Tip:
Highlight text to annotate it
X
My name is Erik Larsson and I am the VP of Marketing at Qosmos. At Qosmos we specialize
in very advanced software which decodes IP traffic. This means that we give a meaning
to every 0 and 1 on the internet. My name is Jérôme Tollet; I'm the CTO and
co-founder of Qosmos. We provide a technology that is embedded in third party products in
mission critical systems. This application needs to analyze each and every IP packet
and extract metadata or content information. Software integrity is a key part to insure
the reputation of Qosmos. At Qosmos we pride ourselves in the fact that we provide an industrial
strength software development kit. Qosmos software is very complex. We have over 1 million
lines of code. So, there will be bugs and one of the important things for us to catch
those bugs as early on in the process so that we can be very effective. It may also have
an effect on customer satisfaction. Therefore, we want to avoid or minimize as much as possible
any kind of bug fix on the field. We want to catch it as early as possible in the process
and this is really where Coverity helps us. Hardware technology is embedded in bidding
systems, telco systems, mission critical systems. So if there is a bug, there is a significant
impact, a big impact and our customers can lose a significant amount of money because
of that. We need to find bugs as soon as possible in the development cycle. If we find them
in the lab, then it insures that we are not finding them in the field and to get the same
results, we would need to have 10's of people online to fix bugs and trying to identify
them in the field. So finding problems at the source is much, much more efficient than
finding them afterwards. At Qosmos we have strong QA processes. So,
we run many different kinds of tests for our products, lot testing, performance testing,
unit testing, localization testing and so on and so forth. But there is something new
with Coverity, its Static Code Analysis and this is something I didn't believe a lot at
the very beginning but after trying it I was really surprised by the quality of the analysis.
We use Coverity to test all our code from all of our products right now. And using this
tool, we found a limited number of bugs, but these are very important bugs and very difficult
to qualify and to localize from using general and generic QA process. Coverity was fairly
easy to integrate in our development process. The way we work is the following: Our developer
commits to the repository of code and then every night we have nightly builds that are
used to do compile tests, as well as performance tests and a bunch of different tests. We have
adjusted Coverity for each and every night and on the nightly build we test our code
with Coverity and in the morning when the workers arrive they can see whether they have
some bugs in the comment they made before. When we speak to customers, we often mention
Coverity because it is a proof point of our commitment to quality