CERT C Secure Coding Standard - last call for reviewers
We're reprinting a call for the C community to review the current version of the CERT C Secure Coding Standard. Secure coding is the practice of avoiding security exploits through more rigorous control of the sources, methods, and products of compilation.
CERT's wiki has a lot of well-thought-out information in it.
Subject: CERT C Secure Coding Standard - last call for reviewers
Date: Thu, 20 Mar 2008 10:02:10 -0400
From: Robert Seacord email@example.com
Organization: Software Engineering Institute
We would like to invite the C community to review and comment on the
current version of the CERT C Secure Coding Standard available online at
Version 1.0 is published. To comment, you can create an account on the
Secure Coding wiki and post your comments there.
Our intent is to complete major development of Version 1.0 by April 18,
2008, with the published version of the standard being available in
September. Once Version 1.0 of the standard goes to the publisher, we
will begin development of Version 2.0. That is, we will continue to
maintain the wiki to further advance the "working version" of the CERT C
Secure Coding Standard. The published 1.0 version will become the
official version, until replaced by a future version. It is unlikely a
subsequent version will be released any time in the next 2-3 years, so
we would like to ensure that Version 1.0 will be a high quality product
that will promote and encourage secure coding practices.
Thanks for any help and assistance you have already provided and for any
additional contribution you may make. There are currently 184
individuals who have contributed to the development of this standard,
without whom this effort could not have succeeded.