Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This secure coding standard consists of rules and recommendations.

Rules

Coding practices are defined to be rules when the following conditions are met:

...

Rules are identified by the label rule.

Recommendations

Recommendations are guidelines or suggestions. Coding practices are defined to be recommendations when all of the following conditions are met:

...

Recommendations are identified by the label recommendation.

Exceptions

Any rule or recommendation may specify a small set of exceptions detailing the circumstances under which the coding practice is not necessary to ensure the security of software. Exceptions are informative only and are not required to be followed.

Coding practices that specify one or more exceptions are identified by the label exceptions.

Identifiers

Each rule and recommendation is given a unique identifier. These identifiers consist of three parts:

  • a A three-letter mnemonic representing the section of the standard
  • a A two-digit numeric value in the range of 00–9900 to 99
  • the The letter C indicates indicating that this is a C language guideline

...

The numeric value is used to give each coding practice a unique identifier. Numeric values in the range of 00–29 00 to 29 are reserved for recommendations, while and values in the range of 30–99 30 to 99 are reserved for rules.

...

      00. Introduction