analyze
awesome-safety-critical
Our great sponsors
analyze | awesome-safety-critical | |
---|---|---|
3 | 12 | |
150 | 1,520 | |
6.2% | - | |
8.7 | 4.7 | |
3 days ago | 6 days ago | |
Python | ||
GNU General Public License v3.0 only | Creative Commons Zero v1.0 Universal |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
analyze
-
NaiveSystems Analyze – FOSS static analyzer for MISRA C/C++, AUTOSAR C++14, etc.
How do you conclude that? The instructions here:
https://github.com/naivesystems/analyze/wiki/How-to-run-on-m...
say docker is required.
-
Misra C++:2023 Published
If you are interested in this, take a look at NaiveSystems Analyze [0] which is a free and open source static analyzer for checking MISRA compliance etc.
Disclaimer: I'm the founder.
It has been battle tested with real customers in automotive, medical devices, and semiconductors. AFAIK this is the first FOSS tool that achieves commercial use standards (extensive ruleset coverage, low false positives based symbolic execution (which Coverity relies heavily on) and SMT solver, ...)
[0]: https://github.com/naivesystems/analyze
awesome-safety-critical
-
Aerugo – RTOS for aerospace uses written in Rust
https://awesome-safety-critical.readthedocs.io/en/latest/#so...
-
Pacemaker should be running open source software
awesome-safety-critical: https://awesome-safety-critical.readthedocs.io/en/latest/
FDA > Medical Devices > Cybersecurity:
-
Misra C++:2023 Published
awesome-safety-critical > Coding Guidelines: https://awesome-safety-critical.readthedocs.io/en/latest/
Rust SAST and DAST tools would be great for all, too.
From https://news.ycombinator.com/item?id=35565960 :
> Additional lists of static analysis, dynamic analysis, SAST, DAST, and other source code analysis tools: https://news.ycombinator.com/item?id=24511280 https://analysis-tools.dev/tools?languages=c++
-
Ask HN: Which school produces the best programmers or software engineers?
https://awesome-safety-critical.readthedocs.io/en/latest/#co...
Predict; software quality, career success
By well-rounded do you mean the ACM Computer Science Curriculum; or a strong liberal arts program which emphasizes critical thinking and effective communication; or Emotional Intelligence, Servant Leadership, and Project Management?
InfoSec; Computer Security > Careers: https://en.wikipedia.org/wiki/Computer_security#Careers
The NIST NICE Framework describes Categories (7),
- Learning C as someone who already knows Rust
- NSA urges orgs to use memory-safe programming languages
-
The James Webb Space Telescope Runs JavaScript, Apparently
For a low level view, as how the code actually should look like, I found the JPL C coding guidelines very useful. It had an effect on me on how I wrote C after reading it.
Here's a github hosted version https://github.com/stanislaw/awesome-safety-critical/blob/ma...
-
Ask HN: Is it worth it to learn C to better understand Python?
https://news.ycombinator.com/item?id=28709239 :
> From "Ask HN: Is it worth it to learn C in 2020?" https://news.ycombinator.com/item?id=21878372 : (which discusses [bounded] memory management)
> There are a number of coding guidelines e.g. for safety-critical systems where bounded running time and resource consumption are essential. *These coding guidelines and standards are basically only available for C, C++, and Ada.*
> awesome-safety-critical > Software safety standards: https://awesome-safety-critical.readthedocs.io/en/latest/#so...
> awesome-safety-critical > Coding Guidelines: https://awesome-safety-critical.readthedocs.io/en/latest/#co...
-
Are Software Engineering “best practices” just developer preferences?
Critical systems: https://en.wikipedia.org/wiki/Critical_system
> There are four types of critical systems: safety critical, mission critical, business critical and security critical.
Safety-critical systems > "Software engineering for safety-critical systems" https://en.wikipedia.org/wiki/Safety-critical_system#Softwar...
awesome-safety-critical lists very many resources for safety critical systems: https://awesome-safety-critical.readthedocs.io/en/latest/
There are many certification programs for software and other STEM fields. One test to qualify applicants does not qualify as a sufficient set of controls for safety critical systems that must be resilient, fault-tolerant, and redundant.
-
Half of curl’s vulnerabilities are C mistakes, "could’ve been prevented if curl had been written in Rust"
There are heuristics for memory-unsecure C: https://awesome-safety-critical.readthedocs.io/en/latest/
What are some alternatives?
banwords
diodb - Open-source vulnerability disclosure and bug bounty program database
Qodana - 📝 Source repository of Qodana Help
safety-gymnasium - NeurIPS 2023: Safety-Gymnasium: A Unified Safe Reinforcement Learning Benchmark
awesome-python - 📚 Awesome Python Resources (mostly PyCon).
projects - Contains a list of security related Rust projects.