Development of secure code for embedded applications
Module duration: 4 hours
Module overview
Writing secure code in C language requires developers to set up quality control processes, which can be implemented through static analysis tools. These tools check that the implementation is in line with standard rules. In this module, the SEI CERT rules and their motivations are analyzed. We also propose an introduction to Rust, a memory-safe language, which aims to improve the analysis of code security.
Objective of this module
This module's goal is to provide guidelines on how to develop and write code in C language that is as secure as possible in the context of the SEI CERT rules. Some notions about RUST are also discussed, with the aim of introducing the participants to this memory-safe language.
What you will learn:
01.
Introduction to the most relevant SEI CERT rules, one of the most used standards
02.
How to write a code in C language that follows these rules
03.
Countermeasures to avoid vulnerabilities in a code
04.
Basic notions about RUST, compared to C
You will cover:
In this module, the following arguments are presented:
• An introduction to the definition of security vulnerabilities and their evaluations and classifications
• Secure coding in C language: standards and best practices, examples of common errors, compiler flags and tools for the code analysis
• Rust, the memory-safe programming language, with some examples of usage
This module is
intended for:
This module targets software developers who want to write secure code in C language. Moreover, it will give them a basic knowledge of the Rust language.
