Page History

The development of a secure coding standard for any programming language is a difficult undertaking that requires significant community involvement. To produce standards of the highest possible quality, CERT is implementing the The following development process has been used to create this standard:

1. Rules and recommendations for a coding standard are solicited from the communities involved in the development and application of each programming language, including the formal or de facto standard standards bodies responsible for the documented standard.
2. Wiki MarkupThese rules and recommendations are edited by senior members of the CERT technical staff for content and style and placed in the Secure Coding area of CERT web site for comment and review \[3\]placed on this wiki for comment and review.
3. The user community may then comment on the publically publicly posted content using threaded discussions and other communication tools.  Once Once a consensus develops that the rule or recommendation is appropriate and correct, the final rule is incorporated into an officially released version of the secure coding standard.

Various groups, including the Early drafts of the CERT C Secure Coding Standard have been reviewed by the ISO/IEC JTC1/SC22/WG14 international standardization working group for the C programming language have expressed an interest in supporting this modeland by other industry groups as appropriate.