For questions regarding the SEI CERT secure coding standards. Always use this tag in combination with the tag for specific technology that your question is about: C, C++, Java, Perl or Android.
The SEI CERT secure coding standards where created for the purpose of presenting safe subsets of various different programming languages. This is done by listing a number of design rules for each language, aiming to remove dangerous/insecure practices.
CERT stands for Computer Emergency Response Team, which is the name of the group of experts (CERT/CC) who developed the standards at Carnegie Mellon University.
The CERT standards are available online from the Carnegie Mellon University here:
SEI CERT Coding Standards
The CERT standards are similar to the MISRA guidelines, but CERT has more focus on security and vulnerabilities, wheras MISRA's main concern is program safety. Overall, CERT is regarded as more suitable for hosted systems and MISRA as more suitable for embedded systems, although they have many rules in common. CERT provides a cross-reference to MISRA when applicable.
Tag usage
Always use this tag in combination with the tag for specific technology that your question is about: c, c++, java, perl or android.
Please note the scope of the respective CERT rule set. For example CERT C currently applies to ISO 9899:2011 (scope). In addition to the main language tag, you can also use tags such as c11 for specific versions of the language if it is relevant to your question.
