(Image courtesy of Thinkstock).
(Image courtesy of Thinkstock).
(Image courtesy of Thinkstock).
(Image courtesy of Thinkstock).
(Image courtesy of Thinkstock).

Synopsys Buys Black Duck, Which Checks Open Source Code for Gaffes

Nov. 4, 2017
Synopsys Buys Black Duck, Which Checks Open Source Code for Gaffes

Synopsys said on Thursday that it would pay $565 million for Black Duck Software, whose tools pinpoint security and licensing oversights in the growing thicket of open source code used in millions of gadgets.

Black Duck’s products scan through a company’s code to highlight the open source software within. They automatically detect known security vulnerabilities and license compliance issues. The firm, which employs around 400 people, also provides automated alerts for any new security vulnerability. Its customers include Intel, Siemens, and Magneti Marelli.

With the deal, Synopsys is trying to make life easier for engineers using increasing amounts of open source software like Yocto and Linux. Today, open source software makes up more than 60% of all application code, Synopsys said. It can reduce costs and programming time for start-ups and for companies making Internet of Things devices.

Black Duck’s software could also assist embedded engineers. Nine of out ten developers targeting the Internet of Things use code from open sources, according to a report published last year by Vision Mobile. In a recent Electronic Design survey, more than 60% agreed that support for open source tools is readily available. Another 60% disagreed that the code is less reliable than proprietary operating systems and other software.

Lou Shipley, chief executive of the Burlington, Massachusetts-based Black Duck, wrote in a blog post that “most companies are ineffective in securing and managing it because they lack good visibility into the oceans of open source software they are using. Organizations simply cannot effectively secure, control and manage what they can’t see.”

Synopsys sells electronic design automation software to chip companies, but it has also expanded into tools that test software quality and security. In 2014, it spent $375 million to buy Coverity, whose static analysis tools detect software flaws without executing a program. The company plans to close the Black Duck deal next month.

“Development processes continue to evolve and accelerate, and the addition of Black Duck will strengthen our ability to push security and quality testing throughout the software development lifecycle, reducing risk for our customers,” said Andreas Kuehlmann, senior vice president of Synopsys’ software integrity group, in a statement.

Sponsored Recommendations

Highly Integrated 20A Digital Power Module for High Current Applications

March 20, 2024
Renesas latest power module delivers the highest efficiency (up to 94% peak) and fast time-to-market solution in an extremely small footprint. The RRM12120 is ideal for space...

Empowering Innovation: Your Power Partner for Tomorrow's Challenges

March 20, 2024
Discover how innovation, quality, and reliability are embedded into every aspect of Renesas' power products.

Article: Meeting the challenges of power conversion in e-bikes

March 18, 2024
Managing electrical noise in a compact and lightweight vehicle is a perpetual obstacle

Power modules provide high-efficiency conversion between 400V and 800V systems for electric vehicles

March 18, 2024
Porsche, Hyundai and GMC all are converting 400 – 800V today in very different ways. Learn more about how power modules stack up to these discrete designs.

Comments

To join the conversation, and become an exclusive member of Electronic Design, create an account today!