Key Takeaways
- Caroline Guillaume is the CEO of TrustInSoft, which specializes in advanced software analysis tools focused on formal verification of C and C++ source code.
- TrustInSoft aims to solve critical software issues like bugs and vulnerabilities, providing tools that have led to significant reductions in time spent on bug detection and verification.
- TrustInSoft differentiates itself from competitors by using formal methods for static analysis, ensuring zero false negatives and up to zero false positives, ultimately enhancing safety, security, and reliability in software.
Caroline Guillaume is the Chief Executive Officer of TrustInSoft. She has an extensive background working in the critical software industry, notably at Thales Digital Identity and Security where for 14 years she contributed to the Sales division including as the VP of Sales – Software Monetization Europe and VP of Banking and Telecom Solutions Sales out of Singapore. She also previously worked as director of Product Marketing at Gemplus. Caroline holds an engineering degree from Télécom SudParis.
Tell us about your company?
TrustInSoft is a leader in advanced software analysis tools and services that specializes in formal verification of C and C++ source code to ensure safety, security and reliability. Recognized by the US National Institute of Standards and Technology (NIST) for leveraging advanced formal methods, including abstract interpretation, TrustInSoft can mathematically guarantee analyzed software is free of critical runtime errors and vulnerabilities. TrustInSoft serves a diverse range of industries including automotive, aerospace, defense, consumer electronics, and IoT industries.
What problems are you solving?
The problem we’re tackling is one that’s plagued software development since its inception – bugs, vulnerabilities, and unexpected failures. These issues can have devastating consequences, leading to security breaches, system crashes, and even physical harm in critical industries. More than that, TrustInSoft’s tools and services help you find the very subtle and critical bugs that often go unseen and have costly consequences on the field.
For developers and testers, TrustInSoft Analyzer provides exhaustive static analysis with up to zero false positives and no false negatives. Our customers have seen up to 40X less time spent detecting bugs and 4X decrease in verification time. This helps answer to problems like tight time-to-market constraints and software safety, security, and reliability.
What application areas are your strongest?
Our technology can benefit many applications from the most critical like defense, aeronautics, and EVs, to consumer devices, and telecommunications. We intervene in the low-level software and ensure safety, security, and reliability by securing the foundation of critical systems.
The tool performs a combination of static analysis based on formal methods. Static analysis allows us to exhaustively test code without actually running it, identifying potential problems before they ever cause an issue. Formal methods take it a step further – they provide a mathematical guarantee that the code is free of certain types of errors, specifically undefined behaviors.
What keeps your customers up at night?
Notably in critical software and modern IoT devices, software developers and testers might lay awake wondering if they’ve done all they can to safeguard their code from hackers and corner cases. We help give them peace of mind by taking an incremental approach to secure their test suites, exhaustively fuzz the code, and even provide formal mathematical proof that the software will behave as specified. We combat undefined behaviors which can lead to software defeat, security breaches, challenges for regulatory compliance, and tight time to market requirements without sacrificing quality and security.
What does the competitive landscape look like and how do you differentiate?
TrustInSoft Analyzer, is not your average static analysis tool. Our use of formal methods gives a guarantee of safety, security, and reliability by identifying all undefined behaviors, which are amongst some of the top CWE list vulnerabilities. TrustInSoft Analyzer guarantees zero false negatives and up to zero false positives, saving precious developer and tester time and effort.
What new features/technology are you working on?
We are constantly improving TrustInSoft Analyzer with two major updates per year. This October’s release includes:
- Streamlined and Intuitive User Experience: The enhanced TISA UI dramatically simplifies the analysis process, making complex software verification more accessible and reducing the learning curve for technical teams
- Enhance Your Accuracy and Efficiency with TrustInSoft Assistant Capabilities: advanced assistant capabilities guide users in setting up and tuning their analysis, ensuring accurate results and reducing the risk of errors in complex environments.
- Advanced Compliance and Performance Capabilities: new features, including CWE alarm mapping, ARINC support, and enhanced C++ analysis performance, enable technical teams to achieve higher compliance and efficiency in complex environments.
How do customers normally engage with your company?
Our customers typically either use our tool, TrustInSoft Analyzer, independently or combine their tool usage with our Formal Verification Services (FVS). We help secure everything from airplanes to consumer devices like smartphones and gaming systems at the embedded systems layer ensuring safety and cybersecurity earlier in the development cycle. Our team of experts helps integrate into existing verification and validation processes to help developers dig into the vulnerabilities in their code.
Also Read:
CEO Interview: Mikko Utriainen of Chipmetrics
CEO Interview: GP Singh from Ambient Scientific
CEO Interview: Ollie Jones of Sondrel
Share this post via:
What is Wrong with Intel?