User:Houseonbluehill/sandbox

copied content from CriticalBlue

CriticalBlue is a Scottish software company based in Edinburgh that is primarily active in two areas of technology: anti-botnet and automated threat[3] prevention solutions[buzzword] for mobile businesses, and software optimization tools and services for Android and Linux platforms.[citation needed]

CriticalBlue is a Scottish software company based in Edinburgh. It’s primary product, Approov, is an app authentication service for mobile businesses. Previous products include software optimization tools to improve mobile hardware performance.

History
In 2001, David Stewart, Richard Taylor and Ben Hounsell founded the software company CriticalBlue in Edinburgh, Scotland. The company won a Smart Scotland Award in 2002 for "Electronic design automation tools for improved design of demanding multimedia applications." CriticalBlue received $2 million in seed funding and assembled a core team in 2003.

In May 2008, CriticalBlue joined the Multicore Association, where CEO David Stewart would eventually co-chair the Multicore Programming Practices workgroup in 2009. The company received $4 million funding in September 2008 from European, Silicon Valley, and Japanese venture capitalists and corporate investors, and started a close collaboration with Toshiba Corporation.

During 2010, CriticalBlue extended Prism product support for MIPS, Cavium, and Freescale. In 2011, the company added support for TI C66x DSPs and second generation Intel Core processors. The company expanded the range of supported Renesas platforms in 2012. In 2013, CriticalBlue refocused on mobile Android and embedded Linux platforms.

In the subsequent two years, CriticalBlue continued to penetrate into the mobile software optimization market while it started the analysis of mobile data security opportunities, leading to the lauch of the Approov app authentication service in 2016.

Approov
Approov is an app authentication service that allows API backends to positively identify that requests are being made by a legitimate mobile app.

Kristopher Sandoval, an author for Nordic APIs, conducted a fully independent review of Approov in February 2017 and noted that “… the threat to public-facing APIs in the mobile space is real, dangerous, and often inefficiently mitigated.”

After evaluating the Approov solution Approov, he concluded that “Its approach to securing applications in the mobile environment is novel, and the way CriticalBlue goes about this is perhaps one of the more secure ways of doing so. While using cloud services for authentication is often highly questionable, their implementation in this case looks rock solid.”

While pointing out that “… preventing the types of reverse engineering issues that Approov is designed to stop is vitally important” he recommends that companies should consider the possible savings of integration. “If the cost can be justified then Approov is a powerful solution.”

According to Steven Puddephatt, Business Solutions Architect at the Racing Post, "[a]t the Racing Post we've historically had problems with data scrapers on our site and have relied on 'after the fact' mechanisms such as IP blocking. We are now [December 2016] on the precipice of exposing our API to the general public, and we are understandably reticent given the value of our data. We searched the market and only Approov offered the strong mobile app authentication and security we required [...] We are now very confident we can launch a public facing API without fear of unauthorized access."}}

Bill Buchanan, Professor of Computing, The Cyber Academy, Edinburgh Napier University, stated, "[w]e have analyzed Approov for both its cryptography strength and also for an initial penetration test. The current system has very good levels of assurance which provide significantly reduced risk within the key application areas."

Gartner identified CriticalBlue as a Cool Vendor in Mobile App Development, 2017. CriticalBlue won the 2017 API Awards in the API security category and Approov won a Cybersecurity Excellence Award in 2018 in the Mobile Application Security category. In November 2020, Approov partnered with BMW Group to protect their keyless car rental platform.

In February 2021, CriticalBlue published a report authored by security researcher, Alissa Knight, revealing security vulnerabilities in mobile health applications.

Prism
First released in 2009, Prism dynamically traces software applications at runtime and captures data that can be used to analyze and identify the causes of poor performance. Prism received the "Best of Show" Award at the 2009 Silicon Valley Embedded Systems Conference.

Bryon Moyer, in Real World Multicore Embedded Systems, states that Prism's objective is "to provide analysis and an exploration and verification environment for embedded software development using multicore architectures." Moyer also describes the Prism interface as a set of integrated views in the GUI that display interactions between threads, data dependencies, cache analysis, along with the microprocessor pipeline.

Matassa and Domeika, in Break Away with Intel Atom Processors, similarly state that Prism is a "toolsuite aimed at optimized software development for multi-core and/or multithreaded architectures." While mentioning the same analysis views in the Prism GUI described by Moyer, they also describe the dynamic tracing approach, whereby "&#8288;[t]&#8288;races of the user's software application are extracted either from a simulator of the underlying processor core or via an instrumentation approach where the application is dynamically instrumented to produce the required data."

Cascade
Finalized in 2003 and commercially released in 2004, CriticalBlue's Cascade is a C to RTL synthesizer. Richard Taylor and David Stewart, from CriticalBlue itself, provided a chapter in Customizable Embedded Processors, describing Cascade as a "solution [that] allows software functionality implemented on an existing main CPU to be migrated onto an automatically...generated coprocessor." They stated that this is realized as an automated design flow from an embedded software implementation onto a coprocessor described in RTL. They identified offloading computationally-intensive algorithms from the main processor as the primary usage of such a coprocessor. Cascade was awarded "Best Wireless Design Tool" in 2003 by the Wireless Systems Design magazine.

Patents












Publications

 * 1) Hounsell, Ben & Taylor, Richard. Co-processor Synthesis: A New Methodology for Embedded Software Acceleration, Proceedings of the Design, Automation and Test in Europe Conference and Exhibition (DATE’04), 16 February 2004. Retrieved on 23 June 2014.
 * 2) Taylor, Richard et al. Automated data cache placement for embedded VLIW ASIPs, codes-isss, pp. 39–44, Third IEEE/ACM/IFIP International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS'05), 19 September 2005. Retrieved on 23 June 2014.
 * 3) Morgan, Paul & Taylor, Richard. ASIP instruction encoding for energy and area reduction, DAC '07 Proceedings of the 44th annual Design Automation Conference, Pages 797-800, 4 June 2007. Retrieved on 23 June 2014.