Page History

An essential element of secure coding in the Java programming language is a well-documented and enforceable coding standard. Coding standards encourage programmers to follow a uniform set of guidelines determined by the requirements of the project and organization rather than by the programmer's familiarity or preference. Once established, these standards can be used as a metric to evaluate source code (using manual or automated processes).

The CERTÂ® OracleÂ® The Java Coding Guidelinesprovides 75 <or however many we end up with> guidelines that will help Java developers write higher quality code. It is written by the same team who produced The CERT® Oracle® Secure Coding Standard for Java provides guidelines [Long 2011]. That standard provides a set of rules for secure coding in the Java programming language. The goal of these guidelines those rules is to eliminate insecure coding practices and undefined behaviors that can lead to exploitable vulnerabilities. The application of the secure coding standard will lead to higher-quality systems that are rules are meant to be normative. However, there are Java coding practices which, although they do not warrant inclusion in a secure coding standard for Java, are still considered poor style and could lead to unreliable or insecure programs. The Java Coding Guidelines describes some of these poor coding practices and shows how to avoid them. The application of these Java coding guidelines will lead to better systems that are more robust and more resistant to attack. This coding standard affects the These guidelines cover a wide range of products coded in Java, for devices such as PCs, game players, mobile phones, home appliances, and automotive electronics.