<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="60fe412e-8a88-4c18-82da-675ab9e72fce"><ac:parameter ac:name="">Abrahams 10</ac:parameter></ac:structured-macro>[Abrahams 2010] Abrahams, David. Boost Library Error Handling Guidelines, #7
, 2001-2003.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="834cc17d-b21b-4c1b-ac25-7d27187f6ab4"><ac:parameter ac:name="">Barney 10</ac:parameter></ac:structured-macro>[Barney 2010] Barney, Blaise. POSIX Threads Programming, Lawrence Livermore National Security, LLC, 2010.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="83bb23a1-6e14-417f-aaf6-87a60f1201ba"><ac:parameter ac:name="">Becker 08</ac:parameter></ac:structured-macro>[Becker 2008] Becker, Pete. Working Draft, Standard for Programming Language C++, April 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cbc9d543-32d6-4d20-b7f3-13898e4a9123"><ac:parameter ac:name="">Becker 09</ac:parameter></ac:structured-macro>[Becker 2009] Becker, Pete Working Draft, Standard for Programming Language C++, September 2009.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="89a860af-5daa-4ad3-9475-8a6ca20e900a"><ac:parameter ac:name="">Black 07</ac:parameter></ac:structured-macro>[Black 2007] Paul E. Black, Michael Kass, Michael Koo. Source Code Security Analysis Tool Functional Specification Version 1.0. Special Publication 500-268. Information Technology Laboratory (ITL), Software Diagnostics and Conformance Testing Division, May 2007. http://samate.nist.gov/docs/source_code_security_analysis_spec_SP500-268.pdf
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f13b0b09-10fd-4e7a-a2b1-37a4538c0591"><ac:parameter ac:name="">Cline 09</ac:parameter></ac:structured-macro>[Cline 2009] Cline, Marshall. C++ FAQ Lite - Frequently Asked Questions 1991-2009
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="924073db-3e8c-4c9d-a1c5-2d6bbaf29bcf"><ac:parameter ac:name="">CWE</ac:parameter></ac:structured-macro> [CWE] MITRE. Common Weakness Enumeration – A Community-Developed Dictionary of Software Weakness Types.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3505559a-9c20-468c-92af-16ea96bd67fc"><ac:parameter ac:name="">Dewhurst 03</ac:parameter></ac:structured-macro>[Dewhurst 2003] Dewhurst, Stephen C. C++ Gotchas: Avoiding Common Problems in Coding and Design. Boston, MA: Addison-Wesley Professional, 2002.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d6a66212-4db1-4519-81ef-b30d6aa465c7"><ac:parameter ac:name="">Dewhurst 05</ac:parameter></ac:structured-macro>[Dewhurst 2005] Dewhurst, Stephen C. C++ Common Knowledge: Essential Intermediate Programming. Boston, MA: Addison-Wesley Professional, 2005.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bc8f66c6-1ce8-4ae2-8422-e164f37f20ef"><ac:parameter ac:name="">Dowd 07</ac:parameter></ac:structured-macro>[Dowd 2007] Dowd, McDonald & Schuh. The Art of Software Security Assessment - Attacking delete and delete[] in C++, 2007.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ef92a8c9-cd3b-4a68-be49-1a8d86273c48"><ac:parameter ac:name="">Fortify 06</ac:parameter></ac:structured-macro>[Fortify 2006] Fortify Software Inc. Fortify Taxonomy: Software Security Errors, 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4e32f8ea-17d9-41d6-a598-0364d6424024"><ac:parameter ac:name="">FSF 05</ac:parameter></ac:structured-macro>[FSF 2005] Free Software Foundation. GCC online documentation. (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f19d9674-8d82-4294-abd4-d75d0979c4e8"><ac:parameter ac:name="">Gamma 95</ac:parameter></ac:structured-macro>[Gamma 1995] Gamma, Helm, Vlissides, and Johnson. Design Patterns Elements of Reusable Object Oriented Software. Addison Wesley, 1995.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d5b83e39-531a-44ba-9b99-601e784b48ff"><ac:parameter ac:name="">Goldberg 91</ac:parameter></ac:structured-macro>[Goldberg 1991] Goldberg, David. What Every Computer Scientist Should Know About Floating-Point Arithmetic. Sun Microsystems, March 1991.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bd02e717-bd35-4003-8a53-f9e3ba0c1551"><ac:parameter ac:name="">Graff 03</ac:parameter></ac:structured-macro>[Graff 2003] Graff, Mark G. & Van Wyk, Kenneth R. Secure Coding: Principles and Practices. Cambridge, MA: O'Reilly, 2003 (ISBN 0596002424).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="820c1d6f-c719-4011-9aa1-78a4337c9bc0"><ac:parameter ac:name="">Henricson 97</ac:parameter></ac:structured-macro>[Henricson 1997] Henricson, Mats & Nyquist, Erik. Industrial Strength C++. Upper Saddle River, NJ: Prentice Hall PTR, 1997 (ISBN 0-13-120965-5).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="36170b27-d5be-45e5-a58c-9d4b91c56979"><ac:parameter ac:name="">IEC 60812 2006</ac:parameter></ac:structured-macro>[IEC 60812 2006] Analysis techniques for system reliability - Procedure for failure mode and effects analysis (FMEA), 2nd ed. (IEC 60812). IEC, January 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="546b1f2c-45fd-4ee1-8c7e-1e1ebd3dfe14"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>[ISO/IEC 9899-1999] ISO/IEC 9899-1999. Programming Languages — C, Second Edition, 1999.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3940dfd0-b885-434e-9069-658d409df029"><ac:parameter ac:name="">ISO/IEC 14882-1998</ac:parameter></ac:structured-macro>[ISO/IEC 14882-1998] ISO/IEC 14882-1998. Programming Languages — C++, First Edition, 1998.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9046b211-a0cd-4c51-8a84-fb2b293d32c4"><ac:parameter ac:name="">ISO/IEC 14882-2003</ac:parameter></ac:structured-macro>[ISO/IEC 14882-2003] ISO/IEC 14882-2003. Programming Languages — C++, Second Edition, 2003.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b01d6636-227d-45db-a3ea-fb9ed05bafc3"><ac:parameter ac:name="">ISO/IEC DTR 24772</ac:parameter></ac:structured-macro>[ISO/IEC DTR 24772] ISO/IEC DTR 24772. Information Technology — Programming Languages — Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use, November 2009.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7423126c-2a85-4551-b176-32aee3473596"><ac:parameter ac:name="">Lions 96</ac:parameter></ac:structured-macro>[Lions 1996] Lions, J. L. ARIANE 5 Flight 501 Failure Report. Paris, France: European Space Agency (ESA) & National Center for Space Study (CNES) Inquiry Board, July 1996.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4016095b-68fa-4ea4-b8a3-6ac82ed84875"><ac:parameter ac:name="">Lockheed Martin 05</ac:parameter></ac:structured-macro>[Lockheed Martin 2005] Lockheed Martin. "Joint Strike Fighter Air Vehicle C++ Coding Standards for the System Development and Demonstration Program." Document Number 2RDU00001 Rev C., December 2005.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="73f9ba21-3d2c-41d2-ae97-0eae8d49486d"><ac:parameter ac:name="">Meyers 95</ac:parameter></ac:structured-macro>[Meyers 1995] Meyers, Scott. More Effective C++: 35 New Ways to Improve Your Programs and Designs. Boston, MA: Addison-Wesley Professional, 1995.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="40429461-a7da-4816-abc3-390f615b4f91"><ac:parameter ac:name="">Meyers 96</ac:parameter></ac:structured-macro>[Meyers 1996] Meyers, Scott. More Effective C++: 35 New Ways to Improve Your Programs and Designs. Boston, MA: Addison-Wesley, 1996.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f69977bc-e9f5-4489-9d48-7aa661469cd4"><ac:parameter ac:name="">Meyers 97</ac:parameter></ac:structured-macro>[Meyers 1997] Meyers, Scott. Effective C++ : 55 Specific Ways to Improve Your Programs and Designs, 3rd ed. Boston, MA: Addison-Wesley Professional, 1997.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8abbf9b7-dd87-496d-9e78-f8a4e76b4857"><ac:parameter ac:name="">Meyers 01</ac:parameter></ac:structured-macro>[Meyers 2001] Meyers, Scott. Effective STL: 50 Specific Ways to Improve Your Use of the Standard Template Library. Boston, MA: Addison-Wesley Professional, 2001.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a33abe38-de8c-48e1-9c90-05c62733c76f"><ac:parameter ac:name="">Meyers 05</ac:parameter></ac:structured-macro>[Meyers 2005] Meyers, Scott. Effective C++: 55 Specific Ways to Improve Your Programs and Designs (3rd Edition). Boston, MA: Addison-Wesley Professional, 2005.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d521ec8c-2118-4738-b0ec-f776f988dc99"><ac:parameter ac:name="">Microsoft 10</ac:parameter></ac:structured-macro>[Microsoft 2010] STL std::string class causes crashes and memory corruption on multi-processor machines
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="934aaef1-3947-40c4-a23f-fbabf69204b2"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro>[MISRA 2004] MIRA Limited. "MISRA C: 2004 Guidelines for the Use of the C Language in Critical Systems." Warwickshire, UK: MIRA Limited, October 2004 (ISBN 095241564X).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="720070de-4fc9-46ae-a8bb-f1699563c11f"><ac:parameter ac:name="">MISRA 08</ac:parameter></ac:structured-macro>[MISRA 2008] MIRA Limited. "MISRA C++: 2008 "Guidelines for the Use of the C++ Language in Critical Systems", ISBN 978-906400-03-3 (paperback), ISBN 978-906400-04-0 (PDF), June 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4154981a-5584-4ad1-a750-ad33a960bf07"><ac:parameter ac:name="">MITRE 07</ac:parameter></ac:structured-macro>[MITRE 2007] MITRE. Common Weakness Enumeration, Draft 9, April 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="787ecee4-2372-40ed-a208-16e4b4bc98eb"><ac:parameter ac:name="">MITRE 08a</ac:parameter></ac:structured-macro>[MITRE 2008a] MITRE. CWE ID 327, "Use of a Broken or Risky Cryptographic Algorithm," 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7fbfc81d-fdd3-46bc-a83e-ac37d868445c"><ac:parameter ac:name="">MITRE 08b</ac:parameter></ac:structured-macro>[MITRE 2008b] MITRE. CWE ID 330, "Use of Insufficiently Random Values," 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f0e2eff0-24b7-4f6d-a2ca-4b5729bee994"><ac:parameter ac:name="">MSDN 10</ac:parameter></ac:structured-macro>[MSDN 2010] MSDN. "CryptGenRandom Function."
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c73e9413-5ac8-489a-bc73-1913d2324df0"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro>[NIST 2006] NIST. SAMATE Reference Dataset, 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="76d8fd69-91b1-40fe-80ac-39c8a98aef3e"><ac:parameter ac:name="">POSIX.1-2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="58bde1a4-7b15-4e53-a6ca-a26c7135ba66"><ac:parameter ac:name="">IEEE Std 1003.1-2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d6c210b2-ed6b-4b44-ab10-4581cdf462b0"><ac:parameter ac:name="">ISO/IEC 9945:2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="988c5159-cc2d-40ac-a7f8-a0a9e987c626"><ac:parameter ac:name="">Open Group 08</ac:parameter></ac:structured-macro>[Open Group 2008] The Open Group. The Open Group Base Specifications Issue 7, IEEE Std 1003.1, 2008 Edition, 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d041d677-dbf8-4a93-b5f3-3a4fc0469433"><ac:parameter ac:name="">POSIX.1-2004</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b5da9982-28dd-4a98-a1a4-929435c95439"><ac:parameter ac:name="">IEEE Std 1003.1-2004</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cf5027fc-92a4-4da6-90be-1bd57e7a261d"><ac:parameter ac:name="">ISO/IEC 9945:2003</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7d67d221-2ffe-432d-ab52-3e1ae725b69b"><ac:parameter ac:name="">Open Group 04</ac:parameter></ac:structured-macro>[Open Group 2004] The Open Group. The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition, 2004.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3c00c436-44bf-47cb-a2ba-a430983f1abf"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro>[Plum 1991] Plum, Thomas. C++ Programming. Kamuela, HI: Plum Hall, Inc., November 1991 (ISBN 0911537104).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cb8e9ba9-85ea-4ecd-8209-a2c53f65d11e"><ac:parameter ac:name="">Quinlan 06</ac:parameter></ac:structured-macro>[Quinlan 2006] Quinlan, Dan; Vuduc, Richard; Panas, Thomas; Härdtlein, Jochen; & Sæbjørnsen, Andreas. "Support for Whole-Program Analysis and the Verification of the One-Definition Rule in C++," 27-35. NIST Special Publication 500-262, Proceedings of the Static Analysis Summit. Gaithersburg, MD, July 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="afb5040d-6ac8-46dc-b6f2-f40897fb1c6f"><ac:parameter ac:name="">Saks 99</ac:parameter></ac:structured-macro>[Saks 1999] Dan Saks. const T vs.T const. Embedded Systems Programming. Pg. 13-16. February 1999. http://www.dansaks.com/articles/1999-02%20const%20T%20vs%20T%20const.pdf
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="81a67780-57d6-4cb2-ab81-a2cc785c497b"><ac:parameter ac:name="">Saks 07</ac:parameter></ac:structured-macro>[Saks 2007] Saks, Dan. "Sequence Points" Embedded Systems Design, 07/01/02.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4072a91b-b4db-43e3-a4e8-5c16303906e0"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro>[Seacord 2005] Seacord, R. Secure Coding in C and C++. Upper Saddle River, NJ: Addison-Wesley, 2006 (ISBN 0321335724).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="09fc7436-f47b-402a-b8e3-72f47b4ef51f"><ac:parameter ac:name="">Sebor 04</ac:parameter></ac:structured-macro>[Sebor 2004] Sebor, Martin. C++ Standard Core Language Active Issues, Revision 68, Issue 475, 2010.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9fe3af39-234f-4875-85eb-f3374cd872e4"><ac:parameter ac:name="">SGI 06</ac:parameter></ac:structured-macro>[SGI 2006] Silicon Graphics, Inc. "basic_string<charT, traits, Alloc>." Standard Template Library Programmer's Guide, 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="430c4e40-8502-43d8-a241-087cd64172db"><ac:parameter ac:name="">Steele 77</ac:parameter></ac:structured-macro>[Steele 1977] Steele, G. L. 1977. Arithmetic shifting considered harmful. SIGPLAN Not. 12, 11 (Nov. 1977), 61-69.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7679d2d4-3993-4f61-bbf5-74e30a19835f"><ac:parameter ac:name="">Stroustrup 97</ac:parameter></ac:structured-macro>[Stroustrup 1997] Stroustrup, Bjarne. The C++ Programming Language, Third Edition. Reading, MA: Addison-Wesley, 1997 (ISBN 0201889544).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e6bbd678-07e8-4a05-baf6-802cb97039c6"><ac:parameter ac:name="">Stroustrup 06</ac:parameter></ac:structured-macro>[Stroustrup 2006] Stroustrup, Bjarne. C++ Style and Technique FAQ (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="79ba6efd-4e06-41e1-a750-00f03246bc6e"><ac:parameter ac:name="">Stroustrup 01</ac:parameter></ac:structured-macro>[Stroustrup 2001] Stroustrup, Bjarne. Exception Safety: Concepts and Techniques (2001).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="332bbe77-2de4-4c83-9791-9f033ae45d89"><ac:parameter ac:name="">Sun 93</ac:parameter></ac:structured-macro>[Sun 1993] Sun Security Bulletin #00122, 1993.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="896685cf-675a-4011-a056-ce4b87554129"><ac:parameter ac:name="">Sutter 00</ac:parameter></ac:structured-macro>[Sutter 2000] Sutter, Herb. Exceptional C++: 47 Engineering Puzzles, Programming Problems, and Solutions. Addison-Wesley Professional, 2000 (ISBN 0201615622).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="808f0ab0-4c48-46da-ac00-4c5db72a24e1"><ac:parameter ac:name="">Sutter 01</ac:parameter></ac:structured-macro>[Sutter 2001] Sutter, Herb. More Exceptional C++: 40 New Engineering Puzzles, Programming Problems, and Solutions. Addison-Wesley Professional, 2001 (ISBN 020170434).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="29082be2-0ce6-4b73-a601-4596ef391e9d"><ac:parameter ac:name="">Sutter 04</ac:parameter></ac:structured-macro>[Sutter 2004] Sutter, Herb & Alexandrescu, Andrei. C++ Coding Standards: 101 Rules, Guidelines, and Best Practices. Boston, MA: Addison-Wesley Professional, 2004 (ISBN 0321113586).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="05698a99-0639-429c-9e86-c84ba606b0c1"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro>[Viega 2003] Viega, John & Messier, Matt. Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="63dc1b4e-f5f9-4257-8282-1cf17b300200"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>[Warren 2002] Warren, Henry S. Hacker's Delight. Boston, MA: Addison Wesley Professional. 2002 (ISBN 0201914654).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="304a9b0b-bff5-409e-bf84-b4338ae87c34"><ac:parameter ac:name="">Williams 10</ac:parameter></ac:structured-macro>[Williams 2010] Williams, Anthony. Simpler Multithreading in C++0x, Internet.com, 2010.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d85e9846-fd21-4da2-a9ef-8b935a4e4e6c"><ac:parameter ac:name=""> xorl 2009</ac:parameter></ac:structured-macro>[xorl 2009] xorl. xorl %eax, %eax.