Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The easiest way to validate code as compliant with the CERT Perl Secure Coding standard Standard is to use a certified source code analysis tool.

...

Rules and recommendations in this standard are classified into three levels. (See Risk Assessment.) Emphasis should be placed on conformance Level 1 (L1) rules. Software systems that have been validated as complying with all Level 1 rules are considered to be L1 Conformingconforming. Software systems can be assessed as L1, L2, or fully conforming depending on the set of rules to which the system has been validated.

Rules versus Recommendations

Conformance To claim compliance with this standard, conformance to secure coding rules must be demonstrated to claim compliance with this standard unless an exceptional condition exists. If an exceptional condition is claimed, the exception must correspond to a predefined exceptional condition and the application of this exception must be documented in the source code.

...

To claim compliance with this standard, software developers must be able to produce on request documentation as to which systematic and specific deviations have been permitted during development.Image Removed      00. Introduction       Image Removed