The CERT C, CERT C++, and CERT Java Secure Coding Standards are designed to eliminate insecure coding practices and undefined behaviours that can lead to exploitable vulnerabilities and unreliable applications. The LDRA static analysis secure coding standards tools for CERT C, CERT C++, and CERT Java automate the security software development life cycle.
The LDRA tool suite spans the entire software development life cycle, from requirements traceability and engineering through static and dynamic software analysis, to unit and integration testing. The accuracy, determinism, and formal reporting capabilities of the LDRA tool suite address the assurance requirements for the development of reliable, security-critical software.
See Which Tools Are Right For You? for help choosing your customised tool suite.
CERT C / CERT C++/ CERT Java Secure Coding Standards Tools from LDRA
- LDRA Testbed/TBvision is the core analysis engine of the LDRA tool suite. It performs the static analysis required for coding standards enforcement and lets you view the results against any supported industry coding standards—including CERT C, CERT C++, and CERT Java—to identify the common programming errors behind the majority of software security attacks
- The LDRA TBsecure module graphically depicts security coding standards compliance and memory analysis, and automates compliance documentation
- LDRArules is a cost-effective, stand-alone rules checker independent from the LDRA tool suite that is focused on increasing software quality through coding standards compliance, including CERT C / CERT C++ / CERT Java
LDRA is leading the way in helping critical embedded software developers create secure software, which forms the foundation for secure systems. Watch Dr. Mike Hennell, LDRA’s Technical Director, outline how developers can achieve safe and secure software
*The number of rules are subject to change based on continual development of the standard. Correct at time of publication 11/02/16.
LDRA offers complete transparency on coding standards support
For every coding standard we support, we offer a complete compliance matrix so you can see exactly which rules are implemented within our tools. You can easily compare tool compliance to multiple versions of the standard, and you can assess compliance for multiple standards.