The Israeli center for Software development Tools
המרכז הישראלי לכלי פיתוח המיועדים לתכנתים, אנשי בדיקות ומהנדסי תוכנה

	About Us About us אודותינו Company Overview People Mathematica Trainer and Consultant: Dr.Yehuda Ben-Shimol Hand On TestComplete Training: Mr. Chaim Koshizky Investors Relationships Partners Customers Coverity Customers AudioCodes Products מוצרים PHP ZEND ASN .1 Objective Systems ASN.1 VIEWER/EDITOR ASN1C ASN1 COMPILER ASP Caching Product Overview NCashePoint Scalability with Reliability for Memcached Apps Rapidly Develop .NET Applications (Free Software) NCache - Boost .NET App Performance & Scalability NWebCache - Boost Dynamic ASP.NET Application Performance Technical computing Wolfram Mathematica products Product Overview Mathematica Mathematica Home Edition Mathematica for Students Mathematica for the Classroom gridMathematica Wolfram Lightweight Grid Manager webMathematica 3 Mathematica Player (Free Download) Mathematica Player Pro Wolfram Workbench Mathematica Applications FINANCIAL ENGINEERING AND MATHEMATICS Wolfram Mathematica Solutions Mathematica Solutions Wolfram Research STEM Program NAG - Numerical Algorithms Group Product Overview NAG Visualization Software NAG Numerical Components NAG Software Developer Tools The NAG Toolbox for MATLAB® Static Code Analysis Coverity Coverity Build Analysis Coverity Integrity Center Coverity Dynamic Analysis Coverity Architecture Analysis Coverity Success Stories in Israel Ensuring Code Quality in Multithreaded Applications Coverity Static Analysis, (formerly Coverity Prevent) 64-bit and parallel Code Analysis PVS-Studio Static Code Analyzer for 64-bit and parallel code Riverblade - Development tools and software solutions Visual Lint - Integrated Static Code Analysis PC-Lint - Industry Standard C++ Static Analysis ResOrg - Manage and Renumber Resource Symbol IDs LintProject Professional - Code analysis with HTML reporting Business Intelligence Inetsoft Product Overview Style Scope Style Intelligence Style Report Enterprise - Reporting Software Style Report Professional - Reporting Engine and API Visual Studio Add-Ins Visual Assist X For Visual Studio ReSharper 4.5 -Code Analysis for C# Testing & ASQ Solution JetBrains dotTrace Profiler SmartBear - AutomatedQA Product Overview AQtrace TestExecute TestComplete 7 Software Planner Code Profiler - AQtime Automated Build Studio Automated Docking Library TestRecorder For TestComplete Source Code Inspection SmartBear Development Management Peer Code Review Tool: Code Collaborator Build processes software FinalBuilder Electric Cloud Products Overview ElectricCommander ElectricAccelerator ElectricInsight SparkBuild Solutions Overview Agile Development Distributed Development Virtualization Test Automation Centralization & Control Compliance Build Management Build Acceleration Continuous Integration Cloud Computing Robustness and security testing Codenomicon DEFENSICS™ DEFENSICS™ 3.0 DEFENSICS™ for XML DEFENSICS™ Traffic Capture Fuzzer DEFENSICS Test Suite Packages Codenomicon Security as a Service (CSaaS)! Codenomicon Fuzzing 101 Webinar - Viewing the Video on Youtube iPhone development tools Studio for iPhone Embedded Software Testing AbsInt aiSee — Graph Visualization Astrée Run-Time Error Analyzer aiPop — Automatic Code Compaction StackAnalyzer — Stack Usage Analysis PAG — The Program Analyzer Generator aiT Worst-Case Execution Time Analyzers Vector Software Product Overview VectorCAST/C++ VectorCAST/Ada VectorCAST/RSP VectorCAST/Cover VectorCAST/Manage VectorCAST/Requirements Gateway VectorCAST for DO-178B and the Tool Qualification Process Advanced Data Visualization Nevron Product Overview Nevron .NET Vision Nevron SSRS Vision Nevron Diagram Designer Nevron SharePoint Vision Nevron 3D Chart for ActiveX Dundas Product Overview Dundas Map Dundas Chart Dundas Dashboard Dundas Reporting Services Dundas Gauges - Advanced Gauges For Dynamic Data Miner3D Product Overview Miner3D Basic Miner3D Infinity Miner3D Developer Miner3D Enterprise Miner3D Professional Miner3D Web Player - AJAX 3D enabled Software FX Product Overview JAVA COM Visual Studio WPF/Silverlight Power Gadgets SharePoint Products & Services .NET, COM & Java Development FusionCharts Product Overview FusionMaps v3 PowerCharts v3 FusionCharts v3 FusionWidgets v3 FusionCharts for Flex Digital video capture and processing MontiVision Imaging Technologies Products Overview Machine Vision Products MultiMedia Products Video Surveillance Products .NET Controls,Tools and Components GrapeCity FarPoint SOA Products COM Products .NET Products ASP.NET Products DataDynamics PlexityHide Syncfusion Essential Studio Reporting Edition Essential Studio User Interface Edition Essential Studio Business Intelligence Edition Dev Express Add-in Express Product Overview Add-in Express VCL Outlook Security Manager Add-in Express for Internet Explorer Add-in Express for Office and .NET ComponentOne Dev Tools SharePoint Documentation Tools Dart Communications Product Overview PowerTCP PowerTCP for .NET PowerTCP for ActiveX PowerWEB for ASP.NET PowerSNMP for ActiveX and .NET Center Space Software Infragistics-Powering the Presentation Layer Product Overview NetAdvantage WPF NetAdvantage ICONS NetAdvantage Silverlight NetAdvantage Select ASP.NET NetAdvantage Select Windows Forms TestAdvantageTM for Windows Forms NetAdvantage .NET for Win Client Web Client NetAdvantage for Silverlight Data Visualization Intel® Software Development Products Intel® Parallel Studio (Intel® software development) Intel® HPC Software toools (Intel® software development) Microsoft® .NET Micro Framework, (Embedded .NET ) Device Solutions Product Overview Meridian CPU Tahoe-II Development Board Meridian/P Micro Development Board Tahoe .NET Micro Framework Development Platform Networking and security software for wired and wireless applications TeamF1 Technical Specifications Technology - Overview Solutions - Overview Products Articles מאמרים Software Static Code Analysis Building Secure Software using Fuzzing and Static Code Analysis מהו ניתוח קוד סטטי? Coverity Prevent on Symbian OS Static analysis improves efficiency, reduces downstream integration costs Coverity Open Source SCAN Report 2009 Coverity Open Source SCAN Report 2008 Every Day Static Code Analysis(JetBrains) Coverity White Paper-SAT-Next Generation Static Analysis Technical computing הלב של וולפראם אלפא: לא רק למתמטיקאים Advanced Data Visualization Hedge Fund Trading Dashboard SAP & SQL Server 2005 Reporting Services (with Dundas Map) Integration Envisioning Risk -A Systematic Framework for Risk Visualization in Risk Management and Communication Success Stories CenterSpace - UserZoom Palm, Inc. uses Coverity to inspect all active C and C++products Landing Pages Electric Cloud PERFORCE ZEND Qualys FinalBuilder JetBrains Gimpel PC-lint PlexityHide FarPoint Spread Atlassian MicroFocus Software FX AutomatedQA Component One Syncfusion Telerik Infragistics Mathematica DevExpress FusionCharts Dundas Nevron News &Events Events ניתוח ובדיקות קוד מקור (סטאטי ודינאמי) הלכה למעשה Electric Cloud Optimizes Software Production for Android Device Manufacturers New Release of NMath from CenterSpace ComponentOne - Studio Enterprise 2010 V2 has lauched TestComplete 8 - Now Available Coverity and Armorize To Unify Quality and Security into a Single Developer-Ready Solution Zero Day Vulnerability Management TeamF1 Security Software Drives NETGEAR’s Latest Gigabit Unified IPsec / SSL VPN Firewall Gateway Coming soon from ComponentOne - Studio Enterprise 2010 V2! Codenomicon Newsletter June 2010 NCache 3.8 Released! - lots of new features Release of ReSharper v 5.0 NCachePoint Released! What is New in Jira 4? JIRA Studio has "Gone Google" ReSharper 5.0 Beta is Released Dundas Dashboard Now Available Wolfram Research STEM Initiatives Now Shipping! NetAdvantage for .NET 2010 Volume 1! Infragistics - Get Inspired with Quince and Quince Pro! Coverity 5 Tackles Business Impact from Software Changes OpenTV and Coverity Announce Software Integrity Collaboration ComponentOne Releases 2010 .NET & ASP.NET AJAX Controls TestComplete News: New Release, Best Practices & Free Book Wolfram Research Releases the Next-Generation Integrated Development Environment professional Services Hand On TestComplete Training Wolfram Mathematica Consultancy מסחר אלגוריתמי אוטומטי בבורסת תל אביב Mathematica to C++ consultancy services Static Code Analysis Services שירותי ניתוח קוד סטאטי Technology ASN.1 FIX Protocol XML Data binding Careers משרות Sales - מכירות Sales, Software engineering Tools Software Devlopment -פיתוח תוכנה VB.NET WinForms Developer .NET Developer - WinForms/ASP VB/C# Contact Us צור קשר General Inquiries - פניות כלליות Sales Department - מחלקת מכירות Support Department - מחלקת תמיכה Devlopment Department - מחלקת פיתוח Accounting - הנהלת חשבונות

AudioCodes

case study:

AudioCodes Ensures VoIP Software

Quality and Security with Coverity

“We trust Coverity’s static analysis capabilities to such an extent that we treat Coverity bugs like field bugs. Unresolved Coverity defects can mean delaying a product release and affecting our ability to ensure customer satisfaction.”

—Yair Elharrar, AudioCodes Systems Engineering

Coverity customer since: 2005

Industry: Telecom Networking

Business Problem:

The proliferation of VoIP technology has generated significant opportu- nity for AudioCodes and companies that rely on AudioCodes to produce components and software for their telecommunications products. With market share for VoIP products influenced by each successive product release, AudioCodes needs reliable and secure software to support its rapid growth. Based on consumer and partner demand, AudioCodes needed to accelerate the delivery of its industry-leading telecommunications software without sacrificing the quality and security the company is known for.

Results:

AudioCodes utilizes Coverity to automatically find possible perfor- mance and security defects in the company’s software code prior to deployment in the field. Coverity saves AudioCodes’ software developers significant time by automatically searching source code each week for hard-to-find bugs. This enables AudioCodes

to eliminate critical defects prior

to releasing software for shipment, and accelerates the overall software delivery process.

The AudioCodes Challenge

AudioCodes provides innovative, reliable, and cost-effective Voice over Packet technology and Voice Network products, including media gateway and media server platforms for packet networks in the wireline, wireless, broadband access, and media server markets.

AudioCodes partners with OEMs, Network Equipment Providers, System Integrators, and Enterprises to build cutting-edge solutions based the company’s VoIP technology. As AudioCodes’ products are integral parts of systems sold

by leading telecommunications and networking manufacturers, the performance and security of AudioCodes software is a business-critical concern for the company. With a considerably large code base, the company required a solution that could help the development team ensure code quality and security ahead

of deployment.

The Solution

Software quality has always been a primary goal for AudioCodes’ team of over 200 developers. However, despite the presence of a QA process and simulation tests, the amount of developer time required to identify must-fix bugs slowed down the software development cycle. To preserve valuable developer time, the company selected Prevent SQS from Coverity to deliver automated static code analysis and accelerate the software development process. By scanning for dangerous code bugs with Coverity earlier on in the application life cycle, AudioCodes’ engineers are helping the company avoid costly potential software failures in the field.

Since 2005, AudioCodes has trusted static code analysis from Coverity to help ensure software quality and security. Coverity engineers continually develop innovative checkers to provide companies like AudioCodes with deep insight into the quality of their code. AudioCodes has also worked directly with Coverity to develop additional checkers designed to help the company identify its most

hard-to-find bugs.

“Two years ago, AudioCodes selected Coverity’s advanced source code analysis solution. We are pleased that the continuous improvement of Prevent’s checkers has confirmed our decision to choose Coverity,” stated Yair Elharrar, AudioCodes Systems Engineering.

The Details

Coverity Prevent provides comprehensive static code analysis for AudioCodes’ most important software applications. As Coverity has one of the lowest false positive rates in the industry, data regarding bugs from Prevent is extremely valuable to AudioCodes, who notes Coverity false positive rates under 9%.

For AudioCodes, an additional important benefit of Coverity Prevent is its ability to quickly and easily integrate with the company’s development environment. Elharrar says of his experience, “Coverity Prevent required no modifications for the code to work. It works quickly and does not require any additional software for a workstation. It also takes you directly to the line of code and shows the direct context of where the bug is — allowing our engineers to actively find and fix bugs.”

The Net Result

“Scanning our full code base for quality and security issues every week would be very hard without Coverity.”

—Yair Elharrar, AudioCodes Systems Engineering

Conclusion

AudioCodes currently analyzes its entire code base once a week by using Coverity Prevent and reports false positive rates under 9%. By automating this time-consuming task, Coverity helps AudioCodes accelerate the development of critical VoIP applications for inclusion in products sold by leading telecommunica- tions and networking manufacturers around the globe. By ensuring the quality and security of code with Coverity, developers at AudioCodes can focus more time on creating new, innovative VoIP solutions to support the growth of their company.

About Coverity

Coverity (www.coverity.com), the leader in improving software quality and security, is headquartered in

San Francisco, California. Coverity’s groundbreaking technology

removes barriers to delivering complex software by automating the identification and resolution of critical defects and security

vulnerabilities in C/C++ and Java source code. More than 350 leading companies have chosen Coverity Prevent SQS because it scales to tens of millions of lines of code, has the lowest false positive rate in the industry, and provides total path coverage. Companies like Ericsson, ESRI, Samsung, EMC, and Mentor Graphics work with Coverity to eliminate security and quality defects from their mission-critical systems.

Coverity is a registered trademark; Coverity Extend, Coverity Prevent, and Coverity Prevent SQS are trademarks of Coverity, Inc. All other company and product

names are the property of their respective owners.

About AudioCodes

AudioCodes Ltd. provides innovative, reliable and cost-effective Voice over IP (VoIP) technology, Voice Network Products, and Value Added Applica- tions to Service Providers, Enterprises, OEMs, Network Equipment Providers and System Integrators worldwide. The company is a market leader in VoIP equipment, focused on VoIP Media Gateway, Media Server, Session Border Controllers (SBC), Security Gateways and Value Added Application network products. The Company is a VoIP technology leader focused on quality and interoperability, with a proven track record in product and network interoper- ability with industry leaders in the Service Provider and Enterprise spaces. AudioCodes’ headquarters are located in Israel with R&D in the U.S. Other AudioCodes offices are located in Europe, India, the Far East, and Latin America. For more information on AudioCodes, visit http://www.audiocodes.com/.

Coverity in Action: http://www.coverity.com/
http://scan.coverity.com

What Makes It Great?

Unlike other Java analysis tools that focus on programming style and syntax-based checks, Prevent SQS for Java performs deep, interprocedural analysis to uncover the critical, must-fix defects that matter most to developers. Prevent SQS for Java

leverages several different analysis engines to uncover hard-to-find defects, including:

• Path Flow Engine understands the control flow through each function in your code base, allowing Prevent SQS to analyze all relevant paths through your code.

• Statistical Engine tracks behavioral patterns throughout your entire code base, allowing Prevent SQS to infer correct behavior based on previously observed behavior.

• Interprocedural Summary Engine enables Prevent SQS for Java to perform a whole program analysis of complex call chains at any depth across files and modules. This allows Prevent SQS for Java to analyze your software in a form that is most similar to the eventual executable and allows it to deliver the highest-fidelity results.

• False Path Engine solves each branch condition to determine if it will be true, false, or unknown on the current path. This allows Prevent SQS for Java to efficiently remove obvious false positives from the set of defects reported.

top

Legal notice | credits