CERT C Overview

The CERT C Secure Coding Standard provides rules and recommendations for secure coding in the C programming language. The goal of these rules and recommendations is to eliminate insecure coding practices and undefined behaviours that can lead to exploitable vulnerabilities. The application of the secure coding standard will lead to higher-quality systems that are robust and more resistant to attack

Why Secure Coding?

Security is an important parameter that contributes to overall system quality. Easily avoided software defects are a primary cause of commonly exploited software vulnerabilities. CERT (Computer Emergency Response Team) has observed, through an analysis of thousands of vulnerability reports, that most vulnerabilities stem from a relatively small number of common programming errors. By identifying insecure coding practices and developing secure alternatives, software developers can take practical steps to reduce or eliminate vulnerabilities before deployment.

As part of this initiative, the CERT Secure Coding team works with software developers and software development organisations to reduce vulnerabilities resulting from coding errors before they are deployed. In collaboration with the software assurance and C language development communities, CERT developed the CERT C Secure Coding Standard to provide secure coding guidance to developers and suggests secure code must exhibits properties like:

• Dependability: Dependable software executes predictably and operates correctly under all conditions, including hostile conditions, including when the software comes under attack or runs on a malicious host.
• Trustworthiness: Trustworthy software contains few if any vulnerabilities or weaknesses that can be intentionally exploited to subvert or sabotage the software's dependability. In addition, to be considered trustworthy, the software must contain no malicious logic that causes it to behave in a malicious manner.
• Survivability: Survivable software is software that is resilient enough to (1) either resist (i.e., protect itself against) or tolerate (i.e., continue operating dependably in spite of) most known attacks plus as many novel attacks as possible, and (2) recover as quickly as possible, and with as little damage as possible, from those attacks that it can neither resist nor tolerate.

Solution: Integrating Security into the Software Development Lifecycle (SDLC)

"Security enhancement" of the SDLC process mainly involves the adaptation or augmentation of existing SDLC activities, practices, and checkpoints, and in a few instances, it may also entail the addition of new activities, practices, or checkpoints. In very few instances, it may also require the elimination or wholesale replacement of certain activities or practices that are known to obstruct the ability to produce secure software. The key elements of a secure software life cycle process are:

• Security risk identification
• Add security to system requirements
• Add security to architectural design
• Adopt secure coding practices
• Test for security or security testing practices that focus on verifying the dependability, trustworthiness, and sustainability of the software being tested.

Obtaining Further Information

For further information on compliance to CERT C and availability please complete the LDRA reply form or email info@ldra.com.