Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

An essential element of secure coding in the Java programming language is a well-documented and enforceable coding standards. Coding standards encourage programmers to follow a uniform set of rules and guidelines determined by the requirements of the project and organization, rather than by the programmer's familiarity or preference. Once established, these standards can be used as a metric to evaluate source code (using manual or automated processes).The CERT Sun Microsystems standard. The CERT Oracle Secure Coding Standard for Java provides rules and recommendations for secure coding in the Java programming language. The goal of these rules and recommendations is to eliminate insecure coding practices and undefined behaviors that can lead to exploitable vulnerabilities. The application of the secure coding standard will lead leads to higher - quality systems that are safe, secure, reliable, dependable, robust and more resistant to attack. , resilient, available, and maintainable and can be used as a metric to evaluate source code for these properties (using manual or automated processes).

This coding standard affects the wide range of products coded software systems developed in Java, such as PCs, game players, mobile phones, home appliances, and automotive electronics.

Scope

Rules Versus Recommendations

Development Process

Usage

System Qualities

Vulnerability Metric

Priority and Levels

Automatically Generated Code

Source Code Validation

the Java programming language.

Rule: Scope

Rule: Audience

Rules and Recommendations

Rule: Contents and Organization

Rule: Identifiers

Rule: Usage

Rule: System Qualities

Rule: Priority and Levels

Rule: Automatically Generated Code

Rule: Conformance Testing

Rule: Tool Selection and Validation

Rec.: Tool Selection and Validation

Acknowledgments


Image Added      Image Added      Image AddedTool Selection and Validation