Scan Open Source Report 2008 and the Architecture Library

David Maxwell (Coverity, Inc.)
Programming, Security
Location: Meeting Room B1/B4

In May, 2008, Coverity published the Scan Open Source Report 2008. http://scan.coverity.com/report/Coverity_White_Paper-Scan_Open_Source_Report_2008.pdf

It is expected that the 2009 report will be published before OSCON. In February 2009, Coverity is publishing the Architecture Library, a Creative Commons licensed set of diagrams and architecture data files for over 2,500 open source software projects.

The 2008 report details how the Scan database was used to discover some interesting statistics about software development, using the Scan database which covers over 250 open source projects, 55 million lines of code, and over 14,000 compilations of those projects, with nearly 10 billion lines of code analyzed.

Looking into relationships between long functions and frequency of code defects, or codebase size and number of defects are just a couple of examples from the 25 page research paper, all made possible by the availability of open source code for study.

The Architecture Library is a mass visualization of software, depicting the relationships between source files in a project in a highly intuitive way, and encouraging developers to think about the big-picture of software design.

This talk is suitable for a general audience. While the content of the paper is somewhat technical, the talk will approach it from a general ‘what does this mean’, ‘why is this important’ point of view.

Photo of David Maxwell

David Maxwell

Coverity, Inc.

David Maxwell is Coverity’s Open Source Strategist, and is tasked with
the continuation and expansion of Coverity’s DHS-initiated open source
scan efforts. An open source security specialist, Maxwell has over 20
years of experience as an open source user and developer, and he is
particularly active in the NetBSD community. He currently sits on the
advisory board for the BSD Certification Group and the program committee
for the annual BSDCan conference. He was also a NetBSD Security Officer
from 2001-2005 and a contributor to the best-selling O’Reilly title “BSD
Hacks.” Maxwell has previously worked as a lead kernel developer for
Nokia and held network security positions at firms such as Coventus and
Synectic Software.

  • Intel
  • Microsoft
  • Google
  • SourceForge.net
  • Sun Microsystems
  • Facebook
  • Gear6
  • Kaltura
  • Liferay
  • MindTouch
  • MySpace.com
  • Novell, Inc.
  • Open Invention Network
  • Rackspace Cloud
  • Schooner Information Technology
  • Silicon Mechanics
  • Symbian Foundation
  • Twilio
  • WSO2
  • Yabarana Corporation

Sponsorship Opportunities

For information on exhibition and sponsorship opportunities at the conference, contact Sharon Cordesse at scordesse@oreilly.com

Download the OSCON Sponsor/Exhibitor Prospectus

Media Partner Opportunities

Download the Media & Promotional Partner Brochure (PDF) for information on trade opportunities with O'Reilly conferences or contact mediapartners@ oreilly.com

Press and Media

For media-related inquiries, contact Maureen Jennings at maureen@oreilly.com

OSCON Newsletter

To stay abreast of conference news and to receive email notification when registration opens, please sign up for the OSCON newsletter (login required)

Contact Us

View a complete list of OSCON contacts