Podcast
Questions and Answers
What is one of the main objectives of coding standards for secure coding?
What is one of the main objectives of coding standards for secure coding?
- To reduce the need for comments in code
- To identify and describe secure coding implementation (correct)
- To increase the complexity of code
- To make programming languages obsolete
Which of the following is NOT listed as a strategy for writing Clean Code?
Which of the following is NOT listed as a strategy for writing Clean Code?
- Writing code only for the computer's execution (correct)
- Focusing on precise solutions
- Ensuring readability and maintainability
- Paying attention to design issues
What is the primary goal of the SEI CERT Coding Standards?
What is the primary goal of the SEI CERT Coding Standards?
- To create a uniform approach to software sales
- To promote the use of proprietary programming languages
- To eliminate the need for coding best practices
- To support the development of coding standards for various programming languages (correct)
Which programming languages are included in the SEI CERT Coding Standards?
Which programming languages are included in the SEI CERT Coding Standards?
According to the content, what is emphasized about programming languages and coding?
According to the content, what is emphasized about programming languages and coding?
Which of the following coding standards is focused on ensuring secure coding practices?
Which of the following coding standards is focused on ensuring secure coding practices?
What do the C++ Core Guidelines emphasize?
What do the C++ Core Guidelines emphasize?
Which of the following practices is recommended for coding standards compliance?
Which of the following practices is recommended for coding standards compliance?
Which resource provides guidance on writing Clean Code across different programming languages?
Which resource provides guidance on writing Clean Code across different programming languages?
What is considered an essential trait of a good programmer?
What is considered an essential trait of a good programmer?
What is the primary purpose of coding standards in C++?
What is the primary purpose of coding standards in C++?
Which guideline specifically addresses how comments should be written?
Which guideline specifically addresses how comments should be written?
What is a key recommendation regarding naming conventions in C++ according to the core guidelines?
What is a key recommendation regarding naming conventions in C++ according to the core guidelines?
What is one of the major risks associated with coding errors according to Microsoft Code Security?
What is one of the major risks associated with coding errors according to Microsoft Code Security?
When should local variables be declared according to C++ guidelines?
When should local variables be declared according to C++ guidelines?
Which of the following is NOT a recommendation in the C++ Core Guidelines?
Which of the following is NOT a recommendation in the C++ Core Guidelines?
What is the main focus of the MISRA guidelines?
What is the main focus of the MISRA guidelines?
Why should developers avoid placing two statements on the same line?
Why should developers avoid placing two statements on the same line?
What is an acceptable practice according to the C++ guidelines for naming identifiers?
What is an acceptable practice according to the C++ guidelines for naming identifiers?
What aspect of coding standards is emphasized to prevent security vulnerabilities?
What aspect of coding standards is emphasized to prevent security vulnerabilities?
Flashcards
Coding Standards
Coding Standards
Rules and guidelines for writing code, ensuring quality, security, and consistency.
C++ Coding Standards
C++ Coding Standards
Specific rules for using C++ in different contexts.
MISRA C++
MISRA C++
Best practice guidelines for safe and secure C++ development.
Google C++ Style Guide
Google C++ Style Guide
Signup and view all the flashcards
Avoid global variables
Avoid global variables
Signup and view all the flashcards
Clear comments
Clear comments
Signup and view all the flashcards
Consistent naming style
Consistent naming style
Signup and view all the flashcards
User Input Security
User Input Security
Signup and view all the flashcards
Static Code Analysis
Static Code Analysis
Signup and view all the flashcards
Security Vulnerabilities
Security Vulnerabilities
Signup and view all the flashcards
Secure Coding Implementation
Secure Coding Implementation
Signup and view all the flashcards
SEI CERT Coding Standards
SEI CERT Coding Standards
Signup and view all the flashcards
Clean Code Strategies
Clean Code Strategies
Signup and view all the flashcards
Coding Standards for Quality
Coding Standards for Quality
Signup and view all the flashcards
Naming Conventions
Naming Conventions
Signup and view all the flashcards
MISRA
MISRA
Signup and view all the flashcards
Microsoft Secure Coding
Microsoft Secure Coding
Signup and view all the flashcards
Clean Code Practices
Clean Code Practices
Signup and view all the flashcards
Study Notes
CSC 1029 Coding Standards
- Course covering coding standards for secure coding implementation
- Objectives include identifying and describing secure coding, outlining coding standards and rules, and applying secure coding principles based on industry standards
- Week 7 agenda includes: review, clean code, SEI CERT coding standards, quality and compliance coding standards, C++ core guidelines, coding conventions, MISRA, Google C++ style guide, Microsoft secure coding, todo list and resources for help
Good Programming Practices
- Programs are meant to be read by humans and only incidentally by computers to execute.
- Key attributes of good programmers include persistence, attention to design, problem-solving and precise solutions/
- Qualities like patience, precision and design thinking are emphasized
Review
- Complete the 1.8 Matching exercise
Clean Code Strategies
- Strategies for writing clean code with links to relevant YouTube videos to aid in learning coding
SEI CERT Coding Standards
- The Software Engineering Institute's (SEI) CERT Coding Standards provide coding practices for commonly used programming languages like C, C++, Java, and Perl, including the Android platform.
- These standards are developed through community and software security efforts
- Guidelines for secure coding in C/C++, Java, Perl and Android are covered
Coding Standards for Quality and Compliance
- This section links to an article providing coding rules guidelines, importance of coding standards, key C++ coding standards, and static code analysis to enforce these standards
C++ Core Guidelines
- Coding standards are needed for specific purposes and environments in C++
- Specific questions regarding naming conventions like namespace std, local variable declarations, and global variable usage are discussed
- Guidelines for commenting and naming conventions are covered
C++ Core Guidelines: Comments & Naming
- Guidelines for comments and naming variables include specific examples and rules around avoiding obvious comments that repeat code statements and naming conventions for consistency and clarity
MISRA
- MISRA provides best practice guidelines for safe and secure embedded control systems and standalone software, with particular relevance in critical applications.
- MISRA C++ was initially published in 2008
Google C++ Style Guide
- The style guide is available as a file that needs to be read through for guidelines
Microsoft Code Security
- Security vulnerabilities often result from incorrect assumptions about user input or a lack of understanding of the development platform.
Earn Your Pre-work Grade
- Post weekly discussion questions and research solutions in D2L.
- Complete Week 07 Content Module in D2L to 100%
Questions, Clarifications, and Help
- Students can get help via appointment, drop-in times, email, and online tutoring resources.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.