The open source Mozilla Foundation is to use Coverity’s source code and static analysis software to help improve...
the quality and security of the code used in the Foundation’s popular Firefox browser.
Firefox recently became one of over 50 major open source packages analysed by Coverity as part of a three-year contract awarded by the US Department of Homeland Security Science and Technology Directorate, under its Vulnerability Discovery and Remediation Open Source Hardening Project.
The Department wants to study how secure open source software can be when used in the governmental sector.
Coverity has been conducting regular scans of popular open source packages such as Firefox, Ruby, Perl and Linux in an effort to better secure the software that powers critical infrastructure.
“Organisations should implement source code security scanning tools as part of the software development lifecycle to find and fix the highest number of security issues early in the project,” said Amrit Williams, an analyst at Gartner.
“This will result in a higher quality product and lower overall application lifecycle costs.”
Coverity's flagship product, Coverity Prevent, scales to analyse millions of lines of code with 100% path coverage, and is capable of detecting complex concurrency errors such as race conditions and deadlocks not easily identified or tested in normal use of the product.
“Firefox’s success and growth is the result of our great community of users and developers that not only help discover and respond quickly to stability and security bugs, but provide new perspectives and ideas to improve the quality of Firefox,” said Chris Hofmann, director of special projects at Mozilla.
“Coverity is one of the many valuable resources our developers are now able to draw on to help fine tune Firefox,” said Hofmann.
Vote for your IT greats
Who have been the most influential people in IT in the past 40 years? The greatest organisations? The best hardware and software technologies? As part of Computer Weekly’s 40th anniversary celebrations, we are asking our readers who and what has really made a difference?
Vote now at: www.computerweekly.com/ITgreats