SEI Makes Updated CERT C Coding Standard Freely Available

News provided by

Carnegie Mellon University Software Engineering Institute

Aug 11, 2016, 09:59 ET

PITTSBURGH, Aug. 11, 2016 /PRNewswire/ -- Carnegie Mellon University's Software Engineering Institute (SEI) has released the 2016 edition of the SEI CERT C Coding Standard. The standard provides rules for secure coding in the C programming language to help developers create safe, reliable, and secure systems free from undefined program behaviors and exploitable vulnerabilities. This year, in response to user demand, the SEI has made an updated standard available as a free download from the SEI website.

The 2016 edition of the SEI CERT C Coding Standard reflects two years of research and insight gained since the previously released edition.

"The revised standard updates important guidance on how to use C concurrency, a cornerstone for improved performance on multicore machines, and specific examples showing how applying the rules would avoid vulnerabilities such as Heartbleed. We also updated the rules for easier use by C++ programmers as well as C programmers," said Mark Sherman, technical director, Cybersecurity Foundations, for the SEI's CERT Division.

The 2016 edition addresses user concerns and needs related to cost and accessibility. "We've heard this concern, which is why we're making the standard available as a free download. This new format can be widely shared for use in classes, documentation for tools, professional guides, and other environments. The new format also enables us to produce new editions on a more frequent release cycle," said Robert Schiela, technical manager for the Secure Coding Initiative.

To download the SEI CERT C Coding Standard, visit http://www.cert.org/secure-coding/products-services/secure-coding-download.cfm.

About the Carnegie Mellon University Software Engineering Institute
The Software Engineering Institute (SEI) is a federally funded research and development center sponsored by the U.S. Department of Defense and operated by Carnegie Mellon University. The SEI works with organizations to make measurable improvements in their software engineering capabilities by providing technical leadership to advance the practice of software engineering. For more information, visit the SEI website at http://www.sei.cmu.edu. The CERT Division of the SEI is the world's leading trusted authority dedicated to improving the security and resilience of computer systems and networks and a national asset in the field of cybersecurity. For more information, visit http://www.cert.org.

SOURCE Carnegie Mellon University Software Engineering Institute

Related Links

http://www.sei.cmu.edu