Zack Samocha on Coverity Scan, Cloud Computation, and new standards
DeveloperTech (DT) spoke to Zach Samocha (ZS) of the Coverity Scan project about how the tool helps to automatically detect and fix C/C++ or Java defects; helping to improve both security and overall reliability. We also discuss Cloud computation, and supporting new standards.
DT: First of all, can you introduce the Coverity Scan project and how it helps developers?
ZS: What Coverity brings to the game is we really understand the code. We have what we call the “Code Intelligence Platform” which understands the code inside-out. By doing that we’re able to allow some of the testing to move into development.
For example, if I’m a developer, I would do my code then Coverity would scan it for any defects you have affecting quality; or defects you have which are security related. It becomes more important as you move into “agile” - as the iterations are much faster.
DT: There’s been a lot of talk recently around the rise of Cloud-based computation, how big do you think it will become?
ZS: If you just look into the business of Amazon today, it’s already huge. The predictions are that it is going to grow even more; so I don’t think it’s really a question of whether it’s going to happen – I think it’s already happening.
The further questions are; how fast that’s going to go, and which parts of the development is going to move to the Cloud. So, for example, at Coverity we develop everything in-house. Yes we consume Amazon for some of the stuff that we’re doing; but it’s still a small part of what we’re doing.
But I think over time; more and more tools, and more and more solutions will be offloaded to the Cloud. In five or six years it may be possible to develop all of your application in the Cloud. We don’t see it happening too fast – mostly for the large enterprise customers.
We have the Cloud offering for Coverity Scan which gives us the ability to offer up a solution when we need to do that for our commercial customers; but for now that’s my take.
DT: With the myriad of devices available on the market today; how much life is left in the desktop for the everyday consumer?
ZS: I don’t think the desktop is going to go away; it’s still serving a purpose. If you just look into Coverity, no-one’s doing coding on a Tablet today – everybody has a laptop. It might change, but I definitely think whilst the Tablet market is growing for the business and the pleasure industries – for actual development I still don’t think it’s there.
DT: What are your thoughts on Firefox OS and development in web standards?
ZS: It’s a good question. At Coverity Scan we have about 700 open-source projects; when you look at how they evolve, and how they use things – there is maturity in the development community. There are many standards out there in the market... as an organisation you have to ask yourself, “am I just trying to check the box on standards? Or am I really going to choose the one which is relevant for me?”
I don’t see the open-source community just following standards without really thinking about them; they need to be convinced of those standards before they put the effort into supporting them.
You can use Coverity Scan to fix your C/C++ or Java project defects here.
Have you got to use Coverity Scan yet in your projects? What are your thoughts?