersecurity), and NIST Cybersecurity Framework provide a baseline for secure systems. But achieving compliance shouldn’t be the end goal—it’s the beginning. Resilience is about building systems that remain secure even as threats evolve, ensuring compliance is naturally met as a byproduct. 

How to Build Resilience That Meets Compliance 

• Design with failure scenarios in mind: Use threat modeling to identify potential attack vectors early during development. 
• Automate compliance reporting: Tools like Lynx Vigiles simplify audit preparation, allowing teams to focus more on security instead of documentation. 

Pro Tip:
Treat compliance as a checkpoint, not a destination. Teams that embed cybersecurity into their workflows achieve compliance faster and with fewer reworks. 

Threat modeling: Identifying potential security threats to the system and developing countermeasures to prevent or mitigate these threats.

3. Focus on Vulnerability Paths, Not Just Individual Flaws

Attackers don’t exploit single vulnerabilities in isolation; they look for exploit paths—chains of vulnerabilities that can lead to system failure. Addressing how open source vulnerabilities interact within your system can stop attacks before they start. 

How to Identify and Break Exploit Paths 

• Map dependencies: Visualize how different components interact and assess how vulnerabilities in one might expose others. 
• Prioritize by context: What may be a low-severity issue in an industrial control system could be critical if it enables lateral movement to safety-critical functions. 

Example:
In an industrial automation system, a minor flaw in a third-party networking library allowed attackers to bypass authentication. Fixing this vulnerability preemptively protected safety-critical systems. While the flaw might not have drawn much attention in isolation, its potential impact within a chain of vulnerabilities highlighted its true risk. 

Power Move:
Integrate RunSafe Security’s memory address randomization to protect against memory-based attacks, common in exploit paths. This technique, applied during the software compilation process, randomizes the layout of memory addresses within a program. By making the memory structure unpredictable, it significantly impedes attackers’ ability to craft exploits that rely on known memory locations, thereby neutralizing a substantial portion of memory corruption vulnerabilities. 

Mapping dependencies and breaking exploit paths: This strategy involves visualizing the interconnections between software components to identify and disrupt sequences of vulnerabilities that could be chained together by an attacker, thereby preventing a single weakness from compromising the entire system.

4. Shift Vulnerability Ownership Across the Organization

Vulnerability management is often confined within security or DevSecOps teams. However, for a system to be secure, everyone—developers, product managers, and leadership—must share responsibility. Security is a business-critical priority, not just a technical concern. 

How to Foster Organizational Ownership 

• Set team-level goals: Include vulnerability remediation and time-to-resolution as part of team OKRs and KPIs. 
• Invest in security training: Equip all team members with the knowledge to identify and mitigate vulnerabilities early. Think of it as the equivalent of educating your team not to plug in random USB sticks found in the wild, except for open source vulnerabilities. 

Pro Tip:
Make vulnerability metrics visible across the organization to encourage collaboration. Teams that understand their impact on overall security are more motivated to act. This shared responsibility leads to a quicker resolution of vulnerabilities, reducing the window of exposure and enhancing overall system security.

5. Use Automation to Do the Heavy Lifting, but Keep Humans in the Loop

Automation is essential for managing the sheer volume of vulnerabilities in modern embedded systems. But tools alone aren’t enough. Strategic oversight ensures that fixes align with business goals, technical feasibility, and long-term resilience. 

How to Combine Automation with Expertise 

• Automate triage: Use tools like Vigiles to filter out non-applicable vulnerabilities, focusing your team on critical issues. 
• Enable smarter decisions: Human judgment is critical for balancing security with operational needs, especially in safety-critical industries. 

Example:
An aerospace company used automated scanning with basic filters and faced over 1,000 vulnerabilities. Enhancing these filters with additional context and capabilities, such as with Vigiles, they saw half automatically marked as non-applicable. This effective triage cut their potential workload in half and allowed them to thoroughly assess high and critical severity vulnerabilities impacting system safety, saving weeks of manual effort and unnecessary remediation. 

Including RunSafe Security’s runtime memory protection during the compilation process drastically lowers the risks associated with common memory vulnerabilities, allowing security teams to focus on more complex threats. 

These approaches not only optimize resource allocation but also enhance the accuracy and relevance of vulnerability management efforts, leading to a more resilient system. 

The Cost of Inaction: Addressing Open Source Vulnerabilities 

Neglecting to adopt proactive strategies for open source vulnerability management comes at a high cost: 

• Missed deadlines: Vulnerabilities discovered late disrupt production schedules. 
• Compliance failures: Inadequate processes expose teams to regulatory penalties. 
• System compromises: Unchecked exploit paths can lead to catastrophic consequences. 

Every delay in addressing vulnerabilities isn’t just a technical risk—it’s a threat to your mission, your reputation, and your bottom line.

Conclusion: Security as a System 

Rethinking open-source vulnerability management is about more than fixing issues—it’s about designing systems that are secure by default. By redefining your relationship with vulnerabilities, embedding resilience, focusing on exploit paths, fostering organizational ownership, and leveraging automation, you can move from firefighting to future-proofing your embedded systems. 

Take the next step today: 

• Don’t wait for open source vulnerabilities to disrupt your operations. Cut through the noise with Lynx Vigiles and focus on the vulnerabilities that matter most. 
• Discover RunSafe Security’s runtime protection to neutralize vulnerabilities before attackers can take root.

The post Rethinking Open Source Vulnerability Management: 5 Strategies to Build Resilience in Embedded Systems appeared first on RunSafe Security.

RunSafe Security and Critical Software are partners in delivering comprehensive safety and security solutions for critical sectors in Europe and the US.

Imagine modern healthcare services without medical devices. You can’t? Neither can we. Medical devices perform a vital role in the patient experience, from diagnosis to treatment to follow-up. Advances in tech have enhanced these devices and, in turn, have improved patient outcomes. Personalized treatment plans using data gathered from wearables; real-time monitoring of patients’ conditions allowing healthcare professionals to intervene in a timely fashion; AI-powered surgical systems assisting surgeons during complex operations – all of these have revolutionized the way patients are treated. 

But they have also widened the threat horizon for patients. The ever-increasing range of cyber threats pose serious reputational risks to manufacturers and could mean the difference between life and death for patients. But to combat these threats, different jurisdictions have implemented their own medical device cybersecurity standards, creating friction for manufacturers operating in various markets. 

From the European Union’s Medical Devices Regulation (MDR) to the United States’ Foods & Drug Administration (FDA), medical device manufacturers need to ensure their devices comply with cybersecurity standards outlined in each jurisdiction. But is this getting easier or more complex in an ever-more complex threat environment?

Medical Device Cybersecurity in the EU

The EU’s MDR outlines clear rules with which medical device manufacturers must comply in the domain of cybersecurity, particularly with regards to following risk management practices aligned with ISO 31010 and ISO 14971. 

Post-market surveillance is critical to this: the manufacturer is responsible for keeping track of any cybersecurity vulnerabilities that present themselves in their devices and must work to rectify these once identified.

Harmonization of Medical Device Standards and Regulations

Yet harmonization is already occurring between the two regulators, reducing friction and making manufacturers’ lives easier. ISO 13485 is adhered to by both the MDR within the EU and the US FDA, aligning quality management system regulations between the two markets. This is in addition to the most recent update of harmonized standards made by the EU in March 2024, this being the next step in the bloc’s efforts to align its standards with those applicable globally. 

The International Medical Devices Regulators Forum (IMDRF) plays a role in reducing barriers for manufacturers operating in the EU and US, with shared guidance on clinical evaluation and post-market surveillance making it easier for manufacturers to distribute, monitor, and “sense-check” their devices, ensuring compliance with a harmonized set of standards. This is integral in the cybersecurity domain, ensuring protection against evolving threats in whichever market the devices are placed in.

What Does This Mean for Cybersecurity?

Both the EU’s MDR and the FDA’s regulations require a risk-based approach, ensuring that residual risks are assessed and managed throughout the device’s lifecycle. In terms of cybersecurity, this demands extensive risk management documentation. Similarly, Secure by Design has been implemented in both the EU and the US: the MDR encourages manufacturers to implement cybersecurity measures from the earliest stage of the design process, while the FDA requires Secure Product Development Frameworks (SPDFs) be followed from early design to product release.

There is still much work to do, however. Since 2010, the number of cybersecurity incidents in the EU and the US has increased. From 2021 to 2023, there were over 215 publicly reported cybersecurity incidents relating to medical devices in the EU. In the US, it is estimated that over 53% of devices on the market possess critical cyber vulnerabilities. A 2024 report from Censys found that there are “14,004 unique IP addresses exposing healthcare devices and data systems connected to potentially sensitive medical information on the public internet. These exposures greatly raise the risk of unauthorized access and exploitation.”

The Future of Cybersecurity Regulatory Alignment

Regulatory alignment is heading in the right direction, but as we have seen, there is still more work to be done. While harmonization is progressing, critical vulnerabilities remain in copious amounts of medical devices and healthcare products in the market, which opportunistic hackers and hostile actors can take advantage of.

Want to discover more about the pivotal role of cybersecurity in medical devices? Catch up with Critical Software and RunSafe Security’s recent webinar featuring Afonso Neto from Critical Software and Doug Britton from RunSafe Security, who outlined some of the most pressing cybersecurity aspects underpinning medical device regulations in the EU and USA. Watch the webinar here.

The post Is Regulatory Harmonization on the Horizon? The Medical Devices Cybersecurity Landscape in the EU and the US appeared first on RunSafe Security.