[Abrahams 2010] Abrahams, David. Error and Exception Handling, #7. Boost Library. 2010. [Banahan 2003] Banahan, Mike.  The C Book . 2003.[Barney 2010] Barney, Blaise. POSIX Threads Programming. Lawrence Livermore National Security, LLC. 2010.[Becker 2008] Becker, Pete. Working Draft, Standard for Programming Language C++. April 2008.[Becker 2009] Becker, Pete Working Draft, Standard for Programming Language C++. September 2009.[Black 2007] Black, Paul E.; Kass, Michael; & Koo, Michael. Source Code Security Analysis Tool Functional Specification Version 1.0. Special Publication 500-268. Information Technology Laboratory (ITL). May 2007.[Cline 2009] Cline, Marshall. C++ FAQ Lite—Frequently Asked Questions. 1991-2009.| Anchor | 
|---|
| |  | codesourcery 2016a | 
|---|
 |  | codesourcery 2016a | 
|---|
 | 
[CodeSourcery 2016a] CodeSourcery, Compaq, EDG, HP, IBM, Intel, Red Hat, SGI, et al. Itanium C++ ABI. December 2016 [accessed].| Anchor | 
|---|
| |  | codesourcery2016b | 
|---|
 |  | codesourcery2016b | 
|---|
 | 
[CodeSourcery 2016b] CodeSourcery, Compaq, EDG, HP, IBM, Intel, Red Hat, SGI, et al. Itanium C++ ABI (Revision: 1,86). December 2016 [accessed].[Coverity 2007] Coverity. Coverity Prevent User's Manual (3.3.0). 2007. [CWE] MITRE. Common Weakness Enumeration – A Community-Developed Dictionary of Software Weakness Types.[Dewhurst 2002] Dewhurst, Stephen C. C++ Gotchas: Avoiding Common Problems in Coding and Design. Addison-Wesley Professional. 2002.[Dewhurst 2005] Dewhurst, Stephen C. C++ Common Knowledge: Essential Intermediate Programming. Addison-Wesley Professional. 2005.[DISA 2015] DISA. Application Security and Development Security Technical Implementation Guide, Version 3, Release 10. Accessed April 2015.[DISA 2016] DISA. Application Security and Development Security Technical Implementation Guide, Version 4, Release 1. Accessed January 2017.[DISA 2018] DISA. Application Security and Development Security Technical Implementation Guide, Version 4, Release 8. Accessed January 2019.[Dowd 2006] Dowd, Mark; McDonald, John; & Schuh, Justin. Attacking delete and delete[] in C++. In The Art of Software Security Assessment. Addison-Wesley Professional. 2006.[Fortify 2006] Fortify Software Inc. Fortify Taxonomy: Software Security Errors. 2006.[FSF 2005] Free Software Foundation. GCC Online Documentation. 2005.[Gamma 1994] Gamma, Erich; Helm, Richard; Johnson, Ralph, & Vlissides, John. Design Patterns Elements of Reusable Object Oriented Software. Addison-Wesley Professional. 1994.[GNU 2016] gnu.org. GCC, the GNU Compiler Collection: Declaring Attributes of Functions. December 2016 [accessed].[Goldberg 1991] Goldberg, David. What Every Computer Scientist Should Know About Floating-Point Arithmetic. Sun Microsystems. March 1991.[Graff 2003] Graff, Mark G. & Van Wyk, Kenneth R. Secure Coding: Principles and Practices. O'Reilly. 2003. ISBN 0596002424.[Henricson 1997] Henricson, Mats & Nyquist, Erik. Industrial Strength C++. Prentice Hall PTR. 1997. ISBN 0-13-120965-5.[Hinnant 2005] Hinnant, Howard. RValue Reference Recommendations for Chapter 20. N1856=05-0116. August 2005.[Hinnant 2015] Hinnant, Howard. Reply to "std::exception Why what() is returning a const char* and not a string?" ISO C++ Standard—Discussion. June 2015.| Anchor | 
|---|
| |  | IEC 60812 2006 | 
|---|
 |  | IEC 60812 2006 | 
|---|
 | 
[IEC 60812 2006] Analysis techniques for system reliability - Procedure for failure mode and effects analysis (FMEA), 2nd ed. IEC 60812. IEC. January 2006.| Anchor | 
|---|
| |  | IEEE Std 610.12 1990 | 
|---|
 |  | IEEE Std 610.12 1990 | 
|---|
 | 
[IEEE Std 610.12 1990] IEEE.  IEEE Standard Glossary of Software Engineering Terminology. 1990.| Anchor | 
|---|
| |  | IEEE Std 1003.1-2013 | 
|---|
 |  | IEEE Std 1003.1-2013 | 
|---|
 | 
[IEEE Std 1003.1:2013] IEEE & The Open Group. Standard for Information Technology—Portable Operating System Interface (POSIX). Base Specifications. Issue 7. 2013.[INCITS 2012] INCITS Document number N3396= 12-0096. Dynamic memory allocation for over-aligned data. 2012. [INCITS 2014] INCITS PL22.16 & ISO WG21 C++ Standards Committee, Library Working Group (LWG). C++ Standard Library Active Issues List (Revision R88). N3967. 2014.
[INCITS 2020] INCITS PL22.16 & ISO WG21 C++ Standards Committee, Library Working Group (LWG). C++ Standard Library Active Issues List (Revision R88). N4860. 2020.
| Anchor | 
|---|
| |  | Internet Society 00 | 
|---|
 |  | Internet Society 00 | 
|---|
 | 
[Internet Society 2000] The Internet Society. Internet Security Glossary (RFC 2828). 2000.
| Anchor | 
|---|
| |  | ISO/IEC 9899-1999 | 
|---|
 |  | ISO/IEC 9899-1999 | 
|---|
 | 
| Anchor | 
|---|
| |  | ISO-IEC 9899-1999 | 
|---|
 |  | ISO-IEC 9899-1999 | 
|---|
 | 
[ISO/IEC 9899-1999] ISO/IEC 9899-1999. Programming Languages — C, Second Edition. 1999.| Anchor | 
|---|
| |  | ISO/IEC 9899-2011 | 
|---|
 |  | ISO/IEC 9899-2011 | 
|---|
 | 
| Anchor | 
|---|
| |  | ISO-IEC 9899-2011 | 
|---|
 |  | ISO-IEC 9899-2011 | 
|---|
 | 
[ISO/IEC 9899:2011] ISO/IEC. Programming Languages—C, 3rd ed. ISO/IEC 9899:2011. 2011.| Anchor | 
|---|
| |  | ISO/IEC14882-1998 | 
|---|
 |  | ISO/IEC14882-1998 | 
|---|
 | 
[ISO/IEC 14882-1998] ISO/IEC 14882-1998. Programming Languages — C++, First Edition. 1998.| Anchor | 
|---|
| |  | ISO/IEC14882-2003 | 
|---|
 |  | ISO/IEC14882-2003 | 
|---|
 | 
[ISO/IEC 14882-2003] ISO/IEC 14882-2003. Programming Languages — C++, Second Edition. 2003.| Anchor | 
|---|
| |  | ISO/IEC14882-2011 | 
|---|
 |  | ISO/IEC14882-2011 | 
|---|
 | 
[ISO/IEC 14882-2011] ISO/IEC 14882-2011. Programming Languages — C++, Third Edition. 2011.| Anchor | 
|---|
| |  | ISO/IEC14882-2014 | 
|---|
 |  | ISO/IEC14882-2014 | 
|---|
 | 
[ISO/IEC 14882-2014] ISO/IEC 14882-2014. Programming Languages — C++, Fourth Edition. 2014.| Anchor | 
|---|
| |  | ISO/IEC N3000 | 
|---|
 |  | ISO/IEC N3000 | 
|---|
 | 
[ISO/IEC N3000 2009] Working Draft, Standard for Programming Language C++. November 2009.| Anchor | 
|---|
| |  | ISO/IEC TR 24772-2013 | 
|---|
 |  | ISO/IEC TR 24772-2013 | 
|---|
 | 
[ISO/IEC TR 24772:2013] ISO/IEC. Information Technology—Programming Languages—Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use. TR 24772-2013. ISO. March 2013.| Anchor | 
|---|
| |  | ISO/IEC TS 17961 | 
|---|
 |  | ISO/IEC TS 17961 | 
|---|
 | 
| Anchor | 
|---|
| |  | ISO-IEC TS 17961 | 
|---|
 |  | ISO-IEC TS 17961 | 
|---|
 | 
| Anchor | 
|---|
| |  | ISO/IEC TS 17961-2013 | 
|---|
 |  | ISO/IEC TS 17961-2013 | 
|---|
 | 
[ISO/IEC TS 17961:2012] ISO/IEC TS 17961. Information Technology—Programming Languages, Their Environments and System Software Interfaces—C Secure Coding Rules. ISO. 2012.
[Jack 2007] Jack, Barnaby. Vector Rewrite Attack. Juniper Networks. May 2007.[Kalev 1999] Kalev, Danny. ANSI/ISO C++ Professional Programmer's Handbook. Que. Corporation. 1999[Lea 2000] Lea, Doug. Concurrent Programming in Java, 2nd Edition. Addison-Wesley Professional. 2000.[Lions 1996] Lions, J. L. ARIANE 5 Flight 501 Failure Report. European Space Agency (ESA) & National Center for Space Study (CNES). July 1996.
[Lions 1996] Lions, J. L. ARIANE 5 Flight 501 Failure Report. European Space Agency (ESA) & National Center for Space Study (CNES). July 1996.| Anchor | 
|---|
| |  | Lockheed Martin 05 | 
|---|
 |  | Lockheed Martin 05 | 
|---|
 | 
[Lockheed Martin 2005] Lockheed Martin. Joint Strike Fighter Air Vehicle C++ Coding Standards for the System Development and Demonstration Program. Document Number 2RDU00001, Rev C. December 2005.[Meyers 1996] Meyers, Scott. More Effective C++: 35 New Ways to Improve Your Programs and Designs. Addison-Wesley. 1996.[Meyers 2001] Meyers, Scott. Effective STL: 50 Specific Ways to Improve Your Use of the Standard Template Library. Addison-Wesley Professional. 2001.[Meyers 2005] Meyers, Scott. Effective C++: 55 Specific Ways to Improve Your Programs and Designs (3rd Edition). Addison-Wesley Professional. 2005.[Meyers 2014] Meyers, Scott. Reply to The Drawbacks of Implementing Move Assignment in Terms of Swap [blog post]. The View from Aristeia: Scott Meyers' Professional Activities and Interests. 2014.[Microsoft 2010] STL std::string class causes crashes and memory corruption on multi-processor machines. 2010.[MISRA 2004] MIRA Limited. MISRA C: 2004 Guidelines for the Use of the C Language in Critical Systems. MIRA Limited. ISBN 095241564X. October 2004.[MISRA 2008] MISRA Limited. MISRA C++ 2008 Guidelines for the Use of the C++ Language in Critical Systems. ISBN 978-906400-03-3 (paperback);  ISBN 978-906400-04-0 (PDF). June 2008.[MITRE 2007] MITRE. Common Weakness Enumeration, Draft 9. April 2008.[MITRE 2008a] MITRE. CWE ID 327. Use of a Broken or Risky Cryptographic Algorithm. 2008.[MITRE 2008b] MITRE. CWE ID 330. Use of Insufficiently Random Values. 2008.[MITRE] MITRE. Common Weakness Enumeration, Version 1.8. February 2010.[MSDN 2010] Microsoft Developer Network. CryptGenRandom Function. December 2016 [accessed].[MDSN 2016] Microsoft Developer Network. nothrow (C++). December 2016 [accessed].[NIST 2006] NIST.  SAMATE Reference Dataset. 2006.| Anchor | 
|---|
| |  | IEEE Std 1003.1-2013 | 
|---|
 |  | IEEE Std 1003.1-2013 | 
|---|
 | 
| Anchor | 
|---|
| |  | ISO/IEC 9945:2013 | 
|---|
 |  | ISO/IEC 9945:2013 | 
|---|
 | 
| Anchor | 
|---|
| |  | Open Group 13 | 
|---|
 |  | Open Group 13 | 
|---|
 | 
[Open Group 2013] The Open Group. The Open Group Base Specifications Issue 7, IEEE Std 1003.1, 2013 Edition. 2013.| Anchor | 
|---|
| |  | IEEE Std 1003.1-2008 | 
|---|
 |  | IEEE Std 1003.1-2008 | 
|---|
 | 
| Anchor | 
|---|
| |  | ISO/IEC 9945:2008 | 
|---|
 |  | ISO/IEC 9945:2008 | 
|---|
 | 
| Anchor | 
|---|
| |  | Open Group 08 | 
|---|
 |  | Open Group 08 | 
|---|
 | 
[Open Group 2008] The Open Group.  The Open Group Base Specifications Issue 7, IEEE Std 1003.1, 2008 Edition. 2008.| Anchor | 
|---|
| |  | IEEE Std 1003.1-2004 | 
|---|
 |  | IEEE Std 1003.1-2004 | 
|---|
 | 
| Anchor | 
|---|
| |  | ISO/IEC 9945:2003 | 
|---|
 |  | ISO/IEC 9945:2003 | 
|---|
 | 
| Anchor | 
|---|
| |  | Open Group 04 | 
|---|
 |  | Open Group 04 | 
|---|
 | 
[Open Group 2004] The Open Group.  The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition. 2004.[Plum 1991] Plum, Thomas. C++ Programming. Plum Hall, Inc. November 1991. ISBN 0911537104.[Quinlan 2006] Quinlan, Dan; Vuduc, Richard; Panas, Thomas; Härdtlein, Jochen; & Sæbjørnsen, Andreas. Support for Whole-Program Analysis and the Verification of the One-Definition Rule in C++. 27-35. Page 500-262. In Proceedings of the Static Analysis Summit. July 2006.[Rohlf 2009] Rohlf, Chris.  Fun with erase (). 2009.[Saks 1999] Saks, Dan.  const T vs.T const. Embedded Systems Programming. February 1999. Pages 13-16.[Saks 2007] Saks, Dan. Sequence Points. Embedded Systems Design. 2007.[Seacord 2005] Seacord, Robert C. Secure Coding in C and C++. Addison-Wesley. 2005. ISBN 0321335724.[Seacord 2013] Seacord, Robert C. Secure Coding in C and C++, Second Edition. Addison-Wesley. 2013.[Sebor 2004] Sebor, Martin. C++ Standard Core Language Active Issues, Revision 68. 2010.[SGI 2006] Silicon Graphics, Inc. basic_string<charT, traits, Alloc>. Standard Template Library Programmer's Guide. 2006.[Steele 1977] Steele, G. L. Arithmetic shifting considered harmful. SIGPLAN Notices. Volume 12. Issue 11. November 1977. Pages 61-69.| Anchor | 
|---|
| |  | Stroustrup 97 | 
|---|
 |  | Stroustrup 97 | 
|---|
 | 
[Stroustrup 1997] Stroustrup, Bjarne. The C++ Programming Language, Third Edition. Addison-Wesley. 1997. ISBN  978-0201700732.| Anchor | 
|---|
| |  | Stroustrup 06 | 
|---|
 |  | Stroustrup 06 | 
|---|
 | 
[Stroustrup 2006] Stroustrup, Bjarne.  C++ Style and Technique FAQ. 2006. December 2016 [accessed].| Anchor | 
|---|
| |  | Stroustrup 01 | 
|---|
 |  | Stroustrup 01 | 
|---|
 | 
[Stroustrup 2001] Stroustrup, Bjarne. Exception Safety: Concepts and Techniques. AT&T Labs. 2001.[Sun 1993] Sun Security Bulletin #00122. 1993.[Sutter 2000] Sutter, Herb. Exceptional C++: 47 Engineering Puzzles, Programming Problems, and Solutions. Addison-Wesley Professional. 2000. ISBN 0201615622.[Sutter 2001] Sutter, Herb. More Exceptional C++: 40 New Engineering Puzzles, Programming Problems, and Solutions. Addison-Wesley Professional. 2001. ISBN 020170434.[Sutter 2004] Sutter, Herb & Alexandrescu, Andrei. C++ Coding Standards: 101 Rules, Guidelines, and Best Practices. Addison-Wesley Professional. 2004. ISBN 0321113586.| Anchor | 
|---|
| |  | van Sprundel06 | 
|---|
 |  | van Sprundel06 | 
|---|
 | 
[van Sprundel 2006] van Sprundel, Ilja. Unusual bugs. 2006.[Viega 2003] Viega, John & Messier, Matt. Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More. O'Reilly. 2003. ISBN 0-596-00394-3. [Viega 2005] Viega, John. CLASP Reference Guide, Volume 1.1. Secure Software. 2005.[VU#159523] Giobbi, Ryan. Vulnerability Note VU#159523. Adobe Flash Player integer overflow vulnerability. April 2008. [VU#162289] Dougherty, Chad. Vulnerability Note VU#162289. GCC Silently Discards Some Wraparound Checks. April 2008.[VU#623332] Mead, Robert. Vulnerability Note VU#623332. MIT Kerberos 5 contains double free vulnerability in "krb5_recvauth()" function. July 2005. [VU#925211] Weimer, Florian. Vulnerability Note VU#925211. Debian and Ubuntu OpenSSL packages contain a predictable random number generator. May 2008.[Warren 2002] Warren, Henry S. Hacker's Delight. Addison Wesley Professional. 2002. ISBN 0201914654.[Williams 2010a] Williams, Anthony. Thread. Boost Library. 2010.[Williams 2010b] Williams, Anthony. Simpler Multithreading in C++0x. Internet.com. 2010.[xorl 2009] xorl. xorl %eax, %eax. December 2016 [accessed| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="de59125c-2571-4906-a37f-a9beb425e620"><ac:parameter ac:name="">Abrahams 10</ac:parameter></ac:structured-macro>\[Abrahams 2010\] Abrahams, David. [Boost Library Error Handling Guidelines, #7|http://www.boost.org/community/error_handling.html], 2001-2003. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f46536bc-d260-40ea-a961-07c0867b4d6f"><ac:parameter ac:name="">Barney 10</ac:parameter></ac:structured-macro>\[Barney 2010\] Barney, Blaise. [POSIX Threads Programming|https://computing.llnl.gov/tutorials/pthreads/], Lawrence Livermore National Security, LLC, 2010. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2cb95dbf-e3d1-4203-880a-4b8af38dc1f2"><ac:parameter ac:name="">Becker 08</ac:parameter></ac:structured-macro>\[Becker 2008\] Becker, Pete. [Working Draft, Standard for Programming Language C+\+|http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2008/n2521.pdf], April 2008. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4eb86f98-d5b2-44ae-a045-e37e2961d4b8"><ac:parameter ac:name="">Becker 09</ac:parameter></ac:structured-macro>\[Becker 2009\] Becker, Pete [Working Draft, Standard for Programming Language C+\+|http://www.open-std.org/JTC1/SC22/WG21/docs/papers/2009/n3000.pdf], September 2009. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b3a62959-8845-429d-a5a7-088937d3e7f6"><ac:parameter ac:name="">Black 07</ac:parameter></ac:structured-macro>\[Black 2007\] Paul E. Black, Michael Kass, Michael Koo. Source Code Security Analysis Tool Functional Specification Version 1.0. Special Publication 500-268. Information Technology Laboratory (ITL), Software Diagnostics and Conformance Testing Division, May 2007. [http://samate.nist.gov/docs/source_code_security_analysis_spec_SP500-268.pdf] | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ac477c54-1f39-4747-bd23-c17c33f66fbf"><ac:parameter ac:name="">Cline 09</ac:parameter></ac:structured-macro>\[Cline 2009\] Cline, Marshall. [C+\+ FAQ Lite - Frequently Asked Questions|http://www.parashift.com/c++-faq-lite/index.html] 1991-2009 | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cf7fe9f4-ae83-4693-82ab-555de382c05c"><ac:parameter ac:name="">CWE</ac:parameter></ac:structured-macro> \[CWE\] MITRE. [Common Weakness Enumeration|http://cwe.mitre.org/] -- A Community-Developed Dictionary of Software Weakness Types. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="552f616e-c6a9-4df2-a576-24f7da75ac36"><ac:parameter ac:name="">Dewhurst 03</ac:parameter></ac:structured-macro>\[Dewhurst 2003\] Dewhurst, Stephen C. _C+\+ Gotchas: Avoiding Common Problems in Coding and Design_. Boston, MA: Addison-Wesley Professional, 2002. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="06027dfc-9601-4460-b598-f54b1c37d199"><ac:parameter ac:name="">Dewhurst 05</ac:parameter></ac:structured-macro>\[Dewhurst 2005\] Dewhurst, Stephen C. _C+\+ Common Knowledge:  Essential Intermediate Programming_. Boston, MA: Addison-Wesley Professional, 2005. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7df62c18-2418-4997-86b7-5e7569035394"><ac:parameter ac:name="">Dowd 07</ac:parameter></ac:structured-macro>\[Dowd 2007\] Dowd, McDonald & Schuh. [The Art of Software Security Assessment - Attacking delete and delete\[\] in C+\+|http://taossa.com/index.php/2007/01/03/attacking-delete-and-delete-in-c]. (2007) | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3c3c334e-0878-48a7-bdca-9b2c3a8f0a87"><ac:parameter ac:name="">Fortify 06</ac:parameter></ac:structured-macro>\[Fortify 06\] Fortify Software Inc. [Fortify Taxonomy: Software Security Errors|http://www.fortifysoftware.com/vulncat/], 2006. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f34933a3-9ec0-4e85-ba4a-bdaa30e167ed"><ac:parameter ac:name="">FSF 05</ac:parameter></ac:structured-macro>\[FSF 2005\] Free Software Foundation. [GCC online documentation.|http://gcc.gnu.org/onlinedocs] (2005). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="90736c28-9312-42a7-8554-cee0599211f4"><ac:parameter ac:name="">Gamma 95</ac:parameter></ac:structured-macro>\[Gamma 1995\] Gamma, Helm, Vlissides, and Johnson. Design Patterns Elements of Reusable Object Oriented Software. Addison Wesley, 1995. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5e100eeb-a538-4850-af93-5cf82552c7c6"><ac:parameter ac:name="">Goldberg 91</ac:parameter></ac:structured-macro>\[Goldberg 1991\] Goldberg, David. [What Every Computer Scientist Should Know About Floating-Point Arithmetic|http://docs.sun.com/source/806-3568/ncg_goldberg.html]. Sun Microsystems, March 1991. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="198aef7b-c560-47df-a523-38696bbd0290"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro>\[Graff 03\] Graff, Mark G. & Van Wyk, Kenneth R. _Secure Coding: Principles and Practices_. Cambridge, MA: O'Reilly, 2003 (ISBN 0596002424). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2105ed61-9365-41f8-a625-153a8ebe32a3"><ac:parameter ac:name="">Henricson 97</ac:parameter></ac:structured-macro>\[Henricson 1997\] Henricson, Mats & Nyquist, Erik. [_Industrial Strength C+\+_|http://www.sannabremo.se/nyquist/industrial/]. Upper Saddle River, NJ: Prentice Hall PTR, 1997 (ISBN 0-13-120965-5). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="acd81683-6c46-4a46-9dd6-655f4b664f3a"><ac:parameter ac:name="">IEC 60812 2006</ac:parameter></ac:structured-macro>\[IEC 60812 2006\] Analysis techniques for system reliability - Procedure for failure mode and effects analysis (FMEA), 2nd ed. (IEC 60812). IEC, January 2006. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4f872ce1-7cdb-44d2-9c46-f253ba9e1bd1"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>\[ISO/IEC 9899-1999\] ISO/IEC 9899-1999. _Programming Languages --- C, Second Edition_, 1999. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="329cd0c8-7b96-464c-a288-689ba5f9b4f4"><ac:parameter ac:name="">ISO/IEC 14882-1998</ac:parameter></ac:structured-macro>\[ISO/IEC 14882-1998\] ISO/IEC 14882-1998. _Programming Languages --- C++, First Edition_, 1998. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1b383b2e-2a50-4992-918c-860ce361d7eb"><ac:parameter ac:name="">ISO/IEC 14882-2003</ac:parameter></ac:structured-macro>\[ISO/IEC 14882-2003\] ISO/IEC 14882-2003. _Programming Languages --- C++, Second Edition_, 2003. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cf4dedb8-e822-4242-86c6-f6aaefbbaf48"><ac:parameter ac:name="">ISO/IEC DTR 24772</ac:parameter></ac:structured-macro>\[ISO/IEC DTR 24772\] ISO/IEC DTR 24772. _Information Technology_ --- _Programming Languages_ --- [_Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use_|http://www.aitcnet.org/isai/_Mtg_13/22-WG23-N-0238/n0238.pdf], November 2009. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9ff23a60-3241-4c5d-8806-9b21b4d00821"><ac:parameter ac:name="">Lions 96</ac:parameter></ac:structured-macro>\[Lions 1996\] Lions, J. L. [ARIANE 5 Flight 501 Failure Report|http://en.wikisource.org/wiki/Ariane_501_Inquiry_Board_report]. Paris, France: European Space Agency (ESA) & National Center for Space Study (CNES) Inquiry Board, July 1996. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f75af754-254e-43b0-a9c4-8e6b82f16ce1"><ac:parameter ac:name="">Lockheed Martin 05</ac:parameter></ac:structured-macro>\[Lockheed Martin 2005\] Lockheed Martin. "[Joint Strike Fighter Air Vehicle C+\+ Coding Standards for the System Development and Demonstration Program.|http://www.research.att.com/~bs/JSF-AV-rules.pdf]" Document Number 2RDU00001 Rev C., December 2005. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="71a94deb-c06a-41c8-9c05-0a39347663db"><ac:parameter ac:name="">Meyers 95</ac:parameter></ac:structured-macro>\[Meyers 1995\] Meyers, Scott. _More Effective C++: 35 New Ways to Improve Your Programs and Designs_. Boston, MA: Addison-Wesley Professional, 1995. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0f40840e-e6ab-4a22-b2d2-3e4c5a05aef5"><ac:parameter ac:name="">Meyers 96</ac:parameter></ac:structured-macro>\[Meyers 1996\] Meyers, Scott. _More Effective C++: 35 New Ways to Improve Your Programs and Designs_. Boston, MA: Addison-Wesley, 1996. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="02ffbfb9-9ad9-4ccf-8ba1-dbd8d9215958"><ac:parameter ac:name="">Meyers 97</ac:parameter></ac:structured-macro>\[Meyers 1997\] Meyers, Scott. _Effective C+\+ : 55 Specific Ways to Improve Your Programs and Designs_, 3rd ed.  Boston, MA: Addison-Wesley Professional, 1997. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="efa129d8-df06-46f0-ac9a-2b7098dba50e"><ac:parameter ac:name="">Meyers 01</ac:parameter></ac:structured-macro>\[Meyers 2001\] Meyers, Scott. _Effective STL: 50 Specific Ways to Improve Your Use of the Standard Template Library_. Boston, MA: Addison-Wesley Professional, 2001. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b57a7758-435e-4133-9ebb-f66dabf372d1"><ac:parameter ac:name="">Meyers 05</ac:parameter></ac:structured-macro>\[Meyers 2005\] Meyers, Scott. _Effective C++: 55 Specific Ways to Improve Your Programs and Designs (3rd Edition)_. Boston, MA: Addison-Wesley Professional, 2005. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f952a742-03b9-472b-8e13-63fc7b2d0581"><ac:parameter ac:name="">Microsoft 10</ac:parameter></ac:structured-macro>\[Microsoft 2010\] [STL std::string class causes crashes and memory corruption on multi-processor machines|http://support.microsoft.com/kb/813810] | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a8fac353-9cd4-426e-b23d-8656c997a05c"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro>\[MISRA 2004\] MIRA Limited. "[MISRA C|http://www.misra.org.uk/]: 2004 Guidelines for the Use of the C Language in Critical Systems." Warwickshire, UK: MIRA Limited, October 2004 (ISBN 095241564X). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5f80247f-08ba-4f8e-a4ce-f8f43e9a7853"><ac:parameter ac:name="">MISRA 08</ac:parameter></ac:structured-macro>\[MISRA 2008\] MIRA Limited. "[MISRA C+\+|http://www.misra.org.uk/]: 2008 "Guidelines for the Use of the C+\+ Language in Critical Systems", ISBN 978-906400-03-3 (paperback), ISBN 978-906400-04-0 (PDF), June 2008. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d5498711-6194-43d2-86ed-3b381a68e438"><ac:parameter ac:name="">MITRE 07</ac:parameter></ac:structured-macro>\[MITRE 2007\] MITRE. [Common Weakness Enumeration, Draft 9|http://cwe.mitre.org/], April 2008.\\ | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3286f058-6de1-4813-b3ef-c19764a9ad2b"><ac:parameter ac:name="">MITRE 08a</ac:parameter></ac:structured-macro>\[MITRE 2008a\] MITRE. [CWE ID 327|http://cwe.mitre.org/data/definitions/327.html], "Use of a Broken or Risky Cryptographic Algorithm," 2008. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5cce7594-b5cf-4250-bc3d-0137d3979c99"><ac:parameter ac:name="">MITRE 08b</ac:parameter></ac:structured-macro>\[MITRE 2008b\] MITRE. [CWE ID 330|http://cwe.mitre.org/data/definitions/330.html], "Use of Insufficiently Random Values," 2008. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="49bc4e52-7c9f-4099-8493-23eff87cd7a1"><ac:parameter ac:name="">MSDN 10</ac:parameter></ac:structured-macro>\[MSDN 2010\] MSDN. "[CryptGenRandom Function|http://msdn.microsoft.com/en-us/library/aa379942.aspx]." | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="97e4957e-7a14-497a-92e5-c626a82bfccc"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro>\[NIST 2006\] NIST. [_SAMATE Reference Dataset_|http://samate.nist.gov/SRD/] (2006). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="918a87e1-8172-4657-8313-21d6b787e2e6"><ac:parameter ac:name="">POSIX.1-2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="af5e1d0a-0cd6-4180-8331-13e89206b849"><ac:parameter ac:name="">IEEE Std 1003.1-2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="23b57777-41c8-4e48-959a-15181754bc6d"><ac:parameter ac:name="">ISO/IEC 9945:2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="75c4b30b-ec02-4d7c-9769-3ccdf0b364e4"><ac:parameter ac:name="">Open Group 08</ac:parameter></ac:structured-macro>\[Open Group 2008\] The Open Group. "[_The Open Group Base Specifications Issue 7, IEEE Std 1003.1, 2008 Edition_|http://www.opengroup.org/onlinepubs/9699919799/toc.htm]." (2008). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1f3b2bf3-3bd0-4e61-a862-55b2712c01d1"><ac:parameter ac:name="">POSIX.1-2004</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="50e6c5f1-cb32-49e1-ac9d-c453f795d1ac"><ac:parameter ac:name="">IEEE Std 1003.1-2004</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="034ea6e4-7bbe-4a0c-b455-1267dd13cb39"><ac:parameter ac:name="">ISO/IEC 9945:2003</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4fd4a596-7bda-4e16-91c7-6d5be96c1769"><ac:parameter ac:name="">Open Group 04</ac:parameter></ac:structured-macro>\[Open Group 2004\] The Open Group. "[_The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition_|http://www.opengroup.org/onlinepubs/009695399/toc.htm]." (2004). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="65e2fd36-17f7-4325-8329-cf725a884de3"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro>\[Plum 1991\] Plum, Thomas. _C+\+ Programming_. Kamuela, HI: Plum Hall, Inc., November 1991 (ISBN 0911537104). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b66cb738-d7db-45de-b019-ca51a05aa3dd"><ac:parameter ac:name="">Quinlan 06</ac:parameter></ac:structured-macro>\[Quinlan 2006\] Quinlan, Dan; Vuduc, Richard; Panas, Thomas; Härdtlein, Jochen; & Sæbjørnsen, Andreas. "Support for Whole-Program Analysis and the Verification of the One-Definition Rule in C++," 27-35. [NIST Special Publication 500-262|http://samate.nist.gov/docs/NIST_Special_Publication_500-262.pdf], _Proceedings of the Static Analysis Summit_. Gaithersburg, MD, July 2006. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8b1177fa-f347-4263-ad07-dd156f304241"><ac:parameter ac:name="">Saks 99</ac:parameter></ac:structured-macro>\[Saks 1999\] Dan Saks. _const T vs.T const_. Embedded Systems Programming. Pg. 13-16. February 1999. [http://www.dansaks.com/articles/1999-02%20const%20T%20vs%20T%20const.pdf] | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f7bef071-a251-49ed-928f-75e20cde0206"><ac:parameter ac:name="">Saks 07</ac:parameter></ac:structured-macro>\[Saks 2007\] Saks, Dan. "[Sequence Points|http://www.embedded.com/columns/programmingpointers/9900661?_requestid=481957]" Embedded Systems Design, 07/01/02. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3f7fce79-e02e-45b7-b764-5376dbe3846a"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro>\[Seacord 2005\] Seacord, R. _Secure Coding in C and C+\+_. Upper Saddle River, NJ: Addison-Wesley, 2006 (ISBN 0321335724). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="839a271d-ed18-41f8-b9e8-396686f73a44"><ac:parameter ac:name="">Sebor 04</ac:parameter></ac:structured-macro>\[Sebor 2004\] Sebor, Martin. [C++ Standard Core Language Active Issues, Revision 68, Issue 475|http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2010/n3026.html#475], 2010. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4629bdbd-ae64-4104-82f9-50cf47773cf8"><ac:parameter ac:name="">SGI 06</ac:parameter></ac:structured-macro>\[SGI 2006\] Silicon Graphics, Inc. "[basic_string<charT, traits, Alloc>|http://www.sgi.com/tech/stl/basic_string.html]." _Standard Template Library Programmer's Guide_, 2006. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="068530c8-0c38-4b33-b7a7-16798d30faf6"><ac:parameter ac:name="">Steele 77</ac:parameter></ac:structured-macro>\[Steele 1977\]  Steele, G. L. 1977. [Arithmetic shifting considered harmful.|http://doi.acm.org/10.1145/956641.956647] _SIGPLAN Not._ 12, 11 (Nov. 1977), 61-69. | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ae628a9b-c664-410e-9f3a-2ed44a415c32"><ac:parameter ac:name="">Stroustrup 97</ac:parameter></ac:structured-macro>\[Stroustrup 1997\] Stroustrup, Bjarne. _The C+\+ Programming Language, Third Edition_. Reading, MA: Addison-Wesley, 1997 (ISBN 0201889544). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="18982486-7297-42cb-a584-ed2816f29f7e"><ac:parameter ac:name="">Stroustrup 06</ac:parameter></ac:structured-macro>\[Stroustrup 2006\] Stroustrup, Bjarne. [_C+\+ Style and Technique FAQ_|http://public.research.att.com/~bs/bs_faq2.html] (2006). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a29b4c08-0e3d-4a7a-88a1-fe97efb06a81"><ac:parameter ac:name="">Stroustrup 01</ac:parameter></ac:structured-macro>\[Stroustrup 2001\] Stroustrup, Bjarne. [Exception Safety: Concepts and Techniques|http://www.research.att.com/~bs/except.pdf] (2001). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="db6ac1bb-1ff8-4626-b218-0c4c9f3b1b1a"><ac:parameter ac:name="">Sutter 00</ac:parameter></ac:structured-macro>\[Sutter 2000\] Sutter, Herb. _Exceptional C++: 47 Engineering Puzzles, Programming Problems, and Solutions_. Addison-Wesley Professional, 2000 (ISBN 0201615622). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="95e7f717-a92c-4e5f-ab35-fd839a5db30b"><ac:parameter ac:name="">Sutter 01</ac:parameter></ac:structured-macro>\[Sutter 2001\] Sutter, Herb. _More Exceptional C++: 40 New Engineering Puzzles, Programming Problems, and Solutions_. Addison-Wesley Professional, 2001 (ISBN 020170434). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5919abaa-d08f-4c33-8a14-f12d55c851cd"><ac:parameter ac:name="">Sutter 04</ac:parameter></ac:structured-macro>\[Sutter 2004\] Sutter, Herb & Alexandrescu, Andrei. _C+\+ Coding Standards: 101 Rules, Guidelines, and Best Practices_. Boston, MA: Addison-Wesley Professional, 2004 (ISBN 0321113586). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bc7cd768-1c51-44fd-a91d-77e68e2cbd2c"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro>\[Viega 2003\] Viega, John & Messier, Matt. _Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More_. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="551db10e-5d19-4464-bf7d-24bdd498dd8f"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>\[Warren 2002\] Warren, Henry S. _Hacker's Delight_. Boston, MA: Addison Wesley Professional. 2002 (ISBN 0201914654). | 
| Wiki Markup | 
|---|
| <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7478d453-6cc7-47e2-a5b1-5729c5131f0f"><ac:parameter ac:name="">Williams 10</ac:parameter></ac:structured-macro>\[Williams 2010\] Williams, Anthony. [Simpler Multithreading in C++0x|http://www.devx.com/SpecialReports/Article/38883/1954], Internet.com, 2010. | 
| Wiki Markup | 
|---|
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c791b6ed-4e13-4241-8c09-40f2f9dd0f77"><ac:parameter ac:name=""> xorl 2009</ac:parameter></ac:structured-macro>\[xorl 2009\] xorl. [xorl %eax, %eax|http://xorl.wordpress.com/].