Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Software

Secure Coding Validation Suite

  • December 2012
  • The Secure Coding Validation Suite is a tool that performs a set of tests to validate the rules defined in ISO Technical Specification 17961.
  • Secure Coding
  • Publisher: GitHub
  • Abstract

    Compilers and source code analysis tools are trusted processes, meaning that a degree of reliance is placed on the output of the tools. Accordingly, developers must ensure that this trust is not misplaced. Ideally, trust should be achieved by the tool supplier running appropriate validation tests such as this validation suite.

    The Secure Coding Validation Suite includes tools that allow vendors to use these tests with an analyzer, interpreter, or compiler, along with the test_driver.sh script, and a utility to decipher and display the results as a report. By using this validation suite, vendors can ensure that they have successfully diagnosed rule violations in the suite.

    In August 2014, there were 45 rules with associated test files in the Secure Coding Validation Suite. Its functionality and framework for rules testing (and rules reporting) can be augmented with new rules tests. The validation suite is distributed open source with a BSD-style license.

Software Information

Published by GitHub

Get the Software