Rules The rules in this standard may be extended with organization-specific rules. However, the rules contained in a the standard must be obeyed to claim compliance conformance with the standard.
Once established, tools can be developed or modified to determine compliance with the standard. Compliant software systems may then be certified as compliant by a properly authorized certification body.
Training may also be developed to educate software professionals regarding the appropriate application of secure coding standards. After passing an examination, these trained programmers may also be certified as secure coding professionalscoding professionals. For example, the Software Developer Certification (SDC) is a credentialing program developed at Carnegie Mellon University. The SDC uses authentic examination to
- Identify job candidates with specific programming skills
- Demonstrate the presence of a well-trained software workforce
- Provide guidance to educational and training institutions
Once a coding standard has been established, tools and processes can be developed or modified to determine conformance with the standard.