Open Source

Security certification for open-source projects

Under a contract from the Department of Homeland Security, open-source projects are being certified for security.

Under a contract from the Department of Homeland Security, open-source projects are being certified for security.

An excerpt from TechWorld:

The programme, called the Open Source Hardening Project, is sponsored by the DHS and carried out by Coverity and Stanford University. Launched in March 2006, the $300,000 project was initially launched to review the code of 180 open-source software projects frequently used by developers of government Web sites and application developers.

Coverity, a maker of autonomous source code analysis tools, and Standford University have been collaborating on the project that has helped unearth thousands of flaws in more than 200 open-source projects.

Coverity assigns the projects a certification level based on the extent to which the code is secured. Recently, 11 open-source projects were moved to Rung 2 of the the security certification.

Considering the traction that open source has gained in the developer community, such certification is indeed great news.

More information:

Federal aid helps uncover open source flaws (Search Security)

Homeland Security helps secure open-source code (News.com)

Editor's Picks

Free Newsletters, In your Inbox