With the advent of good quality and lower cost development resources being available in India and other offshore and nearshore locations many organizations have moved a large portion of their software development effort to third party contracts where the work is done in Asia or Eastern Europe.

This extends the software supply chain to an extent that it is very hard to exercise the level of quality control and security monitoring that has historically been applied to business and safety critical systems developed in-house in the US or Western Europe. Financial Services firms have increasingly become targets of cyber fraud via back door coding schemes originating offshore. SofCheck Inspector assists in the review of this offshore developed code and makes detecting the possibility of mal-ware insertion in outsourced or offshore developed Java systems more automated.

SofCheck Inspector’s patent pending capabilities to document, as programmed, the preconditions, postconditions and presumptions of every class, method, and call in the program provides a cost effective and practical alternative to the current practice of arduous and costly detailed manual source code reviews. These postconditions capture the essential information needed to determine whether the code will provide the desired results and won’t insert any undesired side effects.

Because the vast majority of all systems development is enhancement and modification of existing systems, SofCheck Inspector can provide a baseline of the preconditions, postconditions and presumptions instantiated in the code at the time that an offshore development contract is let. This makes review of the new code a relatively easy process as only that code that has changed, or is new, needs to be reviewed to assure that it is fit for purpose and matches the requirements attached to the contract.

Learn more about our static error detection and optimizing compiler technologies.

Top