Showing 1 - 9 of 9 results for the Type - technical note Secure Coding
In this report, the authors provide guidance for helping DoD acquisition programs address software security in acquisitions.
This technical note describes the accuracy analysis of the Source Code Analysis Laboratory (SCALe) tools and the characteristics of flagged coding violations.
This technical note describes the criteria for deploying a compiler-based memory safety checking tool and the performance that can be achieved with two such tools whose source code is freely available.
In this report, the authors describe the CERT Program's Source Code Analysis Laboratory (SCALe), a conformance test against secure coding standards.
In this report, the authors present the as-if infinitely ranged (AIR) integer model, which eliminates integer overflow and integer truncation in C and C++ code.
In this 2005 report, the authors propose a classification scheme that uses attribute-value pairs to provide a multidimensional view of vulnerabilities.
In this report, Fred Long briefly describes potential software vulnerabilities in Java version 5.
In this 2007 report, the authors describe an extension to the C programming language to introduce the notion of ranged integers.
In this report, the authors present the as-if infinitely ranged (AIR) integer model, a mechanism for eliminating integral exceptional conditions.