Home > Speakers >

Mark Hermeling

Mark Hermeling, MSc Mark has 25 years of experience in software development tooling, operating systems, virtualization and networking technology in safe and secure, embedded and real-time systems. He has worked on projects building automotive, networking, aerospace and defense and industrial devices in North America, Europe and Asia. As VP of Global Solutions Engineering at CodeSecure (formerly GrammaTech), Mark manages a team that covers the last mile in assisting CodeSecure customers to improve their safety and security posture, ranging from topics around software develop lifecycle to third party vulnerability and risk management and software bill of materials. Prior to joining CodeSecure, Mark worked for Wind River Systems (an Intel Corporation subsidiary), Zeligsoft and IBM Rational. He holds a Master of Science degree in Computing Science from Eindhoven University of Technology.

Nobody Likes Static Analysis

Status: Available Now

Nobody likes doing static analysis, but we all know that it helps improve software quality early in the development cycle. In my day-to-day job I see many people struggle with this challenge, especially in deeply embedded projects. In reality though, integrating static analysis is not complicated, the technology exists to turn static analysis into the superpower that enables your development teams to deliver better quality code faster:

  • Integrate static analysis into the workflow, such that it happens automatically
  • Make it easy for developers to understand the results and make corrections
  • Automate acceptance gates
  • Scale compute

This section will be a generic overview of the technology that you can use immediately:
- Integrate static analysis into GitLab, GitHub, Gerrit, BitBucket, Jenkins, ...
- Containers to standardize build environments for native and cross compilation
- Use Kubernetes to scale compute, either in your own data-centre, AWS, GCP, Azure or others
- IDEs to bring the results to developers desktops.

Go to Session