Coverity is the leader in software integrity. Coverity Scan is powered by Coverity's flagship product, Coverity® Static Analysis, which is the industry's leading automated source code analysis solution. Coverity offers the results of its analysis for free to participating open source developers.
If you are a member of an open source project, and your project is already listed on the Scan Ladder, read the Developer FAQ then follow the Sign In link beside the entry for your project on the ladder.
If you are a member of an open source project, and your project is not already listed, read the Developer FAQ, then please email scan-admin@coverity.com
If you are not a member of an open source project, please see the FAQ for additional information about why access is limited to developers.
The Coverity Scan Initiative was launched on March 6, 2006. In the first year of operation, over 6,000 software defects were fixed by open source developers using the analysis results from the Coverity Scan service. In the first year, 50 open source projects written in C and C++ were included.
On the first-year anniversary, Coverity unveiled the expansion of Scan. More projects were added, and more information was made available for developers and others interested in understanding what the Scan is and how developers use it. A new framework was put into place to help open source developers learn how to use the Coverity Scan results by gradually introducing them to more advanced features of Coverity Static Analysis. Projects that actively use the Coverity Scan results are eligible to move up the ladder and receive access to additional functionality. Finally, within the new framework of the Scan Ladder, additional analysis results that were not enabled during Coverity Scan's first year were made available to the developers.
Now, in 2010, Coverity Scan is undergoing yet another transformation. We are up to 291 projects, 191 of which have active developer support. We have tested over 61 million unique lines of code. We have identified 49,654 defects and the open source community has fixed 15,278 of them. We are in the process of moving projects from the Scan Ladder and Rung system to the Integrity Rating levels. We are providing project-level visibility via the Coverity Software Integrity Report for the first time, beginning with the Android kernel 2.6.32 ("Froyo"). We are excited for the next evolution of Coverity Scan and welcome you to become a part of it. For more information on Coverity Scan or to sign up your project, contact coverityscan@coverity.com.
Static analysis is a set of processes for finding source code flaws without executing the program, providing test datasets or test cases.
The analysis is discussed in the Frequently Asked Questions.
Brought to you by 
