Military & Defense

Software Testing for Military and Defense Systems

Software Testing Solutions for the Modern Warfighter

Parasoft’s automated testing tools help the modern warfighter by ensuring that software used in all missions is secure, safe, and performs even under high levels of stress. We are unique in providing software testing solutions that extend from embedded applications to enterprise software. Build safe and secure embedded applications by employing our static analysis, unit testing, code coverage, and more. For enterprise software, perform scriptless REST and SOAP API, UI , load/performance, and security testing. That includes creating, deploying, and managing virtual test environments — anytime, anywhere.

DevSecOps for DoD

 

Find out how secure hardened containerized Parasoft SAST solutions benefit DoD software programs.

Iron Bank Your DevSecOps for Continuous Software Assurance

Solve the Challenges of Military Software Development

Deploy DevSecOps

Remediate security vulnerabilities with ease using containers. Create, deploy, and manage virtual test environments with service virtualization. Parasoft integrates with DevSecOps environments to ensure compliance early in the development process with mandated security standards like CWE, CERT C/C++, DISA-STIG, and OWASP. We also support other compliance standards like MISRA and AUTOSAR C++ 14 for safety and reliability in support of functional standards such as DO-178C.

Modernization

Defense agencies are moving to modernize their computer systems while trying to squeeze the most out of legacy equipment. Parasoft’s military software testing solution allows you to do both. It automates testing legacy software systems to bring them up to today’s safety and security standards by way of offering static analysis, automated unit testing, code coverage (statement, branch, MC/DC, and assembly code), and more. Testing solutions in containers and the cloud are also available to help the warfighter mission modernize without bottlenecks.

Time and Budget Demands

Budget restrictions mandate that military agencies have to do more with less, and are held accountable for time and budget overspends. Parasoft’s military software testing tools seamlessly and tightly integrate with DevSecOps development tool ecosystems, ensuring speed and quality throughout the SDLC.

How Parasoft Helps Military Software Development

Parasoft takes a test-early-and-often approach to military software testing to ensure software quality, security, reliability, and on-time delivery while reducing the risks associated with complex and interconnected mission-critical systems. We offer tooling to ensure that application code bases are free of security weaknesses and vulnerabilities. And enforce compliance to security and safety guidelines such as CWE, CERT, OWASP, MISRA, AUTOSAR, DISA-ASD-STIG, and process standards like DO-178B/C and UL 2900.

Military projects can achieve compliance with coding standards to improve code quality with the most comprehensive support for these standards than any other tool. Parasoft C/C++test provides a set of built-in static analysis checkers for verifying compliance with safety and security standards like CERT, CWE, OWASP, MISRA C 2023, MISRA C 2012, MISRA C++ 2008, AUTOSAR C++14, and more. Our comprehensive static check guidelines integrate into DevSecOps environments that work with development languages in C/C++, Java, C#, and .NET.

“MISRA”, “MISRA C” and the triangle logo are registered trademarks of The MISRA Consortium Limited. ©The MISRA Consortium Limited, 2021. All rights reserved.

Well-established in the embedded safety- and security-critical market, Parasoft’s unified testing tools offer static analysis, automated unit testing, code coverage (statement, branch, MC/DC, and assembly code), automated test case generation, and more. For easy adoption, C/C++test integrates into the most popular IDEs, like Eclipse, VS Code, ARM DS-5, IAR Workbench, Wind River Workbench, and others.

A vast number of compilers and hardware platforms are also supported, including Keil, ARM, IAR, Wind River, Green Hills, GNU, Clang, Freescale, Intel, TI, Renesas, Cosmic Microchip, and the list continues.

In support of the entire SDLC and military software testing to requirements, integrations with ALM tools like Polarion, codeBeamer, and others are available. For continuous integration (CI) and continuous delivery (CD), integrations with Jenkins, Bamboo, and Azure DevOps are also available.

Reach compliance with DO-178A, DO-178B, and DO-178C for software levels A-D. Development teams can automate software testing techniques and verification processes required by the standard with help from Parasoft C/C++test. Integrations with application lifecycle management (ALM), source control management (SCM), and reporting solutions help achieve certification.

  • Static analysis
  • Unit testing
  • Integration testing
  • System testing and acceptance testing
  • On-target hardware validation
  • Code coverage analysis (statement, branch, and MC/DC)
  • Assembly code coverage/verification (GHS PPC & GNU GCC x86)
  • Requirement traceability to test cases and code
  • Waterfall, Spiral, V-model, or Agile

At first glance, the DISA STIG for Application Security and Development (DISA-ASD-STIG) can be intimidating. With almost 300 items to check, you might be wondering how you are ever going to be compliant, let alone where to start.

You can achieve DISA-ASD-STIG compliance with help from Parasoft testing solutions, which identify security flaws required by the standard. The ASD-STIG outlines ways to verify compliance with requirements like application scanning, manual review, and functional security testing. Our tool suite offers application scanning. It includes static code analysis — specifically for the ASD-STIG requirement for OWASP Top 10 — and identifies overflows, race conditions, and error handling.

Learn more about DISA-ASD-STIG

Parasoft’s Assembly Coverage Tool (ASMTool) satisfies the Executable Object Code recommendations set out by DO-178B/C Level A. With little effort, ASMTool can generate structural coverage reports from Executable Object Code. Structural Coverage is reported with easily reviewable insight into compiler generated code that is not directly traceable to Source Code statements. It also tracks switch statements, providing full insight into the test execution paths at the machine language instruction level.

ASMTool also supports collecting Structural Coverage from both the software integration process (target hardware testing), and desktop development environment (Parasoft C/C++test for Unit Testing).

Use Parasoft testing solutions for development of Internet of Military Things (IoMT) or Internet of Battlefield Things (IoBT). Teams can thoroughly test APIs across a wide array of message formats and protocols (including HTTP(S), MQTT, WebSockets, and AMQP/RabbitMQ) to validate message integrity, performance timing, and security vulnerabilities with Parasoft C/C++test. This enables IoT API developers to find and quickly fix vulnerabilities earlier in the development process. Take control of the testing challenges of today’s connected military platforms with Parasoft C/C++test’s seamless integration with Parasoft SOAtest and Parasoft Virtualize. It combines API testing with runtime application coverage and simulated virtual test beds.

Tool qualification is mandated for developing software for safety-critical applications compliant with DO-178B/C. This standard requires that organizations provide evidence that the software tools used for verification are suitable for use in the development of safety-critical applications.

Automate the process of creating the supporting documentation required for tool qualification of static analysis, unit testing, and coverage requirements. Parasoft’s Tool Qualification Kit for Parasoft C/C++test reduces the potential for human error and the time it takes to perform tool qualification.

Parasoft supports DO-178B, DO-178C, and DO-330 for all software levels with our conformant qualification process and automated tool qualification kit.