Coverity is a proprietary static code analysis tool from Synopsys. This product enables engineers and security teams to find and fix software defects.

Coverity, Inc. - A Synopsys Company
Company typePublic
IndustrySecurity testing, static program analysis, software development
FoundedNovember 2002 (2002-11)
FateAcquired by Synopsys in 2014
Headquartersformerly San Francisco, California
Key people
Jason Schmitt (current GM)
ProductsCoverity Code Advisor, Coverity Code Advisor on Demand, Coverity Scan, Coverity Test Advisor, Seeker
Number of employees
250+
ParentSynopsys, Inc.
Websitesynopsys.com/software-integrity.html

Coverity started as an independent software company in 2002 at the Computer Systems Laboratory at Stanford University in Palo Alto, California. It was founded by Benjamin Chelf, Andy Chou, David Park, and Seth Hallem with Stanford professor Dawson Engler as a technical adviser. The headquarters was moved to San Francisco. In June 2008, Coverity acquired Solidware Technologies.[1] In February 2014, Coverity announced an agreement to be acquired by Synopsys, an electronic design automation company, for $375M in cash.[2]

Products

edit

Coverity is a static code analysis tool for C, C++, C#, Java, JavaScript, PHP, Python, .NET, ASP.NET, Objective-C, Go, JSP, Ruby, Swift, Fortran, Scala, VB.NET, and TypeScript. It also supports more than 70 different frameworks for Java, JavaScript, C# and other languages.[3]

Coverity Scan is a free static-analysis cloud-based service for the open source community.

Applications

edit

Under a United States Department of Homeland Security contract in 2006, the tool was used to examine over 150 open source applications for bugs; 6000 bugs found by the scan were fixed across 53 projects.[4]

National Highway Traffic Safety Administration used the tool in its 2010-2011 investigation into reports of sudden unintended acceleration in Toyota vehicles.[5][6] The tool was used by CERN on the software employed in the Large Hadron Collider[7][8] and in the NASA Jet Propulsion Laboratory during the flight software development of the Mars rover Curiosity.[9]

References

edit
  1. ^ Krill, Paul (2008-06-30). "Coverity buys Solidware to boost code analysis". Infoworld.com. Archived from the original on 2008-10-10. Retrieved 2011-01-29.
  2. ^ "Synopsys Enters Software Quality and Security Market with Coverity Acquisition". PR Newswire. 2014-02-19. Retrieved 2014-02-20.
  3. ^ "Coverity Static Analysis Data Sheet" (PDF). Synopsys.com. Retrieved 2019-07-15.
  4. ^ ["LAMP lights the way in open-source security : News : Security - ZDNet Asia". Archived from the original on June 14, 2009. Retrieved May 4, 2006."LAMP lights the way in open-source security"] – ZDNet
  5. ^ "U.S. Used Key Tools to Examine Toyota Acceleration-Related Software" Archived 2013-05-26 at the Wayback Machine
  6. ^ "Technical Support to the National Highway Traffic Safety Administration on the Reported Toyota Motor Corporation Unintended Acceleration Investigation" Archived 2011-02-13 at the Wayback Machine
  7. ^ "CERN Chooses Coverity to Ensure Accuracy of Large Hadron Collider Software"
  8. ^ "Improving Scientific Research: CERN and Coverity Static Analysis"
  9. ^ "Coverity: Mars Rover Curiosity's 'Space Doctors' On Bug Hunting In Space"