Secure Trampoline RTOS with TrustInSoft Analyzer

Key Takeaways 

1. Seamless Embedded Project Initialization: Learn how to set up TrustInSoft Analyzer for embedded systems like STM32. 
2. Exhaustive Bug and Vulnerability Detection: Detect all C/C++ undefined behaviors, runtime errors, and memory safety issues with mathematical precision. 
3. Sophisticated Debugging Tools: Gain deep insights into vulnerabilities using the Root Cause Investigator for comprehensive debugging. 

Why Software Security Demands More 

C/C++ developers face increasing pressure to balance performance with security. The growing complexity of embedded systems and the prevalence of memory safety vulnerabilities make traditional debugging and testing methods insufficient. Vulnerabilities like buffer overflows, integer overflows, and uninitialized variables are notorious for being difficult to identify and resolve with traditional debugging tools and testing frameworks. 

Enter TrustInSoft Analyzer, a tool that redefines source code analysis with formal methods. Unlike conventional static analysis tools that produce false positives or miss critical issues, TrustInSoft Analyzer offers exhaustive bug detection. This level of precision ensures that your software is not just functional but secure and reliable. TrustInSoft Analyzer 

Case Study: Securing Trampoline RTOS 

In our second session, TrustInSoft Analyzer’s capabilities were demonstrated on Trampoline RTOS, an open-source real-time operating system. Trampoline RTOS is used in embedded applications and adheres to standards like OSEK/VDX OS and AUTOSAR, making it an ideal candidate for showcasing the Analyzer’s strengths. 

Here is what the session covered: 

1. Project Initialization 
   Using the TrustInSoft Project Manager CLI, the session showed how to organize and configure analysis files for embedded targets efficiently. 
2. Creating Compilation Database 
   Using tools like Bear, the session showed how to generate a comprehensive compilation database, capturing all compilation options necessary for precise analysis. 
3. Tailoring for Embedded Targets 
   Configuring memory layouts and hardware-specific parameters for STM32 demonstrated how the Analyzer handles embedded constraints. 
4. Function Stubbing 
   Low-level assembly functions were replaced with equivalent C stubs to enable analysis without altering core functionality. 
5. Running Exhaustive Analysis 
   The Analyzer's Level 2 mode, known as “analyzer mode” was employed to explore every code path, simulating all potential inputs and conditions to identify vulnerabilities. 
6. Using the Root Cause Investigator 
   Using the graphical interface of the Root Cause Investigator, alarms were traced back to their origins. This can be used for examining variable ranges and pinpointing call stacks. 
7. Generating Actionable Reports 
   The TIS-Report utility produced comprehensive HTML summaries, detailing metrics like code coverage, identified alarms, and actionable insights. 

View the Code Unboxed YouTube playlist.

Results: Key Issues Identified 

Within just 30 minutes, TrustInSoft Analyzer detected: 

• Integer Overflows: Found in serial driver functions, potentially impacting data transmission integrity. 
• Boundary Check Omissions: Missing checks in application mode transitions that risk memory safety. 

These findings highlight how TrustInSoft Analyzer excels in uncovering critical vulnerabilities, issues that would otherwise remain hidden even in complex codebases like Trampoline RTOS. This is applicable especially in safety-critical systems, like operating systems. 

What Sets TrustInSoft Analyzer Apart? 

1. Exhaustive Analysis Through Formal Methods 
   TrustInSoft Analyzer explores every possible input scenario and code path within the analysis perimeter. This guarantees the detection of all undefined behaviors, runtime errors, and memory safety issues, leaving no room for oversight. 
2. Integration with Real-World Workflows 
   The session demonstrated how seamlessly TrustInSoft Analyzer integrates into existing projects without requiring modifications to the source code. This makes it practical for teams working under tight deadlines or maintaining legacy systems. 
3. Powerful Debugging Tools 
   The Root Cause Investigator provides unmatched visibility into complex issues. Developers can navigate variable ranges, call stacks, and state transitions to understand how errors arise, enabling swift resolutions. 
4. Industry Compliance 
   With support for standards like AUTOSAR, CERT C and ISO 26262, the Analyzer is a critical tool for teams in regulated industries like aerospace, automotive, and healthcare. 
5. Actionable Reports 
   The detailed HTML reports generated by TrustInSoft Analyzer empower teams to prioritize fixes effectively. They also simplify audits and compliance checks, making the tool valuable for both developers and management. 

What to Expect in Upcoming Code Unboxed Sessions 

TrustInSoft Analyzer’s capabilities extend beyond individual projects. The ongoing “Code Unboxed”  series showcases practical use cases for the tool, enabling developers to tackle a range of challenges, such as: 

• Integrating with Fuzz Testing: Combining TrustInSoft Analyzer with fuzzing tools to uncover vulnerabilities that may be missed by either approach individually. 
• Managing Large Codebases: Techniques for scaling analysis to handle complex, interdependent modules. 
• Securing Legacy Systems: Applying the Analyzer to older projects to identify and fix hidden vulnerabilities. 

The series aims to empower developers to adopt advanced source code analysis techniques in their workflows. TrustInSoft Analyzer is to that regards an hybrid sound and exhaustive analyzer, performing static and dynamic source code analysis. 

Who Benefits Most from TrustInSoft Analyzer? 

TrustInSoft Analyzer is particularly beneficial for teams developing software in safety-critical sectors and with cybersecurity in mind. For example: 

• Automotive: Ensuring safety and security under ISO 26262 and AUTOSAR guidelines. 
• Aerospace: Complementing the DO-178C by achieving compliance to cybersecurity standards like DO-356A. 
• Healthcare: Securing embedded devices where vulnerabilities can jeopardize patient safety. 
• Conformity with the Cyber Resilience Act and CISA Initiative 

Beyond regulated industries, any team aiming to enhance software reliability and security can benefit from TrustInSoft Analyzer’s exhaustive analysis capabilities. 

Take Action Today 

Is your software development process equipped to handle the complexities of modern code safety and security? With TrustInSoft Analyzer, you can uncover memory safety issues, runtime errors, enhance code quality, and ensure compliance with confidence. 

Start your journey to secure and reliable software: