There are many different targets a review may set out to meet, such as confirmation that:
- the software actually performs only documented functionality;
- the software correctly executes any critical functions (e.g., money accounting, unit conversions, etc.);
- the software correctly supports any agreed-upon or advertised protocols (e.g., communication protocols);
- the software is compatible with other software or hardware, i.e. interoperability tests;
- access levels, protection and encryption are properly built-in;
- built-in randomness (RNG) is fit for purpose;
- the executable (binary) code corresponds to the supplied source code of the software;
- the software meets the chosen regulatory framework (e.g., for cashier equipment, measuring equipment, safety of consumer products, etc.);
- any other specific requirements or goals are met.
We can perform two types of a software review:
- an analysis of an/a executable/binary code (“black box” review);
- an analysis of the source code and compilation into an executable code, usually in cooperation with the developer of the software (in-depth review).
In certain cases, we can perform a software review remotely.