David Maxwell
Topic: 
Scan Open Source Report 2008
Company: 
Coverity / NetBSD
Title: 
Open Source Strategist

David Maxwell is Coverity's Open Source Strategist, and is tasked with the continuation and expansion of Coverity's DHS-initiated open source scan efforts. An open source security specialist, Maxwell has over 20 years of experience as an open source user and developer, and he is particularly active in the NetBSD community. He currently sits on the advisory board for the BSD Certification Group and the program committee for the annual BSDCan conference. He was also a NetBSD Security Officer from 2001-2005 and a contributor to the best-selling O'Reilly title "BSD Hacks." Maxwell has previously worked as a lead kernel developer for Nokia and held network security positions at firms such as Coventus and Synectic Software.

Abstract: 

In May, 2008, Coverity published the Scan Open Source Report 2008.

The paper details how the Scan database was used to discover some interesting statistics about software development, using the Scan database which covers over 250 open source projects, 55 million lines of code, and over 14,000 compilations of those projects, with nearly 10 billion lines of code analyzed.

Looking into relationships between long functions and frequency of code defects, or codebase size and number of defects are just a couple of examples from the 25 page research paper, all made possible by the availability of open source code for study.