LOGIN | REGISTER NOW | SUBSCRIBE
 
 
News on Monday
more>>
SharePoint Tech Report
more>>


   

 
 
Download Current Issue
ISSUE 7/1/2009 PDF

Need Back Issues?
DOWNLOAD HERE

Receive the print Edition?


 
A knockout blow for Borland?
MicroFocus has upped its offer for Borland Software to $1.50, hoping to chase off a mystery suitor also pursuing the ALM vendor.
07/06/2009 12:26 PM EST

Is the mystery Borland suitor Serena?
Borland software is considering an offer from another company after a preliminary deal with MicroFocus. Is Serena the new company?
06/30/2009 01:55 PM EST

Windows 7 - An eBayer's dream product?
Windows 7 pre-orders can make people money on eBay.
06/29/2009 03:48 PM EST

 

Microsoft Worldwide Partner Conf.
7/13/2009 to 7/16/2009
New Orleans
Microsoft

OSCON (Open Source Convention)
7/20/2009 to 7/24/2009
San Jose
O'Reilly Media

XBRL Technology Workshop & Summit
7/28/2009 to 7/30/2009
Santa Clara
XBRL US

ACM SIGGRAPH
8/3/2009 to 8/7/2009
New Orleans
ACM SIGGRAPH

OpenSource World (formerly LinuxWorld)
8/12/2009 to 8/13/2009
San Francisco
IDG World Expo


 
print Printable version 
Most Read Latest News Blog Resources
Kapow automates website data retrieval
Kapow Technology's Web Data Server 7.0 can be used to create modules that navigate through...

Telerik looks to boost 3D for Silverlight
In a new release of its RadControls component suite, the company introduced a 3D charting ...

Oracle's Fusion 11g lays groundwork for ERP platform
Fusion's components are standards-based and integrated, but some abilities are lost if non...

Digg!  Digg
Reddit  Reddit
Slashdot  Slashdot
Share on facebook  Facebook
Share on Twitter  Twitter

Coverity Takes Its SATs


Coverity has developed a new static code analysis engine

By David Worthington
September 19, 2007 — 
In the 1970s there was Lint, a static source code analysis tool that flagged suspicious constructs in C code; false positives were common then, but modern tools can identify a broader range of constructs—with far fewer false positives.

Coverity added a completely new type of source code analysis engine to its Prevent SQS software quality system, in an update released on Sept. 19. Prevent SQS uses a technique called SAT (from Boolean Satisfiability). Unlike many tools, SAT is not based on data flow analysis.

Rather, it complements Coverity’s data flow analysis engine. SAT is concerned with whether a Boolean expression has a solution.

Coverity Prevent SQS maps code, identifies and resolves defects. It automatically builds a “Software DNA” map to understand the code and break down languages such as C. It then translates the map into relevant formulas for defect detection, applies bit-accurate reasoning and runs an assertion-based SAT-solver, chief technology officer Ben Chelf explained.

According to a Coverity white paper, a SAT-solver “takes in a formula of variables under the operations and determines if there is a mapping of each individual variable to true and false, such that the entire formula evaluates to true.” This method is meant to flag defects and reduce false positives.

SAT was first used commercially in the electronic design automation industry for semiconductor chip design, Chelf explained. He added, “The hardware guys are way ahead of software.”

The discovered defects fit into the same workflows as those discovered by customers or QA teams, Chelf said. The classes of defects Prevent SQS detects are buffer overflows, dead code, integer overflows and string overflows.

Additional SAT solvers are slated for the next release of Coverity Prevent SQS.


Share this link: http://www.sdtimes.com/link/31147
 

Add comment


Name*
Email*  
Country     


  • Comment
  • Preview
Loading