Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Dean  F. Sutherland
October 2014 - Article C/C++ Thread Safety Analysis

Topics: Secure Coding

In this paper, the authors describe Clang Thread Safety Analysis, a tool that uses annotations to enforce thread safety policies in C and C++ programs.

September 2013 - Article Java Coding Guidelines for Reliability

Topics: Secure Coding

In this sample chapter, the authors describe how to avoid obscure techniques and code that is difficult to understand and maintain when programming in Java.

September 2013 - Video Don’t Be Pwned: A Short Course on Secure Programming in Java

Topics: Secure Coding

In this JavaOne 2013 video, developers of the CERT Oracle Secure Coding Standard for Java describe exploits that compromised Java programs in the field.

September 2013 - Presentation Don’t Be Pwned: A Short Course on Secure Programming in Java

Topics: Secure Coding

In this presentation, the developers of the CERT Oracle Secure Coding Standard for Java present real exploits that have compromised Java programs in the field.

October 2011 - Article The CERT Oracle Secure Coding Standard for Java: Input Validation and Data Sanitization

Topics: Secure Coding

In this sample chapter, the authors provide rules, assesses their risk, and provide noncompliant and compliant code and solutions to validate and sanitize the data.

September 2011 - Book The CERT Oracle Secure Coding Standard for Java

Topics: Secure Coding

In this book, the authors provide the first comprehensive compilation of code-level requirements for building secure systems in Java.