Security-oriented program transformations to cure integer overflow vulnerabilities
Proceedings of the 3rd annual conference on Systems, programming, and applications: software for humanity
Improving integer security for systems with KINT
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Interactive support for secure programming education
Proceeding of the 44th ACM technical symposium on Computer science education
Program transformations to fix C integers
Proceedings of the 2013 International Conference on Software Engineering
Sound input filter generation for integer overflow errors
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
Hi-index | 0.00 |
Im an enthusiastic supporter of the CERT Secure Coding Initiative. Programmers have lots of sources of advice on correctness, clarity, maintainability, performance, and even safety. Advice on how specific language features affect security has been missing. The CERT C Secure Coding Standard fills this need.Randy Meyers, Chairman of ANSI CFor years we have relied upon the CERT/CC to publish advisories documenting an endless stream of security problems. Now CERT has embodied the advice of leading technical experts to give programmers and managers the practical guidance needed to avoid those problems in new applications and to help secure legacy systems. Well done!Dr. Thomas Plum, founder of Plum Hall, Inc.Connectivity has sharply increased the need for secure, hacker-safe applications. By combining this CERT standard with other safety guidelines, customers gain all-round protection and approach the goal of zero-defect software.Chris Tapp, Field Applications Engineer, LDRA Ltd.Ive found this standard to be an indispensable collection of expert information on exactly how modern software systems fail in practice. It is the perfect place to start for establishing internal secure coding guidelines. You wont find this information elsewhere, and, when it comes to software security, what you dont know is often exactly what hurts you.John McDonald, coauthor of The Art of Software Security AssessmentSoftware security has major implications for the operations and assets of organizations, as well as for the welfare of individuals. To create secure software, developers must know where the dangers lie. Secure programming in C can be more difficult than even many experienced programmers believe.This book is an essential desktop reference documenting the first official release of The CERT C Secure Coding Standard. The standard itemizes those coding errors that are the root causes of software vulnerabilities in C and prioritizes them by severity, likelihood of exploitation, and remediation costs. Each guideline provides examples of insecure code as well as secure, alternative implementations. If uniformly applied, these guidelines will eliminate the critical coding errors that lead to buffer overflows, format string vulnerabilities, integer overflow, and other common software vulnerabilities.