LDRA (Monks Ferry, Wirral, UK) has released the TBsecure plug-in complete with the Carnegie Mellon Software Engineering Institute (SEI) CERT C secure coding standard. TBsecure identifies security vulnerabilities and enables implementation of the CERT C Secure Coding Standard version 1.0. LDRA's TBsecure plugs into TBvision, a module within the LDRA tool suite that enables developers to easily see how the source code performs against security vulnerabilities, fault-detection, and adherence to the required quality standards. As its primary role, TBsecure applies the CERT C secure coding rules and relays findings to TBvision, which graphically shows code quality, fault detection, and avoidance measures through call graphs, flow graphs, and code review reports.
The CERT C Secure Coding Standard provides rules and recommendations for secure coding in the C programming language, in order to eliminate insecure coding practices and undefined behaviors that lead to exploitable vulnerabilities. The application of the secure coding standard leads to higher quality systems that are robust and more resistant to attack. Rules and recommendations included in this CERT C Programming Language Secure Coding Standard are designed to be operating system and platform independent. Once established, these standards can be used as a metric to evaluate source code using an automated process.
For Free Info Click Here.