voke Names Coverity as a Transformational Company in the Testing Market
Coverity has been rated as a Transformational company in the voke, inc. Market Mover Array™ Report for Testing Platforms. Coverity's rating is recognition of the impact that Coverity's software integrity strategy is making in shaping the future of the testing market.
When working on projects with large codebases that re-use components, it can be hard to identify which projects and products are affected by defects in shared code. How do you understand the impact of defects in your shared components? How do you analyze and prioritize the defects in your shared components so you know what to fix first, or not at all? How do you effectively track defect status and history across shared code?
Attend this webcast and you will learn five steps you can take to make the process of finding and fixing defects across shared code more efficient to increase developer productivity and reduce the risk of a schedule slip.
In this 30 minutes session you will learn:
• How to effectively scan your software to identify hard to spot defects in shared code
• How to identify which projects and products are impacted by defects to prioritize which defects should be fixed first
• What actions and best practices are needed to ensure the necessary fixes are implemented to prevent defects from entering the field
ip.access is the leader in developing innovative technology for IP and Mobile connectivity. To meet consumer demand for their products, ip.access developers and external development partners need to collaborate to deliver top notch code under tight timetables.
With more than 3.6 million lines of C/C++ and Java code, development leaders at ip.access recognized that unit tests and manual peer review were becoming too labor intensive to stay on the company’s development timeline. Therefore, the company elected to create a continuous integration development process that would accelerate the ability of both internal and external teams to ensure the quality of their combined code. A key component in this process would be the use of static analysis to evaluate code prior to run-time.
ip.access selected Coverity Prevent as its static analysis solution because Prevent automatically finds a high concentration of critical software defects with the lowest false positive rate in the industry. In fact, ip.access reports false-positive rates at or below 5%. Because these analysis results are so accurate, developers at ip.access and its development partner can now avoid a significant amount of time-consuming manual code reviews and can check in code with greater confidence.
"During our preliminary trial process, Coverity Prevent identified 27 'must-fix' defects in our draft code," said Jason Cooper, Senior Software Engineer at ip.access. "With results like that, selecting Coverity was a quick decision for us."
Schneider Electric (Schneider) is a global leader in energy management, developing solutions to make energy safe, reliable, efficient, and productive from plant to plug.
Schneider Electric has adopted Coverity to improve product quality and software integrity while reducing development costs and re-focusing resources on innovation, benefits which have been realized within the development organization, across the company, and supported at the highest level within Schneider Electric management.
"We run the analysis from a centralized team and send out an email one week later announcing the results are available for the developers to review. If there is ever a delay in getting this information out to the developers, they come to us and seek it out. Not a single developer did this in the past. Now we have developers demanding Coverity."
- Frank Klosek, Qualimetry and Senior Technical Manager
For customers of Sun Microsystems' long-term storage products, quality is rarely an issue. Sun is a global leader in network computing infrastructure solutions with well-known brands such as Java, Solaris, MySQL, and StorageTek.
In a highly competitive market, companies like Sun constantly need to increase quality and reliability, speed delivery, and reduce costs just to stay even with its rivals. Coverity Static Analysis is a great addition to help not only achieve these objectives, but also surpass them. It has proven to be a tool that can find defects earlier, which reduces development costs and accelerates time to market.
Using Coverity Static Analysis also results in higher quality products in the field because there is more complete coverage of exception handling code in testing. Finally, the real-time feedback improves software developers’ coding skills resulting in fewer testers needed relative to the number of developers. These benefits help Sun and its already award-winning products to not just stay on par with the competition, but widen the gap between Sun and its challengers.
Frequentis develops highly reliable communication and information systems for safety-critical applications. Its market leading control centre solutions, products and services are used by customers in a variety of mission critical public and private fields such as air traffic control (civil and military); emergency services (police, fire departments, and ambulances); maritime systems; and railways and public transport. Safety and freedom of failure is the single most important objective for Frequentis.
Frequentis' mission and commitment to safety is engrained into every part of the company, and the software quality organization is a direct reflection of this commitment. Coverity has helped Frequentis ensure a high level of software integrity to support its product mission of freedom from failure, while continually improving the productivity of its developers.
According to Andreas Gerstinger, Software Quality and Software Safety Engineer, who drove the evaluation and introduction of Coverity Static Analysis into the organization, "We had used other analysis tools in the past but they did not go as deep as Coverity--they only provided metrics such as complexity measurement--but did not go as far as finding faults and pinpointing where they reside in the code. Developers didn’t want a tool that only showed them abstract metrics, but would instead show them exactly where they made a coding error."
In this paper, we outline some of the most prevalent myths about security that you should consider when looking to improve the security of your software. Falling prey to these deadly myths could at best cause you to waste valuable cycles on useless “security” activities or at worst, cause your applications to be less secure.
This document will discuss how the Coverity Integrity Center can help with specific software verification guidelines as outlined in DO-178B.
- Code base complexity compared to 2 years ago
- Frequency of production application updates
- Code Review / quality strategies
- # of critical bugs found within 12 months of release
- # of days to correct a defect in the field
In the context of the above findings, IDC then briefly looks at the product offerings of Coverity, an automated source code analysis tools vendor. Coverity Thread Analyzer for Java, which was released in 2Q08, observes code as it is executed and identifies race conditions and deadlocks.