Open Source Code Has Fewer Defects Than Proprietary Software

The discovery of the ‘Heartbleed’ bug, which was introduced into the OpenSSL protocol as a programming error, has led some to question the quality of open source code, but research suggests that the quality of today’s open source software is actually higher than that of some proprietary projects.

After analysing 750 million lines of open source code written in C and C++, quality and testing specialist Coverity found that publicly developed software had a lower ‘defect density’ per 1000 lines than the code written by professional developers employed by large corporations. In particular, Linux continues to set standards for the quality of code, while non-relational distributed database HBase can serve as a benchmark for Java projects.

The announcement comes at a time when the way the industry relies on open source has become an issue. Last week, it emerged that a large number of online services used the OpenSSL source code unchecked, after a programmer introduced an error, dubbed ‘Heartbleed’, which would expose data on their their servers.

Better software through collaboration

Coverity Scan Open Source Report has been monitoring the quality of open source software for the past six years, looking at the code of such leading products as FreeBSD, LibreOffice, Apache Hadoop and Cassandra. It has helped developers find and fix at least 94,000 defects – more than half of these were discovered in 2013.

Open Source © marekuliasz Shutterstock 2012According to the latest annual report, which looked at more than 700 open source projects and their proprietary counterparts written in C or C++, defect density in enterprise software stood at 0.72, but just 0.59 in open source programmes.

Meanwhile, Linux developers have reduced the average time to fix a new defect from 122 days in 2008 to just six days in 2013. Coverity scanned more than 8.5 million lines of Linux code and found average defect density of 0.61.

The company also analysed more than eight million lines of code from 100 open source Java projects, and found that HBase – a database built on Apache Hadoop – was fixing a lot more defects than its competitors. Coverity suggests this is due to the fact that many developers are overly reliant on protections built into Java, such as ‘garbage collection’.

“If software is eating the world, then open source software is leading the charge,” said Zack Samocha, senior director of Products for Coverity. “Based on the results of this report – as well as the increasing popularity of the service – open source software projects that leverage development testing continue to increase the quality of their software, such that they have raised the bar for the entire industry.”

The report serves as the antidote to the criticism surrounding OpenSSL, following the discovery of the Heartbleed bug. Some experts have blamed the developers for not finding the vulnerability before it was introduced into version 1.01 of the protocol in March 2012, calling it the biggest failure of the free software movement to date.

Others have said that the fault lies with the wider software industry for taking a free ride on open source, using the tools it provides without running their own quality checks, or contributing resources to the development process.

How well do you know open source software? Take our quiz!

Max Smolaks

Max 'Beast from the East' Smolaks covers open source, public sector, startups and technology of the future at TechWeekEurope. If you find him looking lost on the streets of London, feed him coffee and sugar.

Recent Posts

France Fines Apple Over Ad Tracking Feature

Apple fined 150m euros over App Tracking Transparency feature that it says abuses Apple's market…

13 hours ago

OpenAI To Release Open-Weight AI Model

OpenAI to release customisable open-weight model in coming months as it faces pressure from open-source…

13 hours ago

Samsung AI Fridge Creates Shopping Lists, Adjusts AC

Samsung's Bespoke AI-powered fridge monitors food to create shopping lists, displays TikTok videos, locates misplaced…

14 hours ago

Huawei Consumer Revenues Surge Amidst Smartphone Comeback

Huawei sees 38 percent jump in consumer revenues as its smartphone comeback continues to gather…

14 hours ago

China Approves First ‘Flying Car’ Licences

In world-first, China approves commercial flights for EHang autonomous passenger drone, paving way for imminent…

15 hours ago

Microsoft Shutters Shanghai Lab In Latest China Pullback

Microsoft closes down IoT and AI lab it operated in Shanghai tech district in latest…

15 hours ago