当前位置:首页 >英文主页 >中英对照 > 报告详情

Black Duck:2025年嵌入式软件质量与安全现状报告(英文版)(30页).pdf

上传人: 小*** 编号:1270792 2026-06-24 30页 6.65MB

下载:

1、THE STATE OF EMBEDDED SOFTWARE QUALITY AND SAFETY 2025TABLE OF CONTENTSUnprecedented Change for Embedded Software .1Why You Should Read This Report.2The AI Revolution in Embedded Systems .4Unprecedented Adoption of AI .4The Governance Gap:Confidence Lags Behind Adoption.5The Maturation of Software S

2、upply Chain Management .6Open Source Software in Embedded Systems .7SBOMs Become a Commercial Imperative.7The People and Processes of Modern Embedded Development .8Navigating Speed vs.Quality.8The Fragmented Compliance Landscape .9Recommendations and Outlook .10Thriving in the New Embedded Paradigm.

3、10Actionable Recommendations .11Future Outlook .11How Black Duck Can Help .12From Insight to Action in the New Embedded Paradigm.12For Executive Leaders:Transforming Systemic Risk into Competitive Advantage .13For Hands-on Developers:Building High-Quality Software Without Sacrificing Speed .18Making

4、 AI a Superpower,Not a Liability .20Appendix A:Full Survey Questions .21Appendix B:Detailed Respondent Demographics .26About Black Duck .27BLACKDUCK.COM|1UNPRECEDENTED CHANGE FOR EMBEDDED SOFTWAREThe world of embedded software is changing at a faster pace than ever before.Our research drills into th

5、is new reality and finds two major stories unfolding at once.The first is the story of artificial intelligencea massive adoption of AI tools but paired with dangerously lagging governance.The second is the story of the software supply chain becoming a core business function with the maturation of So

6、ftware Bills of Materials(SBOMs)into a mainstream commercial requirement.This report is a guide to understanding those two stories as well as the current state of embedded software development.We surveyed 785 professionals in the trenchesthe developers,managers,and security pros who build the embedd

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
1. **AI普及与治理滞后**:89.3%公司已使用AI编码助手,96.1%将开源AI模型集成到产品中,但21.1%组织无法确保AI代码安全性,18%存在“影子AI”违规使用风险。 2. **SBOM成为商业刚需**:70.8%公司需提供SBOM,其中39.4%源于客户/合作伙伴要求,超越行业监管(31.5%)。 3. **开发者技能与认知差距**:80.4%公司已采用内存安全语言(如Rust、Python),但管理者(86%)与工程师(56%)对项目成功率的感知存在显著分歧。 4. **供应链安全强化**:超50%公司主动扫描开源组件及代码片段的许可证风险,39.1%在每次构建时进行依赖扫描。 5. **核心挑战**:18.7%认为软件/硬件复杂性是最大障碍,18.1%面临紧迫发布时限压力。
AI治理缺位? SBOM成刚需? 管理与工程师的鸿沟?
客服
商务合作
小程序
服务号
折叠