The SEI CERT secure coding standard is a great choice for securing your code, especially if your application is embedded or safety-critical. In this post, I discuss how to use static analysis to implement this standard for security by design.
The proliferation of embedded software and IoT devices is increasing the risks of security attacks on a daily basis. In my IoT hall-of-shame, I see regular attacks against everything from water treatment plants to cars to children’s toys. As “things” get more advanced and connect to the Internet, they promise new capabilities and functionality, but they also increase our chances for a bad actor to penetrate our systems and even our home lives.