Software systems can be validated as conforming to the CERT Sun Microsystems Oracle Secure Coding Standard for Java. Source code analysis tools, including compilers and static analysis tools, can be certified as able to validate source code as conforming to this standard.
Source Code Compliance
The CERT Sun Microsystems Oracle Secure Coding Standard for Java can be used as a measure of software security by determining the degree to which a software system complies with the guidelines in this standard. While compliance does not guarantee the absence of vulnerabilities (for example, vulnerabilities resulting from design flaws), it does guarantee the absence of coding errors that are commonly found to be the root causes of vulnerabilities.
The easiest way to validate code as compliant with the CERT Sun Microsystems Oracle Secure Coding standard for Java is to use a certified source code analysis tool.
...