STMicroelectronics announced on March 6, 2025, the successful integration of Black Duck Software Composition Analysis (SCA) and Coverity Static Analysis into its development processes. This move aims to streamline software bill of materials (SBOM) generation and strengthen software security practices.
The company has leveraged Black Duck SCA to automate end-to-end SBOM generation, reinforcing software security for its latest ultra-low power product, the STM32U3 microcontroller. This integration helps STMicroelectronics comply with evolving regulatory requirements, such as the European Cyber Resilience Act (CRA).
By adopting Coverity Static Analysis, STMicroelectronics can proactively identify and remediate security vulnerabilities in software components, further enhancing the security posture of embedded software in its microcontroller products. This collaboration reinforces the company's cybersecurity strategy in the microcontroller industry.
The content on BeyondSPX is for informational purposes only and should not be construed as financial or investment advice. We are not financial advisors. Consult with a qualified professional before making any investment decisions. Any actions you take based on information from this site are solely at your own risk.