With Code Analysis Tools Suitable for China and International Markets, Xcalibyte Helps Enterprises Reduce the Incidence of Bugs

30 Apr 2021 Author: Jian Ding Credit: Cyzone - translated from the original Chinese article

At the Shanghai Auto Show on April 19, 2021, a woman approached the Tesla booth, stood on the top of a Model 3 and shouted, “The Tesla brakes are out!” This caused heated discussions online. There has been no official word on whether Tesla’s braking system actually failed. But it’s not hard to imagine how the market will react to a car company once it is exposed that there is a bug in its brake software. Another way of putting it to consumers is:

Would you dare to buy a car with a buggy brake system?

Software security is an important cornerstone in the rapid development of information technology today. All of a company’s operations, finances, sales, and brand reputation can be destroyed because of a small bug that slipped through the cracks.

Online sales platform Pinduoduo also experienced a major ‘coupon’ bug on January 20, 2019. Users of Pinduoduo can use the same account to get multiple RMB100 coupons several times in different channels when there was meant to be a limitation of one per person. The coupon offered a big discount to use on mobile phone bills. Because the coupons were not limited to one for each customer as was the intent, the company ended up losing tens of millions of renminbi overnight. On its official Weibo account, the e-commerce platform said the issue had been fixed and a case of “network fraud” has been filed with Shanghai police.

The company is not alone when it comes to being hacked as other large Internet companies including and Suning have also reported similar major incidents caused by bugs.

For programmers, defects in source code are inevitable, and can only be found and fixed through constant and repeated testing. However, although many companies have there are a strict, internal testing policies, bugs such as the one that affected Pinduoduo, will still appear, bringing serious economic losses to enterprises.

Code defect detection analysis has become an important step in reducing the incidence of bugs. This is an area that a startup company, Xcalibyte, has been delivering solutions for by using static code analysis for deep-rooted source code defect detection.

Founded in 2018 by Yuning Liang (CEO), Colin Giles (COO), Sun Chan (CTO), and Shin-Ming Liu (Chief Architect), Xcalibyte is dedicated to analyzing and identifying potential quality and security issues in source code. The Xcalibyte team have backgrounds with Nokia, Samsung, Huawei, Intel and other major enterprises. They have many years of software development and management experience. “My father was an entrepreneur, and that was the beginning of my earliest dream of starting a business,” said Colin.

Colin was in charge of global sales of Nokia, while Liang Yuning was also in charge of software development at Nokia. Later, at Huawei, Liang led programming technology and Colin was in charge of Quality, Process and Operations. After working together for about two years, they got to know each other and eventually decided to start their own business.

In terms of business development, although the direction of static source code in-depth analysis was clear, at the beginning, the founding team did not know where the specific requirements of China users would appear. As a start-up company, few enterprises were willing to take a chance with Xcalibyte and work collaboratively through proof-of-concept projects needed to refine the product. The team leveraged overseas collaborators and testing services to help refine and enhance their analysis tools which were then adapted for China developers. Through the management team’s deep understanding of the domestic market, they then launched the first-generation code testing product, Xcalscan.

“The Chinese market is very unique,” said Colin. Because we have a lot of experience in China, we know that in order to open up the domestic market, some local adaptation is necessary.” This international team is good at integrating domestic and foreign technologies to create software products with the characteristics of both worlds.

Xcalscan is characterized by ease of use and high efficiency. “Because SDLC (Software Development Lifecycle) is not very mature in China, our product has to be simple to use,” said Colin.

Whether it is developers, security professionals, quality assurance professionals, or corporate executives, Xcalscan can provide professional code analysis technical tools to improve their efficiency and reduce costs.

Research from IBM and other international survey companies found that moving the code testing to an earlier phase in the software development lifecycle can save businesses 20% of the cost as the cost of fixing defects increases fivefold after the product is released. This is something that many companies are realizing, so they prefer to use static code analysis tools to reduce bugs at the coding stage, also known as shift-left testing, thereby reducing the time and cost of fixing bugs.

Xcalscan’s scan engine finds deep-rooted, hard to find bugs that can cause memory corruption, core dumps, buffer overflows, illegal operations, null pointers, etc., and provide general guidance to help remediate the issues.

As for the market direction, Colin said: “Software is fundamental to all businesses today, so almost all industries can use Xcalscan.” In terms of customer selection, Xcalibyte targets top enterprises in China for two reasons. The first is, top enterprises can better represent the common needs of the whole industry. This way, Xcalibyte can strengthen its capabilities to serve the whole industry. The second is, top enterprises have stricter requirements for the stability of code and stronger demand for product analysis tools, so there are greater opportunities in the market.

Xcalibyte has provided products and services to Horizon Robotics, UISEE Technology, Ant Financial and other enterprises. The company will continue to focus on areas such as artificial intelligence, Internet of Things, financial services and autonomous driving. Users can choose to purchase products for localized deployment or have Xcalibyte provide technical services.

In terms of financing, Xcalibyte completed its A+ round of investment with Jiangmen Venture Capital and Redpoint China in July 2020. The round was mainly used to increase investment in research and development and refine products. “Our focus remains on improving the experience for our customers in China” said Colin. ”After our products are perfected, we will expand our business overseas to seek greater development opportunities. I believe that with my experience at Nokia, Huawei and Lenovo, I can contribute a lot to the internationalization of Xcalibyte.”