• Prev
  • Next

Analyzing the Military’s .NET Framework

As you may know, David Consulting Group is a partner with CAST, a world leader in Software Analysis and Measurement. Some of our offerings are powered by CAST products, like the Application Code Quality Center of Excellence and our Function Point Analysis Service.

Our partnership is built on years of independent work in software analytics, as well as a number of successful joint engagements. One such engagement occurred when a branch of the United States military wanted to validate its vendor-designed .NET framework with an external assessment of its architectural and performance software code.

To execute the project, DCG worked with CAST and Alliance Global, a software development firm that builds tools to perform code reviews using advanced application analytic tools.

Ultimately, David Consulting Group utilized the CAST Application Intelligence Platform (AIP) to effectively analyze the framework code and identify areas of concern for the organization (sample output below).


Find out more about this engagement and read our newest case study, David Consulting Group Utilizes CAST’s Application Intelligence Platform to Analyze and Assess a Third Party, Custom .NET Framework for the Military.

Sarah Weddle
Marketing Director

Written by Sarah Weddle at 05:00
Categories :

Medical Devices Face Cyber Security Threats

Holy Heart Attack Batman! It’s amazing how much Rob Crosssoftware touches every aspect of our daily life, from the furnace in our homes to pacemakers. Software intensive systems alone have an element of risk to them. However, once these systems are connected to a network and “on the grid,” there’s a whole new risk involved with these systems – cyber security.

The referenced article from Reuters discusses the FDA’s recent warning about the vulnerability of medical devices connected to a network. The article cites research stating that medical devices connected to a hospital’s network can be taken over and manipulated by the controller – without the hospital staff knowing. Yikes!

I know you’re thinking some of the same crazy things I’m thinking. Imagine a patient in the ICU on an air ventilator, who is also receiving medication via the IV infusion pump. Both machines are connected to the hospital network and monitored centrally at the nurse’s station, so in theory, they are “on the grid.” What’s to prevent a hacker from developing a virus to specifically target such devices and implement malicious behavior, such as shutting down the ventilator or increasing the dosage of medication to our fictitious patient? According to this article, nothing is really stopping that from happening.  That’s not only crazy but also scary.  

Now, let’s reel the crazy back in and look at reality. This is a wake-up call, not only to the medical device industry, but to all industries making network enabled products. If a product is “on the grid,” it’s a target for hackers and measures need to be taken to protect customers from malicious attacks. One of the common mistakes we see hardware-centric companies make is under-investing in their software capabilities because they don’t understand software but know it adds a lot to their bottom line. They’re hooked on the revenue.

For example, let’s add an LCD display to refrigerators, connecting your Tumblr, Facebook and Pinterest accounts to it, along with a calendar, to-do lists, grocery lists, etc. The maker of the fridge can pump up the price $600 - $1,000 with this new sexy feature. Sounds great – until someone finds a way to connect in through your unsecured home network and shut down your fridge, resulting in a loss of $1,000 worth of perishables.

I’m sure we could come up with hundreds of examples. Again, from our cars to TVs, everything is becoming a target.  

For the executives of such companies who might be reading this, from all of us consumers out here, be in it to win it! Don’t treat software and software security as second-class citizens. Your brand can’t afford to take the hit and we can’t afford to become mass targets of opportunities.

Until my next post, stay healthy and out of hospitals!

Rob Cross
ProServices, Vice President

Written by Rob Cross at 05:00
Categories :

"It's frustrating that there are so many failed software projects when I know from personal experience that it's possible to do so much better - and we can help." 
- Mike Harris, DCG Owner

Subscribe to Our Newsletter
Join over 30,000 other subscribers. Subscribe to our newsletter today!