Under a contract from the Department of Homeland Security, open-source projects are being certified for security.
The programme, called the Open Source Hardening Project, is sponsored by the DHS and carried out by Coverity and Stanford University. Launched in March 2006, the $300,000 project was initially launched to review the code of 180 open-source software projects frequently used by developers of government Web sites and application developers.
Coverity, a maker of autonomous source code analysis tools, and Standford University have been collaborating on the project that has helped unearth thousands of flaws in more than 200 open-source projects.
Coverity assigns the projects a certification level based on the extent to which the code is secured. Recently, 11 open-source projects were moved to Rung 2 of the the security certification.
Considering the traction that open source has gained in the developer community, such certification is indeed great news.
Federal aid helps uncover open source flaws (Search Security)