Overall the book covers the following topics:

• Key concepts of software intellectual property
• Comparing and correlating source code for signs of theft or infringement
• Uncovering signs of copying in object code when source code is inaccessible
• Tracking malware and third-party code in applications
• Using software clean rooms to avoid IP infringement
• Understanding IP issues associated with patents, open source, and DMCA

You can purchase your copy from Amazon.com here.

Now there is a caveat (we do need to make a profit after all). You can examine the graph and take a screen shot of it, but you can’t save the results to a spreadsheet without a paid license. The good news is that a license is only $500 for a 1-year unlimited license. You can download CodeMeasure here and purchase a license here. This way you get to try out CodeMeasure and see how the results can help you measure your software development effort.

One unique feature of online applications is that often the full source code is downloaded to the user’s machine. This makes it easier for your competitors to copy your code. It also makes it easier for us to detect that copying. Learn more about SAFE Online IP Screening here or email us for details about how we can protect you from unauthorized copying and dissemination of your code.

Which is Right For You?

Which product is right for you, CodeSuite or CodeSuite-LT? Click here for a table that compares the features of both programs so you can choose the right solution.

1. A computer-implemented method comprising:
   • creating, by a computer system, a first array of lines of functional program code from a first program source code file, the first program source code file including the lines of functional program code of a first program and lines of nonfunctional comments of the first program;
   • creating, by the computer system, a second array of lines of nonfunctional comments from a second program source code file, the second program source code file including lines of functional program code of a second program and the lines of nonfunctional comments of the second program;
   • comparing, by the computer system, the lines of functional program code from the first array with the lines of nonfunctional comments from the second array to find similar lines;
   • calculating, by the computer system, a similarity number based on the similar lines; and presenting to a user an indication of copying of the first program source code file wherein said indication of copying is defined by the similarity number.

Here is the only dependent claim of the prior art patent US 7,568,109:

1. A system for comparing at least a first corpus to a second corpus, comprising:
   • an analyzer identifying concepts in the corpuses, said analyzer determining a frequency rating of each of said concepts in each corpus;
   • for each corpus, replacing each instance of each of said concepts with its respective determined frequency rating to create a frequency file;
   • and a comparator comparing the frequency file for the first corpus to the frequency file for the second corpus, wherein said comparing the frequency file for the first corpus to the frequency file for the second corpus further comprises comparing portions of one corpus against the other corpus.

The second prior art submission was simply a reference to the UNIX diff command. While the diff command is relevant, it is a simple line-by line comparison of text files without any understanding or parsing of programming source code. It doesn’t separate functional lines of code (statements) from nonfunctional lines (comments).

Judging by their remarks, the posters to the Peer-to-Patent site didn’t understand patents, and didn’t read the patent claims. They should be allowed to post references, but the ultimate decision must be in the hands of those trained in examining patents. However, the patent examiner told me that her supervisor didn’t want to issue a patent that had been publicly noted to be invalid, and so after months of arguments I had to arbitrarily narrow the claims to get allowance, resulting in patent US 7,823,127. So now, anyone from anywhere with any ulterior motive (particularly those who believe no software should be patentable) can bring about the quick rejection of an otherwise useful and valid patent.

 SAFE Corporation has developed an online plagiarism detection service for software. The CodeScreener™ service is built on SAFE Corporation’s court-tested CodeSuite® forensic software and patented source code correlation technology. CodeScreener is designed to streamline the plagiarism detection process, giving you a thorough analysis of each file and a consistent set of correlation metrics. It’s online, it’s interactive, and it’s much less expensive than standalone CodeSuite. Contact our  Sales Department to get a free evaluation license.

You’re probably wondering what is the difference between CodeMeasure and CodeCLOC. CodeMeasure is a simple, inexpensive program for generating the CLOC measurement statistics for multiple versions of a program. CodeCLOC, intended for litigation, compares only two versions of code but produces a detailed database of results that can be further filtered and analyzed using CodeSuite or your own custom tools. The results from CodeCLOC can be presented in court and the CodeCLOC database can be presented to the opposing party for verification.

CodeSuite 4.0 also has a few other nice features including a revamped user interface. There’s also a new function to generate statistics from any CodeSuite database and the command line interface has been enhanced for integrating with other programs. CodeSuite 4.0 is available for download here and can be purchased on a term license or project basis. CodeCLOC is priced at $20 per megabyte. A one year term license for CodeSuite is $100,000.

This always sounded intriguing, but I wondered whether anyone had ever tested this theory. We could find no articles or papers on the subject, except for one inconclusive paper, and I dreaded to think that some programmer was convicted based on an untested theory. I decided to have my consulting company, Zeidman Consulting, do some carefully controlled research. If the results turned out well, SAFE Corporation would add whitespace pattern algorithms to CodeSuite to further enhance its ability to detect copying.

Our results were published in a paper entitled Measuring Whitespace Patterns as an Indication of Plagiarism that was recently presented at the ADFSL Conference on Digital Forensics, Security and Law. Our results are summarized in the final paragraph:

This whitespace pattern matching method can be used to focus a search for evidence of similarity or copying, but this method cannot stand by itself.

What we discovered is that even very different files have often have similar whitespace patterns. At Zeidman Consulting we’ve used whitespace patterns to confirm copying that was already detected through the use of CodeMatch to find correlated programming elements. In those cases, the whitespace patterns offered further confidence in our findings and in some cases showed which program had been developed first. For a copy of the paper, email us at info@SAFE-corp.biz.

Our next research project is to look at sequences of whitespace within files. Maybe there we’ll find some clues to copying. But for now our results show that whitespace patterns without any other evidence should not be used to determine that copying occurred.

We have a whole new website about the product, designed for software developers, at CodeMeasure.com. Check it out and let me know what you think of the product and the website.