Coverity releases new tool for Code Governance
set standard policies for code quality and security, and then manage, monitor and report on these policies as code is tested.
Even in small software development policies and guidelines are necessary for high architecture and code quality. Software engineers might feel confined by coding and design conventions. However, software systems tend to become inexpressive and complex when every code contributor introduces her own policies. This problem is even more difficult in outsourcing or multi-site scenarios. To enforce policies projects often leverage code and design reviews which are rather expensive and ineffective. Governance tools like Integrity Control allow to automate checks and enforcement of policies.
In particular, Coverity Integrity Control promises five key features
- The alignment between business priorities and their derived development policies.
- Higher code quality due to finding policy violations very early.
- Enforcing that suppliers abide to established policies by monitoring the deliveries.
- The possibility to distribute common policies across all participants in the supply chain.
- Support of executives to monitor and identify project risks.
An example of the user interface is illustrated in the following picture:
According to Coverity’s the new solution requires Coverity Static Analysis or Coverity Integrity Center version 5.4. It is available for the programming languages C/C++, C#, and Java. Interested software engineers may find a demo presentation on the product website.
Stephanie Davis (nee Stewart) Dec 21, 2014