NSF-FUNDED SECURITY CENTER PARTNERS WITH COVERITY ON RESEARCH TO IMPROVE NATION’S COMPUTER INFRASTRUCTURE

TRUST Center and Coverity work to solve pressing problem of computer security attacks in telecommunications, electric power, and transportation infrastructure

SAN FRANCISCO, June 28, 2006 – Coverity, Inc., makers of the world’s most advanced source code analysis solution, today announced that its flagship analysis product, Coverity Prevent, was selected by the National Science Foundation (NSF) funded Team for Research in Ubiquitous Secure Technology (TRUST) for use in research on improving computer security. As part of the industrial partnership, Coverity will work with the TRUST Center on research to improve source code analysis technology to bolster security of US computer infrastructure. TRUST Center membership is comprised of leading academic and industry organizations, including Carnegie Mellon University, Cisco, Cornell University, HP, IBM, Intel, Microsoft, Stanford University, and lead institution UC Berkeley.

This move is an important part of an initiative by the TRUST Center to integrate static source code analysis into its security research. The initial formation of the TRUST Center was first announced in April of 2005, a month after a report by President Bush’s Information Technology Advisory Committee indicated that the “information infrastructure of the United States is highly vulnerable to disruptive domestic and international attacks,” and recommended increased support for fundamental research in cybersecurity. The TRUST Center is expected to receive $19 million in funding for security research over five years. One of the goals of the research by Coverity and the TRUST Center is to commercialize the technology so that it can benefit real world applications.

“Coverity’s expertise with static source code analysis will be a valuable addition to our team and we look forward to their contributions to our work in developing new science and technology for trustworthy information systems for our nation’s critical infrastructure,” said John Mitchell, Stanford computer scientist and co-principal investigator of the TRUST Center. “Improving the quality of software used in network infrastructure is a fundamental way to improve cybersecurity. Coverity’s technology provides software developers and researchers a way to quickly identify many types of defects and security vulnerabilities in the source code of software.”

“We’re excited to join the TRUST Center team of leading industry and academic groups that are working to solve the pressing security problems faced by our nation’s infrastructure,” said Ben Chelf, CTO of Coverity. “With the growing complexity of software systems, we feel that static source code analysis is the best way to quickly identify security vulnerabilities and we are working with the TRUST Center to advance the technology to meet our nation’s future security needs.”

The TRUST Center was formed in 2005 in response to the growing number of attacks on the United States computer infrastructure. In 1999, computer attacks reported by CERT numbered less than 10,000. By 2003, that number had increased to more than 137,000 attacks. During this time, the sophistication of the attacks had dramatically increased with malicious technologists using widespread distributed attacks on critical infrastructure points. The center chose to respond to three areas of national needs: computer and network security, critical infrastructure protection, and privacy.

Coverity will supply the TRUST Center with advanced technology that can automatically analyze tens of millions of lines of software source and identify security vulnerabilities for developers to fix. Coverity will also assist TRUST Center researchers with the implementation of the analysis system and interpretation of results. Feedback and collaboration with TRUST Center researchers is expected to accelerate the development of technology to automatically find new classes of security vulnerabilities.

Additional information on the TRUST Center is available at http://trust.eecs.berkeley.edu

A complete listing of TRUST Center Partners is available at: http://trust.eecs.berkeley.edu/partners.htm

University Partners include: Carnegie Mellon University, Cornell University, Mills College, San Jose State University, Smith College, Stanford University, UC Berkeley, Vanderbilt University.

The TRUST Center receives support from the National Science Foundation (NSF award number CCF-0424422).

About Coverity
Coverity (www.coverity.com), maker of the most advanced source code analysis solution, is a privately held company headquartered in San Francisco. Coverity’s ground-breaking technology removes the barriers to writing and delivering complex software by automatically finding critical software defects and security vulnerabilities as the software is written. More than 100 leading companies choose Coverity because it scales to tens of millions of lines of code, has the lowest false positive rate and provides 100 percent path coverage. Companies like Juniper Networks, Symantec/VERITAS, McAfee, Synopsys, NASA, Palm, Sun Microsystems and Wind River work with Coverity's tools to eliminate security and quality defects from their mission-critical code and make their products Coverity Clean.

Coverity is a registered trademark, and Coverity Extend and Coverity Prevent are trademarks of Coverity, Inc. All other company and product names are the property of their respective owners.

Media Contacts
Germany
Ariane Füchtner
Page One PR for Coverity
ariane@pageonepr.com
+ 49 (0) 173 66 535 88

USA
Craig Oda
Page One PR for Coverity
coda@pageonepr.com
+1 650 565 9800 x102

Russ Wood
Director, Corporate Marketing
rwood@coverity.com
+1 415 694 5304

This release was published on openPR.