This secure coding standard consists of rules and recommendations. Coding practices are defined to be rules when all of the following conditions are metRules are meant to provide normative requirements for code; recommendations are meant to provide guidance that, when followed, should improve the safety, reliability, and security of software systems. However, a violation of a recommendation does not necessarily indicate the presence of a defect in the code. Rules and recommendations are collectively referred to as guidelines.
Rules
Rules must meet the following criteria:
- Violation of the coding practice will guideline is likely to result in a defect that may adversely affect the safety, reliability, or security of a system, for example, by introducing a security flaw that may result in an exploitable vulnerability.There is an enumerable set of exceptional conditions (or no such conditions) in which violating the coding practice is necessary to ensure the correct behavior for the program
- The guideline does not rely on source code annotations or assumptions.
- Conformance to the coding practice can be verified.
Rules must be followed to claim compliance with this standard unless an exceptional condition exists. If an exceptional condition is claimed, the exception must correspond to a predefined exceptional condition and the application of this exception must be documented in the source code.
- guideline can be determined through automated analysis (either static or dynamic), formal methods, or manual inspection techniques.
Recommendations
Recommendations are suggestions for improving code quality. Guidelines Recommendations are guidelines or suggestions. Coding practices are defined to be recommendations when all of the following conditions are met:
- Application of the coding practice a guideline is likely to improve system securitythe safety, reliability, or security of software systems.
- One or more of the requirements necessary for a coding practice guideline to be considered a rule cannot be met.
Compliance with recommendations is not necessary to claim compliance with this standard. It is possible, however, to claim compliance with recommendations (especially in cases in which compliance can be verified). The set of recommendations that a particular development effort adopts depends on the security requirements of the final software product. Projects with high-security requirements can stricter requirements may decide to dedicate more resources to ensuring the safety, reliability, and security of a system and consequently are thus likely to adopt a larger broader set of recommendations.Implementation of the secure coding rules defined in this standard are necessary (but not sufficient) to ensure the security of software systems developing in the C programming languages.