<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d9ddd974-94cd-41a5-8dca-d0cb96a3d6a2"><ac:parameter ac:name="">Abrahams 10</ac:parameter></ac:structured-macro>[Abrahams 2010] Abrahams, David. Boost Library Error Handling Guidelines, #7
, 2001-2003.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bd37fdf2-eebf-42bd-8e0d-bbd28752cb71"><ac:parameter ac:name="">Barney 10</ac:parameter></ac:structured-macro>[Barney 2010] Barney, Blaise. POSIX Threads Programming, Lawrence Livermore National Security, LLC, 2010.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f3947506-14f2-4238-804f-be4e6b88164e"><ac:parameter ac:name="">Becker 08</ac:parameter></ac:structured-macro>[Becker 2008] Becker, Pete. Working Draft, Standard for Programming Language C++, April 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="44cf7c35-5178-4cc8-9aae-aa30ef4bf0bf"><ac:parameter ac:name="">Becker 09</ac:parameter></ac:structured-macro>[Becker 2009] Becker, Pete Working Draft, Standard for Programming Language C++, September 2009.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e282226e-f5bf-4d78-8ade-8e29921fe091"><ac:parameter ac:name="">Black 07</ac:parameter></ac:structured-macro>[Black 2007] Paul E. Black, Michael Kass, Michael Koo. Source Code Security Analysis Tool Functional Specification Version 1.0. Special Publication 500-268. Information Technology Laboratory (ITL), Software Diagnostics and Conformance Testing Division, May 2007. http://samate.nist.gov/docs/source_code_security_analysis_spec_SP500-268.pdf
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="0de015e4-697e-48ed-a01c-a16731578ce4"><ac:parameter ac:name="">Cline 09</ac:parameter></ac:structured-macro>[Cline 2009] Cline, Marshall. C++ FAQ Lite - Frequently Asked Questions 1991-2009
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9793026f-d2f4-48cc-a7cf-9cc04f54c256"><ac:parameter ac:name="">CWE</ac:parameter></ac:structured-macro> [CWE] MITRE. Common Weakness Enumeration – A Community-Developed Dictionary of Software Weakness Types.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="021d8ad7-14d8-4efd-8087-aa6bc6971f77"><ac:parameter ac:name="">Dewhurst 03</ac:parameter></ac:structured-macro>[Dewhurst 2003] Dewhurst, Stephen C. C++ Gotchas: Avoiding Common Problems in Coding and Design. Boston, MA: Addison-Wesley Professional, 2002.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4f3f22eb-f530-414e-8613-f6a1572a9a53"><ac:parameter ac:name="">Dewhurst 05</ac:parameter></ac:structured-macro>[Dewhurst 2005] Dewhurst, Stephen C. C++ Common Knowledge: Essential Intermediate Programming. Boston, MA: Addison-Wesley Professional, 2005.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5ddf06a6-7c5f-4a1a-aa91-13f590a84d0a"><ac:parameter ac:name="">Dowd 07</ac:parameter></ac:structured-macro>[Dowd 2007] Dowd, McDonald & Schuh. The Art of Software Security Assessment - Attacking delete and delete[] in C++, 2007.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="83e77a28-9ef0-4f4f-bd1f-4dfcc7dade39"><ac:parameter ac:name="">Fortify 06</ac:parameter></ac:structured-macro>[Fortify 2006] Fortify Software Inc. Fortify Taxonomy: Software Security Errors, 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9ef11115-39cb-415d-853e-4662b182039f"><ac:parameter ac:name="">FSF 05</ac:parameter></ac:structured-macro>[FSF 2005] Free Software Foundation. GCC online documentation. (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="52d25c84-2bf9-4f36-bc29-516238e7f991"><ac:parameter ac:name="">Gamma 95</ac:parameter></ac:structured-macro>[Gamma 1995] Gamma, Helm, Vlissides, and Johnson. Design Patterns Elements of Reusable Object Oriented Software. Addison Wesley, 1995.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="64bc4587-8326-4e01-8988-7c7435270405"><ac:parameter ac:name="">Goldberg 91</ac:parameter></ac:structured-macro>[Goldberg 1991] Goldberg, David. What Every Computer Scientist Should Know About Floating-Point Arithmetic. Sun Microsystems, March 1991.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fc03b920-5107-41dc-b720-85850cad83fd"><ac:parameter ac:name="">Graff 03</ac:parameter></ac:structured-macro>[Graff 2003] Graff, Mark G. & Van Wyk, Kenneth R. Secure Coding: Principles and Practices. Cambridge, MA: O'Reilly, 2003 (ISBN 0596002424).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e3dd29ba-4502-4be8-8825-c8ec18c36d28"><ac:parameter ac:name="">Henricson 97</ac:parameter></ac:structured-macro>[Henricson 1997] Henricson, Mats & Nyquist, Erik. Industrial Strength C++. Upper Saddle River, NJ: Prentice Hall PTR, 1997 (ISBN 0-13-120965-5).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ab0f8af2-7686-439f-8e69-d9e73d046992"><ac:parameter ac:name="">IEC 60812 2006</ac:parameter></ac:structured-macro>[IEC 60812 2006] Analysis techniques for system reliability - Procedure for failure mode and effects analysis (FMEA), 2nd ed. (IEC 60812). IEC, January 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8338b11b-2055-439b-98dd-600bd312542c"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>[ISO/IEC 9899-1999] ISO/IEC 9899-1999. Programming Languages — C, Second Edition, 1999.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3c9a2ec7-d7db-4873-823d-a048a2f50862"><ac:parameter ac:name="">ISO/IEC 14882-1998</ac:parameter></ac:structured-macro>[ISO/IEC 14882-1998] ISO/IEC 14882-1998. Programming Languages — C++, First Edition, 1998.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="88bd68e7-2e32-4c05-b66d-133b067a4c44"><ac:parameter ac:name="">ISO/IEC 14882-2003</ac:parameter></ac:structured-macro>[ISO/IEC 14882-2003] ISO/IEC 14882-2003. Programming Languages — C++, Second Edition, 2003.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="14044a0e-d521-4dd7-bb97-7062e7300c8d"><ac:parameter ac:name="">ISO/IEC DTR 24772</ac:parameter></ac:structured-macro>[ISO/IEC DTR 24772] ISO/IEC DTR 24772. Information Technology — Programming Languages — Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use, November 2009.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="38683f8e-dcfa-4edd-87dd-89204c85d036"><ac:parameter ac:name="">Lions 96</ac:parameter></ac:structured-macro>[Lions 1996] Lions, J. L. ARIANE 5 Flight 501 Failure Report. Paris, France: European Space Agency (ESA) & National Center for Space Study (CNES) Inquiry Board, July 1996.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="88ca9c92-7e8a-48f9-81c6-d424efa383bc"><ac:parameter ac:name="">Lockheed Martin 05</ac:parameter></ac:structured-macro>[Lockheed Martin 2005] Lockheed Martin. "Joint Strike Fighter Air Vehicle C++ Coding Standards for the System Development and Demonstration Program." Document Number 2RDU00001 Rev C., December 2005.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2685a49f-96b7-4e90-bd99-c1afe6429f11"><ac:parameter ac:name="">Meyers 95</ac:parameter></ac:structured-macro>[Meyers 1995] Meyers, Scott. More Effective C++: 35 New Ways to Improve Your Programs and Designs. Boston, MA: Addison-Wesley Professional, 1995.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cb932a98-f3ea-4482-827c-2ab6b180f95e"><ac:parameter ac:name="">Meyers 96</ac:parameter></ac:structured-macro>[Meyers 1996] Meyers, Scott. More Effective C++: 35 New Ways to Improve Your Programs and Designs. Boston, MA: Addison-Wesley, 1996.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="aa029af5-e79b-4af4-ba01-a55df0c7fb73"><ac:parameter ac:name="">Meyers 97</ac:parameter></ac:structured-macro>[Meyers 1997] Meyers, Scott. Effective C++ : 55 Specific Ways to Improve Your Programs and Designs, 3rd ed. Boston, MA: Addison-Wesley Professional, 1997.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="77438ff7-7f8d-447e-ad4e-ac8a70bcf724"><ac:parameter ac:name="">Meyers 01</ac:parameter></ac:structured-macro>[Meyers 2001] Meyers, Scott. Effective STL: 50 Specific Ways to Improve Your Use of the Standard Template Library. Boston, MA: Addison-Wesley Professional, 2001.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e5fd158c-b58b-432a-afaa-2c58077fa1ff"><ac:parameter ac:name="">Meyers 05</ac:parameter></ac:structured-macro>[Meyers 2005] Meyers, Scott. Effective C++: 55 Specific Ways to Improve Your Programs and Designs (3rd Edition). Boston, MA: Addison-Wesley Professional, 2005.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1359ae44-3f61-4610-b29f-68250c06e99d"><ac:parameter ac:name="">Microsoft 10</ac:parameter></ac:structured-macro>[Microsoft 2010] STL std::string class causes crashes and memory corruption on multi-processor machines
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1abe5702-29cc-4ae5-abe9-1e5f6144640f"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro>[MISRA 2004] MIRA Limited. "MISRA C: 2004 Guidelines for the Use of the C Language in Critical Systems." Warwickshire, UK: MIRA Limited, October 2004 (ISBN 095241564X).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b4e51dff-ede7-447d-9f6a-af0dcdeea12a"><ac:parameter ac:name="">MISRA 08</ac:parameter></ac:structured-macro>[MISRA 2008] MIRA Limited. "MISRA C++: 2008 "Guidelines for the Use of the C++ Language in Critical Systems", ISBN 978-906400-03-3 (paperback), ISBN 978-906400-04-0 (PDF), June 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="40025ca2-7ac8-4576-89e3-74a09faab98f"><ac:parameter ac:name="">MITRE 07</ac:parameter></ac:structured-macro>[MITRE 2007] MITRE. Common Weakness Enumeration, Draft 9, April 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5499cdbb-7e8a-4357-bf39-9722dc02cda4"><ac:parameter ac:name="">MITRE 08a</ac:parameter></ac:structured-macro>[MITRE 2008a] MITRE. CWE ID 327, "Use of a Broken or Risky Cryptographic Algorithm," 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="eefeebee-47a8-43e0-a7d0-4ecd95895f9c"><ac:parameter ac:name="">MITRE 08b</ac:parameter></ac:structured-macro>[MITRE 2008b] MITRE. CWE ID 330, "Use of Insufficiently Random Values," 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9f78d9bd-1035-4b6c-8d61-577b89f92da4"><ac:parameter ac:name="">MSDN 10</ac:parameter></ac:structured-macro>[MSDN 2010] MSDN. "CryptGenRandom Function."
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3b2a4e8a-9dc4-44b1-bdfd-ff18ff6a59e9"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro>[NIST 2006] NIST. SAMATE Reference Dataset (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6d33416b-6b99-4f41-b193-5be7586da74c"><ac:parameter ac:name="">POSIX.1-2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="323c5667-915f-4951-b309-92389270d3fd"><ac:parameter ac:name="">IEEE Std 1003.1-2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="724791a2-ad06-44e0-adb6-99bae2ff5f11"><ac:parameter ac:name="">ISO/IEC 9945:2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2a19ce45-2327-40ef-be9c-c55df3189fe9"><ac:parameter ac:name="">Open Group 08</ac:parameter></ac:structured-macro>[Open Group 2008] The Open Group. "The Open Group Base Specifications Issue 7, IEEE Std 1003.1, 2008 Edition." (2008).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="16e6eb06-4d09-4ed1-8241-2c29a0a43bf5"><ac:parameter ac:name="">POSIX.1-2004</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4609a876-5d68-4c22-a9f7-1686c017784d"><ac:parameter ac:name="">IEEE Std 1003.1-2004</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9a06c8b3-96bc-4536-b594-604a0e7a0046"><ac:parameter ac:name="">ISO/IEC 9945:2003</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2e62e511-09a2-4994-be0c-5c27c7421b66"><ac:parameter ac:name="">Open Group 04</ac:parameter></ac:structured-macro>[Open Group 2004] The Open Group. "The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition." (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1e230f6e-b0cd-476c-9d41-5fa2520a40c3"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro>[Plum 1991] Plum, Thomas. C++ Programming. Kamuela, HI: Plum Hall, Inc., November 1991 (ISBN 0911537104).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="83cf8452-2e13-4957-be21-2672f39bedf7"><ac:parameter ac:name="">Quinlan 06</ac:parameter></ac:structured-macro>[Quinlan 2006] Quinlan, Dan; Vuduc, Richard; Panas, Thomas; Härdtlein, Jochen; & Sæbjørnsen, Andreas. "Support for Whole-Program Analysis and the Verification of the One-Definition Rule in C++," 27-35. NIST Special Publication 500-262, Proceedings of the Static Analysis Summit. Gaithersburg, MD, July 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="90ee8dd8-3588-430e-a79a-7ce4c280b89b"><ac:parameter ac:name="">Saks 99</ac:parameter></ac:structured-macro>[Saks 1999] Dan Saks. const T vs.T const. Embedded Systems Programming. Pg. 13-16. February 1999. http://www.dansaks.com/articles/1999-02%20const%20T%20vs%20T%20const.pdf
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="52b5d5d4-da15-4bb2-8de6-552f001c78f2"><ac:parameter ac:name="">Saks 07</ac:parameter></ac:structured-macro>[Saks 2007] Saks, Dan. "Sequence Points" Embedded Systems Design, 07/01/02.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d3679ee6-13ee-4a42-a34a-956342a869f9"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro>[Seacord 2005] Seacord, R. Secure Coding in C and C++. Upper Saddle River, NJ: Addison-Wesley, 2006 (ISBN 0321335724).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c1b5d786-2b52-4bb0-adc3-76c9dc08b828"><ac:parameter ac:name="">Sebor 04</ac:parameter></ac:structured-macro>[Sebor 2004] Sebor, Martin. C++ Standard Core Language Active Issues, Revision 68, Issue 475, 2010.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5cd126f6-41cb-420b-b08c-fea49adbcce3"><ac:parameter ac:name="">SGI 06</ac:parameter></ac:structured-macro>[SGI 2006] Silicon Graphics, Inc. "basic_string<charT, traits, Alloc>." Standard Template Library Programmer's Guide, 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2d25b4d7-418b-4b28-b48d-878e284c5c4c"><ac:parameter ac:name="">Steele 77</ac:parameter></ac:structured-macro>[Steele 1977] Steele, G. L. 1977. Arithmetic shifting considered harmful. SIGPLAN Not. 12, 11 (Nov. 1977), 61-69.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5c086fd7-00c5-4452-94a9-6b70e2a7d29f"><ac:parameter ac:name="">Stroustrup 97</ac:parameter></ac:structured-macro>[Stroustrup 1997] Stroustrup, Bjarne. The C++ Programming Language, Third Edition. Reading, MA: Addison-Wesley, 1997 (ISBN 0201889544).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f58fd31f-a14f-4d2f-b727-07bc659c1a27"><ac:parameter ac:name="">Stroustrup 06</ac:parameter></ac:structured-macro>[Stroustrup 2006] Stroustrup, Bjarne. C++ Style and Technique FAQ (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="683d2cb2-40f9-436b-ba1a-29b87112d421"><ac:parameter ac:name="">Stroustrup 01</ac:parameter></ac:structured-macro>[Stroustrup 2001] Stroustrup, Bjarne. Exception Safety: Concepts and Techniques (2001).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bb15dd42-1254-4e9d-b1a9-e4a4033b8ee7"><ac:parameter ac:name="">Sun 93</ac:parameter></ac:structured-macro>[Sun 1993] Sun Security Bulletin #00122, 1993.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b8c328a9-8188-4dd7-ad12-1c511e877be9"><ac:parameter ac:name="">Sutter 00</ac:parameter></ac:structured-macro>[Sutter 2000] Sutter, Herb. Exceptional C++: 47 Engineering Puzzles, Programming Problems, and Solutions. Addison-Wesley Professional, 2000 (ISBN 0201615622).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f2fa27ac-83ab-427e-8678-5a127167f3ff"><ac:parameter ac:name="">Sutter 01</ac:parameter></ac:structured-macro>[Sutter 2001] Sutter, Herb. More Exceptional C++: 40 New Engineering Puzzles, Programming Problems, and Solutions. Addison-Wesley Professional, 2001 (ISBN 020170434).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6ef6334b-1dd9-42a8-8641-163890a75afd"><ac:parameter ac:name="">Sutter 04</ac:parameter></ac:structured-macro>[Sutter 2004] Sutter, Herb & Alexandrescu, Andrei. C++ Coding Standards: 101 Rules, Guidelines, and Best Practices. Boston, MA: Addison-Wesley Professional, 2004 (ISBN 0321113586).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="701975cb-df54-447a-95a1-7e30900fd888"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro>[Viega 2003] Viega, John & Messier, Matt. Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4b3673c3-da76-4073-854f-ac66bc14041d"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>[Warren 2002] Warren, Henry S. Hacker's Delight. Boston, MA: Addison Wesley Professional. 2002 (ISBN 0201914654).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="1830cf7f-0cd1-4d13-a1fa-c51cb7365cb3"><ac:parameter ac:name="">Williams 10</ac:parameter></ac:structured-macro>[Williams 2010] Williams, Anthony. Simpler Multithreading in C++0x, Internet.com, 2010.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f80e3b35-9afe-4c88-9820-296bff5cbbfa"><ac:parameter ac:name=""> xorl 2009</ac:parameter></ac:structured-macro>[xorl 2009] xorl. xorl %eax, %eax.