Security is one of many system attributes that must be considered in the selection and application of a coding standard. Other The goal of this coding standard is to produce safe, reliable, and secure systems. Additional requirements might exist for safety-critical systems, such as the absence of dynamic memory allocation. Other software quality attributes of interest include safety, portability, reliabilityusability, availability, maintainability, readability, and performance.
Many of these attributes are interrelated in interesting ways. For example, readability is an attribute of maintainability; both are important for limiting the introduction of defects during maintenance that could can result in in security flaws or reliability issues. In addition, readability facilitates aids code inspection by safety officers. Reliability and availability require proper resources resource management, which also contributes to the safety and security of the system. System System attributes such as performance and security are often in conflict, requiring tradeoffs trade-offs to be considered.
The purpose of the secure coding standard is to promote software security. However, because of the relationship between security and other system attributes, the coding standards may provide recommendations that deal primarily with some other system attribute that also has a significant impact on security. The dual natures of these recommendations are noted in the standard where appropriate.
00. Introduction Priority and Levels