An essential element of secure coding in the Java programming language is a well-documented and enforceable coding standard. Coding standards encourage programmers to follow a uniform set of guidelines determined by the requirements of the project and organization, rather than by the programmer's familiarity or preference. Once established, these standards can be used as a metric to evaluate source code (using manual or automated processes). The CERT Oracle Secure Coding Standard for Java provides guidelines rules for secure coding in the Java programming language. The goal of these guidelines rules is to eliminate insecure coding practices and undefined behaviors that can lead to exploitable vulnerabilities. The application of the secure coding standard will lead leads to higher - quality systems that are safe, secure, reliable, dependable, robust and more resistant to attack. , resilient, available, and maintainable and can be used as a metric to evaluate source code for these properties (using manual or automated processes).
This coding standard affects the wide range of products coded software systems developed in Java, for devices such as PCs, game players, mobile phones, home appliances, and automotive electronics.
the Java programming language.
Rule: Contents and Organization
Rule: 00.6 System Qualities
00.7 Rule: Priority and Levels
00.8 Rule: Automatically Generated Code
Rule: Tool Selection and Validation
Rec.: 00.A Tool Selection and Validation
—
The CERT Oracle Secure Coding Standard for Java The CERT Oracle Secure Coding Standard for Java 01. Runtime Environment (ENV)