Source code checking is improved

Tools enable software developers to easily create customised source code checkers that work with Coverity Prevent, the company's flagship analysis product.

Coverity is shipping a new version of Coverity Extend, a suite of tools that enables embedded, ISV and enterprise developers to easily create customised source code checkers that work with Coverity Prevent, the company's flagship analysis product.

The new version now has full access to C/C++ types and comes with a new library of examples as well as extensive documentation.

The product is an important upgrade for developers working on software with special features that require unique source code analysis checks.

MCCI Corporation, the world leader in USB drivers and firmware for cellphones, is using Coverity Extend to build customised checks that detect specialised errors in USB drivers and firmware for 2.5G and 3G cellphones.

Realising that focusing on developing the highest quality software products would yield business results by reducing the high costs of product recalls and firmware upgrade distribution, MCCI implemented a rigorous software quality assurance program with Coverity Prevent and Coverity Extend.

With Extend, MCCI was able to build checkers in less than 30 minutes.

The configuration and checker development were one-time processes that then enabled the entire code base to be checked on an ongoing basis.

Each analysis by each checker covered 100% of the paths of the software and returned extremely accurate results with low false positives.

"There's tremendous value for a development group to be able to write a custom checker in less than an hour and have every member of the team then be able to put it to work finding software defects that same day", said Paul Berg, VP Architecture and Engineering at MCCI.

"Coverity is the only system I know of that enables us to use our unique knowledge of our software products to continually improve the quality assurance process".

"Every time one of our developers writes a checker with Extend that finds a unique type of defect, we estimate that every other developer in our team that encounters the same defect type could save a week of work tracking down the bug".

"When used strategically, Extend can be a powerful accelerator to the quality assurance process", said Ben Chelf, CTO at Coverity.

"Custom checkers built with Extend use the vast pool of knowledge in the development group, resulting in checkers that precisely understand the nuances of the code".

"Development managers can leverage their entire development team to improve the quality assurance process, enforce coding policies, and build a unique base of reusable intellectual property that can be used to analyse all paths in their software with project-specific checks".

Coverity Extend offers developers an alternative to manual code review processes, which can only address portions of a large code base.

Through the strategic use of automation and customised checks, development groups can regularly perform a complete review of the entire code and establish processes for enforcing programming conventions.

Software development groups can create and enforce policies and processes for building quality into software or create compliance packages for internal coding policies and industry coding standards.

Customised code audit processes can be automated.

Organisations can also create customised security checks to guard against unauthorised access to sensitive data and other malicious exploits.

Back to top