Secure Coding Publications

SEI CERT C Coding Standard (2016 Edition)
This online download is available for free to promote the adoption of secure coding standards. This latest edition complements our newly developed Secure Coding in C and C++ Professional Certificate.

Making DidFail Succeed: Enhancing the CERT Static Taint Analyzer for Android App Sets
In this report, the authors describe how the DidFail tool was enhanced to improve its effectiveness.

Performance of Compiler-Assisted Memory Safety Checking
In this new SEI technical note, the authors describe the criteria for deploying a compiler-based memory safety checking tool and the performance that can be achieved with two such tools whose source code is freely available.

The CERT C Coding Standard: 98 Rules for Developing Safe, Reliable, and Secure Systems, Second Edition
This book provides rules to help programmers ensure that their code complies with the new C11 standard and earlier standards, including C99.

Android Taint Flow Analysis for App  Sets
In this paper, the authors describe a new static taint flow analysis that precisely tracks both inter-component and intra-component data flow in a set of Android applications.

Secure Coding for the Android Platform
In this blog post, Lori Flynn describes the work the Secure Coding Team is doing for the Android platform.

MITRE, CWE, and CERT Secure Coding Standards
In this paper, the authors summarize the Common Weakness Enumeration (CWE) and CERT Secure Coding Standards and the relationship between the two.

Secure Coding in C and C++, Second Edition
This book describes how to write secure C and C++ code and avoid the software defects most likely to cause exploitable vulnerabilities.

The CERT Oracle Secure Coding Standard for Java
This book provides the first comprehensive compilation of code-level requirements for building secure systems in Java.

Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs
This book brings together expert guidelines, recommendations, and code examples to help you use Java code to perform mission-critical tasks.

Subscribe to Our eNewsletter

In July 2013, we began publishing an eNewsletter to provide timely information about updates to CERT secure coding standards, related news, and events.

Subscribe

 

Develop Coding Standards with Us

Contribute to the CERT Secure Coding Standards wiki to help develop standards that work in the real world.

This list of publications does not include blog posts. For Secure Coding related blog posts, see the Blog Posts tab.

  • 2009

  • 12/04/2009 Secure Coding Governance and Guidance In this paper, the authors propose the use of secure coding standards in the development of software for surface combatants and submarines.
  • 12/04/2009 Secure Coding Plan This plan is a government-provided customizable document that is part of the acquisition's government reference library.
  • 12/04/2009 Implementing Secure Coding Standards in a System Acquisition In this December 2009 presentation, John Bergey and Tim Morrow explore how required secure coding standards can be specified and integrated in a system acquisition.
  • 10/01/2009 Secure Design Patterns In this report, the authors describe a set of general solutions to software security problems that can be applied in many different situations.
  • 09/18/2009 2009 CERT Research Report In this 2009 report, the authors summarize the research conducted by the CERT Division at the Software Engineering Institute in 2009.
  • 08/13/2009 Secure Coding In this webinar, Robert Seacord discusses work to develop secure coding standards for commonly used programming languages such as C, C++, and Java.
  • 07/01/2009 As-if Infinitely Ranged Integer Model In this report, the authors present the as-if infinitely ranged (AIR) integer model, which eliminates integer overflow and integer truncation in C and C++ code.
  • 2006

  • 09/11/2006 Secure Coding in C++: Strings In this SD Best Practices 2006 presentation, Robert Seacord discusses strings and secure coding.
  • 07/31/2006 CERT Research 2005 Annual Report This report provides brief abstracts for major research projects, followed by more detailed descriptions of these projects, for all CERT research conducted in the year 2005.
  • 05/01/2006 Specifications for Managed Strings This report has been superseded by Specifications for Managed Strings, Second Edition (CMU/SEI-2010-TR-018).
  • 01/02/2006 2006 CERT Research Report In this 2006 report, the authors describe how CERT research advanced the field of information and system security during the 2006 fiscal year.
  • 2001

  • 07/25/2001 Building Systems from Commercial Components This book describes specific engineering practices needed to integrate preexisting components with preexisting specifications successfully, illustrating the techniques described with case studies and examples.

Android

Using DidFail to Analyze Flow of Sensitive Information in Sets of Android Apps (presentation)
In this presentation, the authors describe how to use DidFail, a tool that detects potential leaks of sensitive information in Android apps.

Making DidFail Succeed: Enhancing the CERT Static Taint Analyzer for Android App Sets (SEI technical report)
In this report, the authors describe how the DidFail tool was enhanced to improve its effectiveness.

Android Taint Flow Analysis for App Sets
In this paper, the authors describe a new static taint analysis for Android that combines and augments FlowDroid and Epicc analyses to track data flow.

Android Taint Flow Analysis for App Sets
In this presentation at the SOAP 2014 workshop, the authors describe their taint flow analysis for Android applications.

Precise Static Analysis of Taint Flow for Android Application Sets
In this thesis, Amar S. Bhosale describes a static taint analysis for Android that combines the FlowDroid and Epicc analyses to track inter- and intra-component data flow.

Secure Coding for the Android Platform
In this blog post, Lori Flynn discusses the initial development of coding rules and guidelines for the Android platform.

Two Secure Coding Tools for Analyzing Android Apps
In this blog post, Will Klieber details CERT work to develop techniques and tools for analyzing code for mobile computing platforms.

Compiler-Enforced Buffer Overflow Elimination

Performance of Compiler-Assisted Memory Safety Checking (blog post)
In this blog post, David Keaton describes his research on creating automated buffer overflow prevention.

Performance of Compiler-Assisted Memory Safety Checking (report)
In this report, David Keaton describes the criteria for deploying a compiler-based memory safety checking tool and the performance that can be achieved with two such tools whose source code is freely available.

Certifying the Absence of Buffer Overflows
In this report, the authors present a technique for certifying the safety of buffer manipulations in C programs.

COVERT: A Framework for Finding Buffer Overflows in C Programs via Software Verification
In this report, the authors present COVERT, an automated framework for finding buffer overflows in C programs using software verification tools and techniques.

Precise Buffer Overflow Detection via Model Checking
In this paper, the authors present an automated overflow detection technique based on model checking and iterative refinement.

Pointer Ownership Model

Pointer Ownership Model
In this paper, David Svoboda describes the Pointer Ownership Model, which can statically identify classes of errors involving dynamic memory in C/C++ programs.

Using the Pointer Ownership Model to Secure Memory Management in C and C++
In this blog post, David Svoboda describes a research initiative aimed at eliminating vulnerabilities resulting from memory management problems in C and C++.

Secure Coding Standards

Cisco's Adoption of CERT Secure Coding Standards
In this podcast, Martin Sebor explains how implementing secure coding standards is a sound business decision.

Implementing Secure Coding Standards in a System Acquisition
In this presentation, John Bergey and Tim Morrow explore how required secure coding standards can be specified and integrated in a system acquisition.

MITRE, CWE, and CERT Secure Coding Standards
In this paper, the authors summarize the Common Weakness Enumeration (CWE) and CERT Secure Coding Standards and the relationship between the two.

Supporting the Use of CERT Secure Coding Standards in DoD Acquisitions
In this report, the authors provide guidance for helping DoD acquisition programs address software security in acquisitions.

The CERT C Coding Standard: 98 Rules for Developing Safe, Reliable, and Secure Systems, Second Edition
In this book, Robert Seacord provides rules to help programmers ensure that their code complies with the new C11 standard and earlier standards, including C99.

Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs
In this book, Robert Seacord brings together expert guidelines, recommendations, and code examples to help you use Java code to perform mission-critical tasks.

Thread Role Analysis

C/C++ Thread Safety Analysis
In this paper, the authors describe Clang Thread Safety Analysis, a tool that uses annotations to enforce thread safety policies in C and C++ programs.

Thread Safety Analysis in C and C++
In this blog post, Aaron Ballman introduces Clang Thread Safety Analysis, a tool that was developed as part of a collaboration between Google and the Secure Coding Initiative in the SEI's CERT Division.

Thread Role Analysis blog post
In this blog post, Dean Sutherland describes our ongoing research towards carefully controlling the interactions between multiple threads for a variety of languages, including Java and C11.

Integer Security

As-If Infinitely Ranged Integer Model, Second Edition
In this report, the authors present the as-if infinitely ranged (AIR) integer model, a mechanism for eliminating integral exceptional conditions.

As-if Infinitely Ranged Integer Model
In this report, the authors present the as-if infinitely ranged (AIR) integer model, which eliminates integer overflow and integer truncation in C and C++ code.

Sample Chapter from Secure Coding in C and C++: Integer Security
In this sample chapter from the book Secure Coding in C and C++, Robert Seacord discusses integer operations, vulnerabilities, mitigation strategies, and more.

Instrumented Fuzz Testing Using AIR Integers
In this paper, the authors present the as-if infinitely ranged (AIR) integer model, which provides a mechanism for eliminating integral exceptional conditions.

Instrumented Fuzz Testing Using AIR Integers
In this presentation, Will Dormann and Robert Seacord describe how to conduct instrumented fuzz testing using as-if infinitely ranged integers.

Ranged Integers for the C Programming Language
In this 2007 report, the authors describe an extension to the C programming language to introduce the notion of ranged integers.

C Code Checkers (Rosecheckers)

Working with ROSE
In this 2008 presentation, David Svoboda explains the technical details of the CERT Rosecheckers tool.

SEI CERT C Coding Standard (2016 Edition)
This online download is available for free to promote the adoption of secure coding standards. This latest edition complements our newly developed Secure Coding in C and C++ Professional Certificate.

Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs
Organizations worldwide rely on Java code to perform mission-critical tasks, so that code must be reliable, robust, fast, maintainable, and secure. This book brings together expert guidelines, recommendations, and code examples to help you meet these demands.

The CERT Oracle Secure Coding Standard for Java
This book is the first comprehensive compilation of code-level requirements for building secure systems in JAVA. Organized by the CERT Division's software security experts, it covers every facet of secure software coding with Java 7 SE and Java 6 SE.

The CERT C Coding Standard: 98 Rules for Developing Safe, Reliable, and Secure Systems, Second Edition
This book provides rules to help programmers ensure that their code complies with the new C11 standard and earlier standards, including C99.

Read more publications & media
  • 10/17/2016 Resilience, Secure Coding, Data Science, Insider Threat, and Scheduling: The Latest Research from the SEI As part of an ongoing effort to keep you informed about our latest work, this blog post summarizes some recently published SEI technical reports, white papers, and webinars in resilience, effective cyber workforce development, secure coding, data science, insider threat,...
  • 09/26/2016 Secure Coding in C++11 and C++14 Writing secure C++ code is hard. C++11 and C++14 have added new facilities that change the way programmers write C++ code with the introduction of features like lambdas and concurrency. Few resources exist, however, describing how these new facilities also...
  • 06/06/2016 Prioritizing Alerts from Static Analysis to Find and Fix Code Flaws In 2015, the National Vulnerability Database (NVD) recorded 6,488 new software vulnerabilities, and the NVD documents a total of 74,885 software vulnerabilities discovered between 1988-2016. Static analysis tools examine code for flaws, including those that could lead to software security...
  • 01/11/2016 Empirical Evaluation of API Usability and Security Today's computer systems often contain millions of lines of code and are constructed by integrating components, many of which are authored by various third parties. Application Programming Interfaces (APIs) are the glue that connects these software components. While the SEI...
  • 01/04/2016 The Top 10 Blog Posts of 2015: Technical Debt, DevOps, Graph Analytics, Secure Coding, and Testing In 2015, the SEI blog launched a redesigned platform to make browsing easier, and our content areas more accessible and easier to navigate. The SEI Blog audience also continued to grow with an ever-increasing number of visitors learning more about...
  • 10/05/2015 Is Java More Secure than C? By David Svoboda Senior Member of the Technical Staff CERT Division Whether Java is more secure than C is a simple question to ask, but a hard question to answer well. When we began writing the SEI CERT Oracle...
  • 05/18/2015 Resilience, Model-Driven Engineering, Software Quality, and Android App Analysis - The Latest Research from the SEI As part of an ongoing effort to keep you informed about our latest work, I would like to let you know about some recently published SEI technical reports and notes. These reports highlight the latest work of SEI technologists in...
  • 03/16/2015 An Enhanced Tool for Securing Android Apps This blog post was co-authored by Will Klieber. Each software application installed on a mobile smartphone, whether a new app or an update, can introduce new, unintentional vulnerabilities or malicious code. These problems can lead to security challenges for organizations...
  • 12/22/2014 The 2014 Year in Review: Top 10 Blog Posts In 2014, the SEI blog has experienced unprecedented growth, with visitors in record numbers learning more about our work in big data, secure coding for Android, malware analysis, Heartbleed, and V Models for Testing. In 2014 (through December 21), the...
  • 12/08/2014 Java Zero Day Vulnerabilities A zero-day vulnerability refers to a software security vulnerability that has been exploited before any patch is published. In the past, vulnerabilities were widely exploited even when a patch was available, which means they were not zero-day. Today, zero-day vulnerabilities...
  • 10/13/2014 Thread Safety Analysis in C and C++ With the rise of multi-core processors, concurrency has become increasingly common. The broader use of concurrency, however, has been accompanied by new challenges for programmers, who struggle to avoid race conditions and other concurrent memory access hazards when writing multi-threaded...
  • 08/25/2014 Performance of Compiler-Assisted Memory Safety Checking According to a 2013 report examining 25 years of vulnerabilities (from 1998 to 2012), buffer overflow causes 14 percent of software security vulnerabilities and 35 percent of critical vulnerabilities, making it the leading cause of software security vulnerabilities overall. As...
  • 07/07/2014 The Latest Research from the SEI As part of an ongoing effort to keep you informed about our latest work, I would like to let you know about some recently published SEI technical reports and notes. These reports highlight the latest work of SEI technologists in...
  • 06/30/2014 Android, Heartbleed, Testing, and DevOps: An SEI Blog Mid-Year Review In the first half of this year, the SEI blog has experienced unprecedented growth, with visitors in record numbers learning more about our work in big data, secure coding for Android, malware analysis, Heartbleed, and V Models for Testing. In...
  • 05/12/2014 Heartbleed: Q&A The Heartbleed bug, a serious vulnerability in the Open SSL crytographic software library, enables attackers to steal information that, under normal conditions, is protected by the Secure Socket Layer/Transport Layer Security(SSL/TLS) encryption used to secure the internet. Heartbleed and its...
  • 05/05/2014 Secure Coding to Prevent Vulnerabilities Software developers produce more than 100 billion lines of code for commercial systems each year. Even with automated testing tools, errors still occur at a rate of one error for every 10,000 lines of code. While many coding standards address...
  • 04/28/2014 Two Secure Coding Tools for Analyzing Android Apps This blog post is co-authored by Lori Flynn. Although the Android Operating System continues to dominate the mobile device market (82 percent of worldwide market share in the third quarter of 2013), applications developed for Android have faced some challenging...
  • 03/25/2013 Using the Pointer Ownership Model to Secure Memory Management in C and C++ This blog post describes a research initiative aimed at eliminating vulnerabilities resulting from memory management problems in C and C++. Memory problems in C and C++ can lead to serious software vulnerabilities including difficulty fixing bugs, performance impediments, program crashes...
  • 01/15/2013 Anatomy of Java Exploits On behalf of the real author, my colleague David Svoboda (and a couple others who work on the CERT Secure Coding Initiative), here's a post analyzing recent Java exploits....
  • 11/26/2012 The Latest Research from the SEI As part of an ongoing effort to keep you informed about our latest work, I'd like to let you know about some recently published SEI technical reports and notes. These reports highlight the latest work of SEI technologists in information...
  • 11/05/2012 Helping Developers Address Security with the CERT C Secure Coding Standard By analyzing vulnerability reports for the C, C++, Perl, and Java programming languages, the CERT Secure Coding Team observed that a relatively small number of programming errors leads to most vulnerabilities. Our research focuses on identifying insecure coding practices and...
  • 06/18/2012 Improving Security in the Latest C Programming Language Standard Buffer overflows--an all too common problem that occurs when a program tries to store more data in a buffer, or temporary storage area, than it was intended to hold--can cause security vulnerabilities. In fact, buffer overflows led to the creation...
  • 10/29/2008 Reported Vulnerability in CERT Secure Coding Standards Website Hi, it's Will. Recently, a blog author reported that the CERT® Secure Coding Standards website, which runs on Atlassian Confluence, contained a SQL injection vulnerability. After analyzing the report and discussing it with the Confluence vendor, we have concluded that...