 |
Evaluation of CERT Secure Coding Rules through Integration with Source Code Analysis Tools |
|||||||||||||||||||||||
Parent SEI Program
Related Publications |
Stephen Dewhurst
Technical Report This report describes a study conducted by the CERT Secure Coding Initiative and JPCERT to evaluate the efficacy of the CERT Secure Coding Standards and source code analysis tools in improving the quality and security of commercial software projects. In addition to assessing the ability of existing tools to detect violations of the standard, the ability to extend and improve the tools is surveyed. Finally, the use of a selected tool to improve the quality of code in the real-world case of a Japanese software vendor's product is described. |
|
||||||||||||||||||||||
|
|
||||||||||||||||||||||||
 |
|
|
||||||||||||||||||||||
