Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Showing 1 - 10 of 18 results for the Type - technical report Secure Coding

Technical Note | April 2012 - Technical Note Source Code Analysis Laboratory (SCALe) By Robert C. Seacord, Will Dormann, James McCurley, Philip Miller, Robert W. Stoddard, David Svoboda, Jefferson Welch

In this report, the authors describe the CERT Program's Source Code Analysis Laboratory (SCALe), a conformance test against secure coding standards.

Technical Report | December 2010 - Technical Report Source Code Analysis Laboratory (SCALe) for Energy ... By Robert C. Seacord, Will Dormann, James McCurley, Philip Miller, Robert W. Stoddard, David Svoboda, Jefferson Welch

In this report, the authors describe the Source Code Analysis Laboratory (SCALe), which tests software for conformance to CERT secure coding standards.

Technical Report | June 2008 - Technical Report Evaluation of CERT Secure Coding Rules through Integration ... By Stephen Dewhurst, Chad Dougherty, Yurie Ito, David Keaton, Dan Saks, Robert C. Seacord, David Svoboda, Chris Taschner, Kazuya Togashi (JPCERT/CC)

In this report, the authors describe a study to evaluate CERT Secure Coding Standards and source code analysis tools in commercial software projects.

Technical Report | November 2013 - Technical Report Mobile SCALe: Rules and Analysis for Secure Java and ... By Lujo Bauer (Carnegie Mellon University - Department of Electrical and Computer Engineering), Lori Flynn, Limin Jia (Carnegie Mellon University - Department of Electrical and Computer Engineering), Will Klieber, Fred Long, Dean F. Sutherland, David Svoboda

In this report, the authors describe Android secure coding rules, guidelines, and static analysis developed as part of the Mobile SCALe project.

Technical Note | July 2012 - Technical Note Supporting the Use of CERT Secure Coding Standards in ... By Timothy Morrow, Robert C. Seacord, John K. Bergey, Philip Miller

In this report, the authors provide guidance for helping DoD acquisition programs address software security in acquisitions.

Technical Report | May 2010 - Technical Report Java Concurrency Guidelines By Fred Long, Dhruv Mohindra, Robert C. Seacord, David Svoboda

In this report, the authors describe the CERT Oracle Secure Coding Standard for Java, which provides guidelines for secure coding in Java.

Technical Note | June 2014 - Technical Note Improving the Automated Detection and Analysis of Secure ... By Daniel Plakosh, Robert C. Seacord, Robert W. Stoddard, David Svoboda, David Zubrow

This technical note describes the accuracy analysis of the Source Code Analysis Laboratory (SCALe) tools and the characteristics of flagged coding violations.

Technical Report | May 2006 - Technical Report Specifications for Managed Strings By Hal Burch, Fred Long, Robert C. Seacord

This report has been superseded by Specifications for Managed Strings, Second Edition (CMU/SEI-2010-TR-018).

Technical Report | October 2009 - Technical Report Secure Design Patterns By Chad Dougherty, Kirk Sayre, Robert C. Seacord, David Svoboda, Kazuya Togashi (JPCERT/CC)

In this report, the authors describe a set of general solutions to software security problems that can be applied in many different situations.

Technical Note | July 2009 - Technical Note As-if Infinitely Ranged Integer Model By David Keaton, Thomas Plum (Plum Hall - Inc.), Robert C. Seacord, David Svoboda, Alex Volkovitsky, Timothy Wilson

In this report, the authors present the as-if infinitely ranged (AIR) integer model, which eliminates integer overflow and integer truncation in C and C++ code.