CERT C Coding Standard: 98 Rules for Developing Safe, Reliable, and Secure Systems.


Posted on by Ben Rothke

For those interested in secure coding, Robert Seacord of CERT is one of the main sources on the topic.  Some of the notable books he has authored are:

Seacord’s latest is the CERT C Coding Standard: 98 Rules for Developing Safe, Reliable, and Secure Systems.

cbook

The book covers the entire core areas that every C programmer needs to know, including areas such as:

  • characters and strings
  • expressions
  • integers
  • floating point
  • arrays
  • memory management
  • input/output
  • declarations and initialization
  • error handling
  • concurrency

 The rules in the book can be used in parallel to ensure code is C11 (ISO/IEC 9899:2011) compliant.

Each of the rules in the book has the same format: title, description, noncompliant code examples and compliant solutions. 

Programmers that implement these coding standards will find short-term gains in that the coding mistakes that leads to critical application errors such as buffer overflows are now mitigated. 

This book is meant as a desktop reference for those coding in C.  If you have programmers coding in C, you want to ensure that this book is on their desktop,

The goal of the book and its rules is meant to develop safe, reliable, and secure systems.  Anyone who wants to do that should read definitely be reading CERT C Coding Standard: 98 Rules for Developing Safe, Reliable, and Secure Systems.

0321984048
978-0321984043


Contributors
Ben Rothke

Senior Information Security Manager, Tapad

cloud security critical infrastructure virtualization, containerization & segmentation

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs