Coverity: A Revolution in Source Code Analysis

Coverity provides automated tools that enable software developers to quickly, thoroughly, and accurately analyze their source code early in the development process.
Coverity Prevent ™ and Coverity Extend™ enable software developers to pinpoint defects that could cause catastrophic failures or security breaches. These tools help to build better products, decrease time–to–market, and decrease risks.

A Breakthrough in Technology

The foundational technology for Coverity Prevent and Coverity Extend was developed in the Computer Systems Laboratory at Stanford University in Palo Alto, California, from 1998 through 2002. In November 2003, the Stanford research team released the first system capable of detecting thousands of critical defects in open source projects such as Linux and FreeBSD. Soon afterward, industry and research experts quickly recognized the Stanford system (then known as the "MC Checker") as the most effective source code analysis system ever built.
Shifting focus from research to industry, Stanford team members Andy Chou, Benjamin Chelf, David Park, Dawson Engler, and Seth Hallem went on to apply this technology to develop the Coverity products for commercial use. Coverity continues to evolve these source code analysis systems with the goal of providing customers with increasingly accurate and ever – greater code analysis capabilities.

Features and Benefits

Coverity products focus on finding the most crucial and most elusive defects with a high degree of accuracy. Many of our competitors focus on simply flagging as many potential bugs as possible. But at Coverity, we believe that finding critical defects and security vulnerabilities is more than just a numbers game. It’s not just how many defects you find—it’s the nature of those defects.

Here’s what sets Coverity Prevent apart:

Accuracy
Out of the box, Coverity Prevent has an average false positive rate of less than 20%. While many other source code analysis products suffer from high false positive rates that render them unusable, Coverity’s False Path Pruning, statistical analysis, and other innovations eliminate false positives. Additional configuration and minor tuning can reduce the false positive rate even further.

Depth of analysis
Coverity Prevent features interprocedural data flow analysis and statistical analysis to review interactions across an entire program and all possible paths. Coverity Prevent identifies company-specific APIs and flags inconsistencies in their usage, accurately detecting defects that typically slip through QA and security audits and into the field. While many competing tools provide only superficial analysis, Coverity Prevent thoroughly understands your code.

Breadth of analysis
Coverity Prevent applies the most advanced technologies available to find the most critical defects in your code and improve the quality and security of your product. Coverity Prevent detects critical problems such as system crashes, memory leaks, memory corruption, unpredictable behaviors, concurrency defects, and security vulnerabilities.

Low total cost of ownership
Coverity Prevent seamlessly integrates with your existing environment and can be deployed and configured within hours. Other tools can take weeks and even months to set up and configure, costing you precious time and resources.

Extensible
Coverity Prevent enables you to create custom checks on top of our powerful analysis engine to meet the unique needs of your development organization and code base. You can set custom rules that are specific to your organization to enforce coding standards or detect problems in your code.

Massively scalable
Coverity Prevent can analyze your code within a small multiple of the build time, typically working through millions of lines of code in just a matter of hours. Many other tools require days and even weeks to analyze large code bases.

Coverity Mainpage

last updated:12.02.2008

© 2004–2008 Coverity Inc.
Prevent and Extend are products and trademarks of Coverity, San Francisco (USA)
all other trademarks of this site are the property of their respective owners.