Use of secure coding standards


Explanation: To reduce the possibility of exploitable vulnerabilities in languages susceptible to memory access errors, but without restricting programmers to a language subset, adherence to standard usages of the language structures should be required. Using the standard can reduce the possibility of memory access and other exploitable errors substantially. Secure coding standards are available for C, C++ and Java.

Vulnerabilities addressed: Addresses memory access and some other types of implementation errors.

Developer resources required: Requires programmers trained in coding standard use, and software to check programs produced for conformance to the standard.

Evaluator resources required: Requires source code and automated checker for conformance to standards. If conformance cannot be mechanically checked, manual auditing might be required.