Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
ComplianceCERTC++CodingStandardCERTSecureCodingStandards
Pages / / AutomaticallyGeneratedCode
Compliance
CreatedbyJustinPincar,lastmodifiedbyDavidSvobodaonNov06,2008
SoftwaresystemscanbevalidatedasconformingtotheCERTC++SecureCodingStandard.Sourcecodeanalysis
toolsincludingcompilersandstaticanalysistools,canbecertifiedasabletovalidatesourcecodeasconformingto
thisstandard.
SourceCodeCompliance
TheCERTC++SecureCodingStandardcanbeusedasameasureofsoftwaresecuritybydeterminingthedegreeto
whichasoftwaresystemcomplieswiththerulesandrecommendationsinthisstandard.Whilecompliancedoesnot
guaranteetheabsenceofvulnerabilities(forexample,vulnerabilitiesresultingfromdesignflaws),itdoesguaranteethe
absenceofcodingerrorsthatarecommonlyfoundtobetherootcausesofvulnerabilities.
TheeasiestwaytovalidatecodeascompliantwiththeCERTC++SecureCodingstandardistouseacertifiedsource
codeanalysistool.
ToolSelectionandValidation
Whenchoosingacompiler(whichshouldbeunderstoodtoincludethelinker),aC++98compliantcompilershouldbe
usedwheneverpossible.
Whenchoosingasourcecodeanalysistool,itisclearlydesirablethatthetoolbeabletoenforceasmanyoftherules
inthisdocumentaspossible.
Compilersandsourcecodeanalysistoolsaretrustedprocesses,meaningthatadegreeofrelianceisplacedonthe
outputofthetools.Consequently,developersmustensurethatthistrustisnotmisplaced.Ideally,thisshouldbe
achievedbythetoolsupplierrunningappropriatevalidationtests.Whileitispossibletouseavalidationsuitetotesta
compilerorsourcecodeanalysistools,noformalvalidationschemeexistsatthetimeofpublicationofthisbook.
Levels
Rulesandrecommendationsinthisstandardareclassifiedintothreelevels.Emphasisshouldbeplacedon
conformanceLevel1(L1)rules.SoftwaresystemsthathavebeenvalidatedascomplyingwithallLevel1rulesare
consideredtobeL1Conforming.SoftwaresystemscanbeassessedasL1,L2,orfullyconformingdependingonthe
setofrulestowhichthesystemhasbeenvalidated.
RulesversusRecommendations
Conformancetosecurecodingrulesmustbedemonstratedtoclaimcompliancewiththisstandardunlessan
exceptionalconditionexists.Ifanexceptionalconditionisclaimed,theexceptionmustcorrespondtoapredefined
exceptionalconditionandtheapplicationofthisexceptionmustbedocumentedinthesourcecode.
Compliancewithrecommendationsisnotnecessarytoclaimcompliancewiththisstandard.Itispossible,however,to
claimcompliancewithrecommendations(especiallyincasesinwhichcompliancecanbeverified).
DeviationProcedure
https://www.securecoding.cert.org/confluence/display/cplusplus/Compliance
1/2
3/26/2015
ComplianceCERTC++CodingStandardCERTSecureCodingStandards
Strictadherencetoallrulesisunlikely.Consequently,deviationsassociatedwithindividualsituationsarepermissible.
Deviationsmayoccurforaspecificinstance,typicallyinresponsetocircumstancesthatariseduringthedevelopment
processorforasystematicuseofaparticularconstructinaparticularcircumstance.Systematicdeviationsareusually
agreeduponatthestartofaproject.
Forthesesecurecodingrulestohaveauthority,itisnecessarythataformalprocedurebeusedtoauthorizethese
deviationsratherthananindividualprogrammerhavingdiscretiontodeviateatwill.Theuseofadeviationmustbe
justifiedonthebasisofbothnecessityandsecurity.Rulesthathaveahighseverityand/orahighlikelihoodrequirea
morestringentprocessforagreeingtoadeviationthandoruleswithalowseveritythatareunlikelytoresultina
vulnerability.
Toclaimcompliancewiththisstandard,softwaredevelopersmustbeabletoproduceonrequestdocumentationasto
whichsystematicandspecificdeviationshavebeenpermittedduringdevelopment.
Nolabels
Home|About|Contact|FAQ
|Statistics|Jobs|Termsof
Use
Copyright19952014
CarnegieMellonUniversity
https://www.securecoding.cert.org/confluence/display/cplusplus/Compliance
2/2