Alias Robotics validates the quality and actively looks for flaws and vulnerabilities within the source code of the robot. We test source code and look for security flaws using a variety of techniques including static and dynamic analysis.
Code testing assessment is generally performed in a white-boxed manner where Alias has complete access to the source code of the robot or robot component.
We review your robot code security using both manual and automated mechanisms. We then determine its general structure (e.g. by extracting the robot computation graph) and interact with you to define the scope/s.
Static testing or static robot software analysis is the study of the software without executing it and by simply looking at its structure and content. We use static testing analysis techniques to determine flaws in your robot code and use them as a basis for further security research.
Dynamic testing, often shortened as “testing” refers to the examination of the response from the launch of the robot software to variables that are not constant and change with time.
Formally a sub-class of dynamic testing but we separate for convenience, fuzzing or fuzz testing implies challenging the security of your robotic software in a pseudo-automated manner providing invalid or random data as inputs wherever possible.
In a nutshell, we detect flaws by sending garbage
With all the results obtained and experience accumulated, we start assessing all the flaws and score them according to their code security criticality. This all gets packed and delivered to you as a report which includes instructions to reproduce each relevant flaw, necessary for developing mitigations.
Static analysis of your robotics software
Dynamic analysis of your robotics software
Fuzz testing analysis of your robotics software
Reproduction recipes, scoring and reporting