To help developers learn about the integrity of all components in their software, Coverity, a supplier of code analysis tools, introduced a Software Integrity Rating program yesterday. The program measures defects in software and lets companies place a Coverity Integrity Seal on their software when it meets industry standards.
The program first involves a scan of the software, which is then assessed against metrics set by Coverity and commonly referenced industry standards for defect density, which Coverity said are one defect per 1,000 lines of code (LOC), and one defect for every 10,000 LOC for mission-critical software.
“What’s been a concern lately is how can they [customers] get a grasp on the quality and integrity of their software that’s either shipping in their current product or that’s being pulled from a third-party supplier,” said Dave Peterson, Coverity’s chief marketing officer.
What sets this program apart, he said, is information about the potential impact a defect will have on the actual project or on other projects using the same shared code, as well as the business. “The defect information is more actionable and offers an apples-to-apples comparison across the software supply chain,” he said.
Coverity’s customers can try the rating program for free for the next six months. The solution will then be built into their services for a price that has not yet been set, Peterson said.
