Quality Assurance

All code must be tested by QA-SYSTEM’s QA-C and QA-C++ tools to perform CERT and IEC 61508 Quality Assurance.

The IEC61508 (Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems), is an international standard widely used in Industrial Automation. The IEC61508 standard also requires use of coding standards, such as MISRA and CERT.

CERT is maintained by the Software Engineering Institute (SEI), a research and development center primarily funded by the U.S. Department of Defense and the Department of Homeland Security. The CERT Division at SEI is operated by Carnegie Mellon University and responsible for publishing these standards. The CERT® Secure Coding Standards for C and C++ are standards that provide rules and recommendations that target insecure coding practices and undefined behaviors that can lead to exploitable vulnerabilities.

It is our goal to maintain IEC 61508 and CERT compliance in all code design and development. There are many existing and emerging standards that might be applied but the IEC 61508 and CERT specifications align closely with our commitment to provide quality services and error free processing. It achieve this goal the C++ code must be tested to assure that:

Quality Assurance of all C++ code must be ensured for IEC 61508 and CERT compliance.he

The C++ code must also be tested against:

• Application level vulnerabilities

  • Cross domain information leakage (Onchain name servers for domain registry)

  • Client side logic and data storage vulnerabilities

  • Cloud configurations vulnerabilities

• Blockchain level vulnerabilities

  • Input validation and representation

  • API abuse

  • Access control mechanisms

  • Memory management

  • Time and state

  • Error and exception handling

  • Encapsulation and hidden defects

  • Flaws at browser runtime

  • Insecure JNI

  • Unused variables after assignment