Safety and quality are not features that can be added through testing — they must be integral to the design. Opting for a safer or more secure language or language subset during implementation can eliminate entire categories of vulnerabilities. The Software and Systems Division at the National Institute of Standards and Technology (NIST) published a list of Safer Languages. They highlight the following: SPARK Escher C Verifier language Fail-Safe C Safe-Secure C/C++ CERT’s Coding Standards … More

The post Coding practices: The role of secure programming languages appeared first on Help Net Security.