Synopsys has revealed a solution to tackle the cybersecurity and safety challenges that are plaguing the automotive industry. The company is improving its Software Integrity Platform to support existing functional safety standards and is joining forces with automotive industry stakeholders to establish novel standards that underscore cybersecurity.

TUV SUD Product Service, an independent certification body with over a century of automotive safety and performance experience, has certified that Coverity and Test Advisor, two of the applicable tools in Synopsys' Software Integrity Platform used for static analysis and test optimisation respectively, are compliant with the ISO 26262 and IEC 61508 standards.

In addition to providing solutions that support existing industry standards such as ISO 26262 and The Motor Industry Software Reliability Association (MISRA), Synopsys is collaborating with vehicle manufacturers, their suppliers and other industry stakeholders to establish new standards that go beyond functional safety and coding guidelines to specifically address cybersecurity risk throughout the software development lifecycle and software supply chain.

Synopsys' Software Integrity Platform is based on an integrated development and testing methodology pioneered by Synopsys called 'software signoff.' Software signoff implements a series of automated testing processes at critical progression points throughout the software development lifecycle and software supply chain to elevate confidence in the quality and security of software.

The Coverity solution is Synopsys' ISO 26262-certified static code analysis tool that automatically identifies critical quality defects and security vulnerabilities in source code, while the Test Advisor solution, another ISO 26262-certified test optimization tool, improves the efficiency of automated software testing by analysing and prioritising code change impact.

The Protecode solution is Synopsys' software composition analysis tool identifies known vulnerabilities and license risks in third-party software. In addition, the Defensics solution is Synopsys' intelligent fuzz testing tool discovers unknown vulnerabilities in a software systems' communication protocols such as CAN BUS, Bluetooth and WiFi.