White Papers
Coverity’s white papers are designed to provide massive detail about the technical and business aspects of our products.
Fixing Software on the Assembly Line
(Posted August 2005)
Want to know how Coverity’s static source code analysis technology works? This technical white paper will provide everything a developer will need to know in gory detail.
Download Document��(registration or login required)
The Software Development Challenge
(Posted August 2005)
Software is no longer just a developer’s concern. This business whitepaper explains at an executive level the evolution and challenges facing companies interested in delivering quality, secure software—and some concrete actions companies can take to write better code.
Download Document��(registration or login required)
Product Information
In only two years, Coverity has managed to become the leader in static source code analysis. We think it’s because our products work as advertised. This is how they are advertised:
Coverity Prevent SQS
Prevent SQS is the leading automated approach to identifying and resolving the most critical defects in C, C++ and Java source code.
Download Document��(registration or login required)
Coverity Extend
This product is an optional add–on to Coverity Prevent SQS —yet nearly all of our customers have it. Learn how Coverity has made it possible to use static source code analysis to find custom or domain–specific defects in C and C++ code.
Download Document��(registration or login required)
ROI Datasheet
Ironically, the ROI of static analysis is rarely articulated beyond the platitude “find more bugs sooner.” Truly understanding the impact of static analysis takes into account buying, deployment, adoption, and maintenance. This document articulates the ROI value proposition of Coverity’s product line.
Download Document��(registration or login required)
Case Studies
Today, Coverity has more than 250 customers. We deliver a powerful ROI and the lowest total cost of ownership of any static analysis solution available. Following are some examples.
Palm, Inc.
Coverity inspects all active C and C++ products, with the goal of achieving zero defects.
Download Document
Symbian
Learn why Coverity was chosen to ensure the quality of all lines of code for Symbian OS.
Download Document
Wind River
Learn how Wind River boosted development productivity 30% and cut time-to-market 20%.
Download Document
Veritas
Learn how Coverity found bugs in large, complex storage software VERITAS thought was virtually bug free.
Download Document
ARRIS
Arris deploys Coverity to ensure market commitment to highest availability systems.
Download Document
Teradata
Coverity scales to meet Teradata challenge.
Download Document
Prerecorded Webcasts
Coverity founders, academics and customers regularly share their source code quality and security best practices via live webcasts. Now we're making them available to you 24/7:
Static vs. Dynamic Analysis Tools - Finding the Right Bug Spray
(February 2007)
Coverity CTO, Ben Chelf reviews the world of dynamic and static development tools. This 45-minute session covers the evolution of source code analysis from Lint to the latest technologies of 2007.
Download .wmv file��(registration or login required)
How Stanford Retooled Static Analysis
(December 2006)
Dr. Dawson Engler, Stanford Computer Science Professor and Coverity co-founder, discusses his approach to: automatically finding bugs using programmer-written compiler extensions.
Download .wmv file��(registration or login required)
Increase Software Quality Now - Arris Webinar
(October 2006)
Hear the details of Arris' source code development process improvements, tool choices and "cultural" changes that led to quality gains.
Download .wmv file��(registration or login required)
Open Source Reports
Coverity exercises its static source code analysis technology on open source code bases almost daily. Occasionally, we summarize and publish our results.
Open Source Quality Report
(Posted March 2006)
Want to know how the LAMP stack compares in quality to a baseline of over 30 different open source packages? Under a contract with the Department of Homeland Security, we apply the latest innovation in automated defect detection to analyze and compare a large set of open source packages.
Download Document��(registration or login required)
Linux Security Report
(Posted September 2005)
Coverity’s technology can detect source code defects that could lead to security vulnerabilities. At LinuxWorld 2005 in San Francisco, CEO Seth Hallem presented the results of Coverity’s security analysis of the Linux kernel. This report describes in detail why the Linux kernel is a stable, secure piece of software.
Download Document��(registration or login required)
Linux Report
(Posted December 2004)
“So it’s now ‘officially’ all bug-free,” wrote Linus Torvalds after applying Coverity fixes to a recent release of Linux. Coverity contributes heavily to Linux quality and security. Over the past four years, Coverity has provided Linux with thousands of defects—including several security alerts. This report describes the overall quality of Linux with detailed information about the type and location of critical defects.
Download Document��(registration or login required)
MySQL Report
(Posted February 2005)
“Coverity’s detailed analysis allows us to provide more reliable and secure certified software—a real benefit for large IT organizations, high–volume Web sites, and all of our 6 million active installations worldwide,“ said Zack Urlocker, VP Marketing, MySQL. This report describes the overall quality of MySQL—including a major security vulnerability that Coverity found during development.
Download Document��(registration or login required)
BerkeleyDB Report
(Posted February 2005)
Sleepycat Software, the makers of Berkeley DB, is the first company to be Coverity Inspected™, which means they’ve taken the time to eliminate all of the defects Coverity found.
Download Document��(registration or login required)
|