If a code-generating tool is to be used, it is necessary to select an appropriate tool and undertake validation. Adherence to the requirements of this document may
provide one criterion for assessing a tool.
Secure coding guidance varies depending on how code is generated and maintained. Categories of code include the following:
Source code that is written and maintained by hand must have the following properties:
These requirements are not applicable for source code that is never directly handled by a programmer, although requirements for correct behavior still apply. Reading and comprehension requirements apply to code that is tool generated and hand maintained but do not apply to code that is tool generated and tool maintained. Tool-generated, tool-maintained code can impose consistent constraints that ensure the safety of some constructs that are risky in hand-generated code.
The following rules and recommendations do not apply to tool-generated and tool-maintained code:
Priority and Levels Compliance