< Back to all manuals

Xcalscan User Manual (Release 2.0.0)

Xcalscan User Manual (Release 2.0.0)


14.2 CERT

latest update: 2021-06-15

CERT is the secure coding standard developed by the SEI (Software Engineering Institute).

CERT is a popular standard which provides rules for coding in C, C++ and Java. The goal of these rules and recommendations is to help developers and teams to develop secure and reliable systems. In order to ensure the safety of the software systems developed in C, C++ and Java programming languages, it’s highly recommended that you should follow the coding rules included in this standard.

In CERT coding standard, the priority of defects is calculated via 3 factors including severity, likelihood and remediation cost. And all of the rules are divided into 3 levels: L1, L2, and L3. Level 1 rules represent high severity with high likelihood and high remediation costs.

Xcalscan matches compliance with a high number of CERT rules. This has been achieved by careful mapping of defects identified through analysis to each individual rule. This provides advantages for the ongoing application development within organizations as new teams take over coding and adhere to industry standards such as ISO to ensure that the final product delivered is fit for purpose. And of course, coding standards are a means of delivering high-quality code.

For more information about CERT C standard, please go to the official website https://wiki.sei.cmu.edu/confluence/.