Module duration: 4 hours
Writing secure code in C language requires the developers to set up quality control processes, which can be implemented through static analysis tools. These tools are used to check that the implementation is in line with standard rules. In this module, the SEI CERT rules and their motivations are analysed. We also propose an introduction to Rust, a memory safe language, which aims to improve the analysis of code security.
The goal of this module is to give guidelines on how to develop and write a code in C language that is as secure as possible in the context of the SEI CERT rules. Some notions about RUST are also discussed, with the aim to introduce the participants to this memory safe language.
In this module, the following arguments are presented:
• An introduction about the definition of security vulnerabilities and their evaluations and classifications
• Secure coding in C language: standards and best practices, examples of common errors, compiler flags and tools for the code analysis
• Rust, the memory safe programming language, with some examples of usage
The target of this module are all the software developers that want to write their code in a secure way, when their code is in C language. Moreover, this module will give them a basic knowledge of Rust language.