BlackBerry Limited today announced that BlackBerry Jarvis, a software composition analysis tool, has been recognized as “Best in Breed” by an Internal Research & Development project (IRAD).
The analysis was conducted on behalf of the United States Department of Defense (DoD) by The Aerospace Corporation, and recommends the most proficient binary analysis solutions on the market for embedded software, citing BlackBerry Jarvis as the most promising and robust after a rigorous assessment of key players.
As software grows in complexity it creates an even larger attack surface. Additionally, there are a number of regulatory changes and standards such as WP.29 and Software Bill of Materials (SBOM) coming into effect which will empower authorities to levy fines against non-compliance or shut down operations completely.
The first step in mitigating these risks is the ability to inspect all of the code that comes from suppliers into your supply chains, and in environments where safety and security are paramount, it is not economically feasible to manually inspect all third-party binary files to ensure the quality of a multi-tier software supply chain.
At every stage of the software development lifecycle BlackBerry Jarvis can extract the characteristics and attributes from compiled binaries, even without access to source code and analyze these files to deliver deep insights into the quality and security of software components.
BlackBerry Jarvis was tested on the DoD’s in-production and in-orbit satellite systems, as well as ground flight systems and billion-dollar telescopes and identified more issues much faster than its competitors, including the detection of a purpose-built backdoor in an open-source product which evaded all other tools involved in the process.