This coding standard is organized into an introductory chapter and eighteen seventeen chapters containing rules in specific topic areas. Each of these eighteen the rule chapters contains a list of rules in that section, and a risk assessment summary for these rules, and a list of related the rules. There is also a common glossary and bibliography. This preface was meant to be read first, followed by the introductory chapter. The rule chapters may be read in any order or used as reference material as appropriate. The rules are loosely organized in each chapter but, in general, may also be read in any order.
Rules have a consistent structure. Each rule has a unique identifier, which is included in the title. The title of the rules and the introductory paragraphs define the conformance requirements. This is typically followed by one or more pairs sets of noncompliant code examples and corresponding compliant solutions. Each rule also includes a risk assessment and bibliographical references specific to that rule. When applicable, rules also list related vulnerabilities and related guidelines from the following sources:
...
- [The CERT C Secure Coding Standard|seccode:CERT C Secure Coding Standard] \[ [Seacord 2008|AA. Bibliography#Seacord 2008]\]unmigrated-wiki-markup[
- The CERT C+\+ Secure Coding Standard|cplusplus:CERT C++ Secure Coding Standard] \ [[CERT 2011|AA. Bibliography#CERT 2011]\]
Wiki Markup - [MITRE CWE|http://cwe.mitre.org/] \ [[MITRE 2011|AA. Bibliography#MITRE 2011]\]unmigrated-wiki-markup
- Secure Coding Guidelines for the Java Programming Language, version 2.0 \[[SCG 2007|AA. Bibliography#SCG 2007]\]
Wiki Markup - The Elements of Java Style [Rogue 2000]