The popular Lamp stack of open-source software applications has a lower bug count than other open-source software...
Research conducted on behalf of the US Department of Homeland Security by code research specialist Coverity has helped establish a new baseline metric for software quality and security.
To help establish this baseline metric, Coverity analysed more than 17.5m lines of source code using the latest research from Stanford University's Computer Science department.
The Lamp stack, consisting of the Linux, Apache, MySQL, and Perl/PHP/Python applications, showed significantly better software quality above the baseline, with an average of 0.290 defects per thousand lines of code.
This compared to an average of 0.434 defects for the 32 open-source software projects analysed.
The Coverity analysis is the first public result arising from a contract with the Department of Homeland Security to improve the security and quality of software on the market.
The three-year contract, called the "Vulnerability Discovery and Remediation Open Source Hardening Project", includes research on the latest source code analysis techniques developed by Coverity and Stanford computer scientists.
"One of the goals of our research on software quality and security is to define a baseline so that people can measure software reliability in both open-source and proprietary software projects," said Ben Chelf, Coverity chief technology officer.
An updated table of summary results and access to the database of defects is available at http://scan.coverity.com.