2019 Open Source Security and Risk Analysis (OSSRA) Report

Silicon Design & Verification
Silicon IP
Software Integrity
About Us

Support
- SolvNet
- Software Integrity
Global Sites

Silicon Design & Verification
Products
Solutions
Resources
Services
Community
Training

Design
RTL Synthesis
Physical Implementation
Physical Verification
Signoff
Test Automation
Custom Design
FPGA Design

System Simulation & Modeling
Electro-Mechanical
Wire Harness
Automotive
Aerospace

Verification
Simulation
AMS Verification
Static & Formal Verification
Debug & Coverage
Verification IP
Virtual Prototyping
Emulation
Prototyping
SoC Verification Automation
FPGA Verification

3D Image Processing
Simpleware
Clinical Applications
Life Sciences
Materials & Manufacturing

Silicon Engineering
TCAD
Atomic-Scale Modeling
Mask Synthesis
Mask Data Prep
Yield Management

Optical Solutions
LightTools
CODE V
LucidShape
RSoft

Photonic Solutions
PIC Design Suite

Design
Aerospace & Defense
Artificial Intelligence
Automotive
DTCO

Verification
Aerospace & Defense
Automotive
Low Power

Cloud
Synopsys on the Cloud

Platform
Fusion Design Platform
Custom Design Platform
Verification Continuum
Silicon Engineering

Design
Articles
Blogs
Datasheets
Events
News
Newsletters
Success Stories
Videos
Webinars
White Papers

Verification
Articles
Blogs
Datasheets
Events
News
Newsletters
Success Stories
Videos
Webinars
White Papers

Silicon Engineering
Articles
Datasheets
Events
News
Newsletters
Webinars

Design Services
Methodology Consulting & Flow Deployment
Physical Design & Assistance
Arm Core Hardening & Optimization
Hosted Collaboration Services

Support
Support Center Locations
Licensing
Installation
Compute Platforms

SolvNet
Documentation
Open a Support Case
Download Center

Community
Community Overview

SNUG
Conferences
Keynotes
Proceedings
Sponsors

Partners
Arm
GLOBALFOUNDRIES
Intel Custom Foundry
Samsung
TSMC
All Partners

Academic Programs
Electronic Design
Optical Design
Static Analysis

Company Blogs
A View from the Top
Hitting the Mark
InFormal Chat
VIP Central
All Blogs
Looking Past the Horizon

Training and Education
Course Catalog and Registration
Course Options

Silicon IP
Products
Markets
Newsletter
Customer Success
News
Resources

Download Brochure

Interface IP
USB
PCI Express
DDR
MIPI
CCIX
Ethernet
HDMI
SATA
Mobile Storage
Bluetooth
Multi-Protocol PHYs
VESA DSC
IP Prototyping Kits
Interface IP Subsystems
All Interface IP

Processor Solutions
ARC Processor IP
Embedded Vision Processor IP
Development Tools
Operating Systems
Ecosystem
ASIP Tools

Memories & Libraries
Logic Libraries
Memory Compliers
Duet Packages
HPC Design Kit
Embedded Test & Repair
Non-Volatile Memory

Security IP
Root of Trust
Cryptography IP
Content Protection
Security Protocol Accelerator

Analog IP
Data Converters

IP Subsystems
ARC Data Fusion IP Subsystem
ARC Sensor & Control IP Subsystem
ARC Audio IP Subsystem
Interface IP Subsystems

IP Accelerated
SoC Architecture
IP Subsystems
Signal/Power Integrity Analysis & IP Hardening
IP Prototyping Kits
Silicon Bring-Up Support

SoC Infrastructure IP
DesignWare Library
Foundation Cores
minPower Components
Verification IP

Market Solutions
Artificial Intelligence
Automotive
Internet of Things
Cloud Computing
5G Mobile

Read
News
Articles
Datasheets
DesignWare Technical Bulletin
Success Stories
White Papers

Watch
Videos
Webinars

Community
embARC.org
PCI Express IP Blog: "Express Yourself"
USB IP Blog: "To USB or Not to USB"
DDR IP Blog: "Committed to Memory"

Software Integrity
Tools
Services
Training
Solutions
Resources
Customers
Partners
Blog

Contact Sales

Polaris Platform
Comprehensive application security from developer to deployment

Tools
Tools and processes that automate security & quality testing across the SDLC

Managed Services
On-demand resources and expertise to augment and accelerate application security

Professional Services
Strategy and programs that address security before, during and after development

Static Analysis (SAST)
Coverity
Request a demo

Software Composition Analysis (SCA)
Black Duck
Request a demo

Interactive Application Security Testing (IAST)
Seeker
Request a demo

Fuzz Testing
Defensics
Test Suites

Managed Security Testing
Managed SAST
Dynamic Analysis (DAST)
Penetration Testing
Mobile Application Security Testing
Network Security Testing

Professional Services
Strategy and Planning (BSIMM)
Architecture & Design
DevSecOps Integration
Cloud Security
Industry Solutions

Audit Services
Open Source Audits
Application Security Audits
Code Quality Audits
M&A Due Diligence

All Products & Services

Software Security Training
eLearning
Instructor Led Training
Course Catalog

Product Education

Community

All Products & Services

By Need
Application Security Testing
Software Quality
Open Source Security & Compliance
DevSecOps
Agile Development
CI/CD
Security Program Acceleration
Cloud Security
Industry Standards Compliance
Mergers & Acquisitions

By Industry
Financial Services
Automotive
Healthcare
Retail & eCommerce
IoT & Embedded
Industrial Control Systems
Federal/Government
Energy

All Products & Services

Resource Center
Case Studies
Datasheets
eBooks
Knowledge Database
Reports
Webinars
White Papers

Blog
Agile, CI/CD & DevOps
Cloud Security
Quality & Compliance
Static Application Security Testing
Web Application Security

Partners
Ecosystem
Cloud
Alliances
Global Systems Integrators

Become a partner

Company
About Us
Investor Relations
Community
Newsroom
Resources
Careers

About Us
Company Overview
Management Team
Global Citizenship
Board of Directors
Governance & Values
Worldwide Locations

Investor Relations
Recent Financial News
Financials
Investor Presentations
Governance & Values

Community
Synopsys Users Group (SNUG)
BSIMM
Academic Programs
Partners
Software Integrity Community

Newsroom
Press Releases
Spokesperson Bios & Images
Synopsys Logos
Media Contacts

Resources
Events
Webinars
Newsletters
Blogs

Careers
Search for Jobs
Verify Your Recruitment
Women in Tech
Careers Worldwide
Internships

< Silicon Design & Verification

Silicon Design & Verification

< Products

Design

RTL Synthesis Physical Implementation Physical Verification Signoff Test Automation Custom Design FPGA Design

< Products

System Simulation & Modeling

Electro-Mechanical Wire Harness Automotive Aerospace

< Products

Verification

Simulation AMS Verification Static & Formal Verification Debug & Coverage Verification IP Virtual Prototyping Emulation Prototyping SoC Verification Automation FPGA Verification

< Products

3D Image Processing

Simpleware Clinical Applications Life Sciences Materials & Manufacturing

< Products

Silicon Engineering

TCAD Atomic-Scale Modeling Mask Synthesis Mask Data Prep Yield Management

< Products

Optical Solutions

LightTools CODE V LucidShape RSoft

< Products

Photonic Solutions

PIC Design Suite

< Silicon Design & Verification

Products

Design System Simulation & Modeling Verification 3D Image Processing Silicon Engineering Optical Solutions Photonic Solutions

< Solutions

Design

Aerospace & Defense Artificial Intelligence Automotive DTCO

< Solutions

Verification

Aerospace & Defense Automotive Low Power

< Solutions

Cloud

Synopsys on the Cloud

< Solutions

Platform

Fusion Design Platform Custom Design Platform Verification Continuum Silicon Engineering

< Silicon Design & Verification

Solutions

Design Verification Cloud Platform

< Resources

Design

Articles Blogs Datasheets Events News Newsletters Success Stories Videos Webinars White Papers

< Resources

Verification

Articles Blogs Datasheets Events News Newsletters Success Stories Videos Webinars White Papers

< Resources

Silicon Engineering

Articles Datasheets Events News Newsletters Webinars

< Silicon Design & Verification

Resources

Design Verification Silicon Engineering

< Services

Design Services

Methodology Consulting & Flow Deployment Physical Design & Assistance Arm Core Hardening & Optimization Hosted Collaboration Services

< Services

Support

Support Center Locations Licensing Installation Compute Platforms

< Services

SolvNet

Documentation Open a Support Case Download Center

< Silicon Design & Verification

Services

Design Services Support SolvNet

< Community

Community

Community Overview

< Community

SNUG

Conferences Keynotes Proceedings Sponsors

< Community

Partners

Arm GLOBALFOUNDRIES Intel Custom Foundry Samsung TSMC All Partners

< Community

Academic Programs

Electronic Design Optical Design Static Analysis

< Community

Company Blogs

A View from the Top Hitting the Mark InFormal Chat VIP Central All Blogs Looking Past the Horizon

< Silicon Design & Verification

Community

Community SNUG Partners Academic Programs Company Blogs

< Training

Training and Education

Course Catalog and Registration Course Options

< Silicon Design & Verification

Training

Training and Education

< main menu

Silicon Design & Verification

Silicon Design & Verification + Products + Solutions + Resources + Services + Community + Training

< Silicon IP

Silicon IP

< Products

Interface IP

USB PCI Express DDR MIPI CCIX Ethernet HDMI SATA Mobile Storage Bluetooth Multi-Protocol PHYs VESA DSC IP Prototyping Kits Interface IP Subsystems All Interface IP

< Products

Processor Solutions

ARC Processor IP Embedded Vision Processor IP Development Tools Operating Systems Ecosystem ASIP Tools

< Products

Memories & Libraries

Logic Libraries Memory Compliers Duet Packages HPC Design Kit Embedded Test & Repair Non-Volatile Memory

< Products

Security IP

Root of Trust Cryptography IP Content Protection Security Protocol Accelerator

< Products

Analog IP

Data Converters

< Products

IP Subsystems

ARC Data Fusion IP Subsystem ARC Sensor & Control IP Subsystem ARC Audio IP Subsystem Interface IP Subsystems

< Products

IP Accelerated

SoC Architecture IP Subsystems Signal/Power Integrity Analysis & IP Hardening IP Prototyping Kits Silicon Bring-Up Support

< Products

SoC Infrastructure IP

DesignWare Library Foundation Cores minPower Components Verification IP

< Silicon IP

Products

Interface IP Processor Solutions Memories & Libraries Security IP Analog IP IP Subsystems IP Accelerated SoC Infrastructure IP

< Markets

Market Solutions

Artificial Intelligence Automotive Internet of Things Cloud Computing 5G Mobile

< Silicon IP

Markets

Market Solutions

< Silicon IP

Newsletter

< Silicon IP

Customer Success

< Silicon IP

News

< Resources

Read

News Articles Datasheets DesignWare Technical Bulletin Success Stories White Papers

< Resources

Watch

Videos Webinars

< Resources

Community

embARC.org PCI Express IP Blog: "Express Yourself" USB IP Blog: "To USB or Not to USB" DDR IP Blog: "Committed to Memory"

< Silicon IP

Resources

+ Read + Watch + Community

< main menu

Silicon IP

Silicon IP + Products + Markets Newsletter Customer Success News + Resources

< Software Integrity

Polaris Platform

Comprehensive application security from developer to deployment

< Software Integrity

Tools

Tools and processes that automate security & quality testing across the SDLC

< Software Integrity

Managed Services

On-demand resources and expertise to augment and accelerate application security

< Software Integrity

Professional Services

Strategy and programs that address security before, during and after development

< Software Integrity

Software Integrity

Polaris Platform Tools Managed Services Professional Services

< Tools

Static Analysis (SAST)

Coverity Request a demo

< Tools

Software Composition Analysis (SCA)

Black Duck Request a demo

< Tools

Interactive Application Security Testing (IAST)

Seeker Request a demo

< Tools

Fuzz Testing

Defensics Test Suites

< Software Integrity

Tools

Static Analysis (SAST) Software Composition Analysis (SCA) Interactive Application Security Testing (IAST) Fuzz Testing

< Services

Managed Security Testing

Managed SAST Dynamic Analysis (DAST) Penetration Testing Mobile Application Security Testing Network Security Testing

< Services

Professional Services

Strategy and Planning (BSIMM) Architecture & Design DevSecOps Integration Cloud Security Industry Solutions

< Services

Audit Services

Open Source Audits Application Security Audits Code Quality Audits M&A Due Diligence

< Software Integrity

Services

Managed Security Testing Professional Services Audit Services

All Products & Services

< Training

Software Security Training

eLearning Instructor Led Training Course Catalog

< Training

Product Education

< Training

Community

< Software Integrity

Training

Software Security Training Product Education Community

All Products & Services

< Solutions

By Need

Application Security Testing Software Quality Open Source Security & Compliance DevSecOps Agile Development CI/CD Security Program Acceleration Cloud Security Industry Standards Compliance Mergers & Acquisitions

< Solutions

By Industry

Financial Services Automotive Healthcare Retail & eCommerce IoT & Embedded Industrial Control Systems Federal/Government Energy

< Software Integrity

Solutions

By Need By Industry

All Products & Services

< Resources

Resource Center

Case Studies Datasheets eBooks Knowledge Database Reports Webinars White Papers

< Resources

Blog

Agile, CI/CD & DevOps Cloud Security Quality & Compliance Static Application Security Testing Web Application Security

< Software Integrity

Resources

Resource Center Blog

< Software Integrity

Customers

< Partners

Partners

Ecosystem Cloud Alliances Global Systems Integrators

< Partners

Become a partner

< Software Integrity

Partners

Partners Become a partner

< Software Integrity

Blog

< main menu

Software Integrity

+ Software Integrity + Tools + Services + Training + Solutions + Resources Customers + Partners Blog

< About Us

Company

< About Us

About Us

Company Overview Management Team Global Citizenship Board of Directors Governance & Values Worldwide Locations

< About Us

About Us

< Investor Relations

Investor Relations

Recent Financial News Financials Investor Presentations Governance & Values

< About Us

Investor Relations

< Community

Community

Synopsys Users Group (SNUG) BSIMM Academic Programs Partners Software Integrity Community

< About Us

Community

< Newsroom

Newsroom

Press Releases Spokesperson Bios & Images Synopsys Logos Media Contacts

< About Us

Newsroom

< Resources

Resources

Events Webinars Newsletters Blogs

< About Us

Resources

< Careers

Careers

Search for Jobs Verify Your Recruitment Women in Tech Careers Worldwide Internships

< About Us

Careers

< main menu

About Us

Company + About Us + Investor Relations + Community + Newsroom + Resources + Careers

All Synopsys

+ Silicon Design & Verification + Silicon IP + Software Integrity + About Us

Support

SolvNet Software Integrity

Global SItes

日本サイト中文网站中文網站 Сайт Россия

2019 Open Source Security and Risk Analysis (OSSRA) Report

Download the 2019 OSSRA report

2019 Forrester Wave: Software Composition Analysis

Introduction to Open Source Governance and Compliance

How to Navigate the Intersection of DevOps and Security

Legal

Follow