Slide 1

CERT C AND C++

Platform specifications and coding guidelines

What is CERT Coding Standard?

The CERT Coding Standard for C and C++ is a standard that provides rules and recommendations to target insecure coding practices and undefined behaviours that can lead to exploitable vulnerabilities. The CERT C and C++ standards are the results of studying over 20 years of documented software vulnerability cases.

Created by the Software Engineering Institute (SEI) in various languages used by embedded developers to shield code against security problems.

The Software Engineering Institute is a research and development centre primarily funded by the U.S. Department of Defence and the Department of Homeland Security. The CERT Division at SEI is operated by Carnegie Mellon University and is responsible for publishing the standard.

How to comply with CERT Standard guidelines?

IMPLEMENT STATIC ANALYSIS TO ACHIEVE CERT C and CERT C++ STANDARD COMPLIANCE

Our static analysis tool, QA-MISRA, ensures automated compliance with the CERT C/C++ coding standards for safety-critical C/C++ code.

Implement a disciplined, repeatable, and security-focused development process by incorporating application security measures into your design and coding processes

Start a free trial of QA-MISRA to evaluate your code against the CERT C/C++ coding standards.

With QA-MISRA there are no hidden extras, coding language variants, or compliance module add-ons. It provides a single solution to automatically check your C or C++ source code for compliance against the most common international software safety and security standards.

  • Highlights coding rule violations
  • Reports unspecified, undefined or compiler-dependent behavior
  • Clearly flags possible runtime issues