<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8bd30b7f-c462-419f-9aeb-b39a3b3abfdf"><ac:parameter ac:name="">Abrahams 10</ac:parameter></ac:structured-macro>[Abrahams 2010] Abrahams, David. Boost Library Error Handling Guidelines, #7
, 2001-2003.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bb096f2b-9f07-4b54-b3c3-038259e98332"><ac:parameter ac:name="">Barney 10</ac:parameter></ac:structured-macro>[Barney 2010] Barney, Blaise. POSIX Threads Programming, Lawrence Livermore National Security, LLC, 2010.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a6f60c9c-c17f-4bf2-9343-827f74fe7d7d"><ac:parameter ac:name="">Becker 08</ac:parameter></ac:structured-macro>[Becker 2008] Becker, Pete. Working Draft, Standard for Programming Language C++, April 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="98b7ec1a-5ec3-4297-8d48-beefc4f18659"><ac:parameter ac:name="">Becker 09</ac:parameter></ac:structured-macro>[Becker 2009] Becker, Pete Working Draft, Standard for Programming Language C++, September 2009.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dd9fed52-1d32-4b39-836b-9cb94ebc994c"><ac:parameter ac:name="">Black 07</ac:parameter></ac:structured-macro>[Black 2007] Paul E. Black, Michael Kass, Michael Koo. Source Code Security Analysis Tool Functional Specification Version 1.0. Special Publication 500-268. Information Technology Laboratory (ITL), Software Diagnostics and Conformance Testing Division, May 2007. http://samate.nist.gov/docs/source_code_security_analysis_spec_SP500-268.pdf
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="542c4ec0-165f-4383-b201-1310b55e6220"><ac:parameter ac:name="">Cline 09</ac:parameter></ac:structured-macro>[Cline 2009] Cline, Marshall. C++ FAQ Lite - Frequently Asked Questions 1991-2009
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="755b7e3e-9428-4dda-b77f-5b1da58ca72d"><ac:parameter ac:name="">CWE</ac:parameter></ac:structured-macro> [CWE] MITRE. Common Weakness Enumeration – A Community-Developed Dictionary of Software Weakness Types.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e6df9245-67b9-4434-aa89-916aa8415faf"><ac:parameter ac:name="">Dewhurst 03</ac:parameter></ac:structured-macro>[Dewhurst 2003] Dewhurst, Stephen C. C++ Gotchas: Avoiding Common Problems in Coding and Design. Boston, MA: Addison-Wesley Professional, 2002.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c3835660-76c2-468d-a271-4ec636e72dba"><ac:parameter ac:name="">Dewhurst 05</ac:parameter></ac:structured-macro>[Dewhurst 2005] Dewhurst, Stephen C. C++ Common Knowledge: Essential Intermediate Programming. Boston, MA: Addison-Wesley Professional, 2005.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d3891d48-b952-4751-8113-ddef25b618d0"><ac:parameter ac:name="">Dowd 07</ac:parameter></ac:structured-macro>[Dowd 2007] Dowd, McDonald & Schuh. The Art of Software Security Assessment - Attacking delete and delete[] in C++. (2007)
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="fb6c97e7-ed71-40de-bbda-733a3e06e066"><ac:parameter ac:name="">Fortify 06</ac:parameter></ac:structured-macro>[Fortify 06] Fortify Software Inc. Fortify Taxonomy: Software Security Errors, 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d6d78e31-9fc3-45df-9808-1668c564a8be"><ac:parameter ac:name="">FSF 05</ac:parameter></ac:structured-macro>[FSF 2005] Free Software Foundation. GCC online documentation. (2005).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f230d924-64bf-4e1d-8d65-76f7e31c8374"><ac:parameter ac:name="">Gamma 95</ac:parameter></ac:structured-macro>[Gamma 1995] Gamma, Helm, Vlissides, and Johnson. Design Patterns Elements of Reusable Object Oriented Software. Addison Wesley, 1995.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5ce27a19-f93f-43da-a0f8-6d58a954cb7c"><ac:parameter ac:name="">Goldberg 91</ac:parameter></ac:structured-macro>[Goldberg 1991] Goldberg, David. What Every Computer Scientist Should Know About Floating-Point Arithmetic. Sun Microsystems, March 1991.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d6b7dd86-0d4f-41fd-949f-e1d67c607931"><ac:parameter ac:name="">Graf 03</ac:parameter></ac:structured-macro>[Graff 03] Graff, Mark G. & Van Wyk, Kenneth R. Secure Coding: Principles and Practices. Cambridge, MA: O'Reilly, 2003 (ISBN 0596002424).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cb4e00e6-5ea0-4883-9e4f-876646d5f603"><ac:parameter ac:name="">Henricson 97</ac:parameter></ac:structured-macro>[Henricson 1997] Henricson, Mats & Nyquist, Erik. Industrial Strength C++. Upper Saddle River, NJ: Prentice Hall PTR, 1997 (ISBN 0-13-120965-5).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2169dfbb-8549-4874-8d75-bf61cf1b49b1"><ac:parameter ac:name="">IEC 60812 2006</ac:parameter></ac:structured-macro>[IEC 60812 2006] Analysis techniques for system reliability - Procedure for failure mode and effects analysis (FMEA), 2nd ed. (IEC 60812). IEC, January 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b6342f32-976c-4266-918c-8f30271606a0"><ac:parameter ac:name="">ISO/IEC 9899-1999</ac:parameter></ac:structured-macro>[ISO/IEC 9899-1999] ISO/IEC 9899-1999. Programming Languages — C, Second Edition, 1999.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="dff0fe38-74b5-4690-aa4d-29aeeb0e7094"><ac:parameter ac:name="">ISO/IEC 14882-1998</ac:parameter></ac:structured-macro>[ISO/IEC 14882-1998] ISO/IEC 14882-1998. Programming Languages — C++, First Edition, 1998.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e0bff3dd-1fa5-4e2d-a56d-4872fafd43d8"><ac:parameter ac:name="">ISO/IEC 14882-2003</ac:parameter></ac:structured-macro>[ISO/IEC 14882-2003] ISO/IEC 14882-2003. Programming Languages — C++, Second Edition, 2003.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="88673701-85f1-4ca9-bffc-fbf18b1bf0ef"><ac:parameter ac:name="">ISO/IEC DTR 24772</ac:parameter></ac:structured-macro>[ISO/IEC DTR 24772] ISO/IEC DTR 24772. Information Technology — Programming Languages — Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use, November 2009.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="aff67925-da94-4c80-a121-45fc240b8fd2"><ac:parameter ac:name="">Lions 96</ac:parameter></ac:structured-macro>[Lions 1996] Lions, J. L. ARIANE 5 Flight 501 Failure Report. Paris, France: European Space Agency (ESA) & National Center for Space Study (CNES) Inquiry Board, July 1996.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b1586d3b-00e6-4e46-8f4f-17646890e6ca"><ac:parameter ac:name="">Lockheed Martin 05</ac:parameter></ac:structured-macro>[Lockheed Martin 2005] Lockheed Martin. "Joint Strike Fighter Air Vehicle C++ Coding Standards for the System Development and Demonstration Program." Document Number 2RDU00001 Rev C., December 2005.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="50042a4e-168f-482b-8e0a-7d2a3ea3f209"><ac:parameter ac:name="">Meyers 95</ac:parameter></ac:structured-macro>[Meyers 1995] Meyers, Scott. More Effective C++: 35 New Ways to Improve Your Programs and Designs. Boston, MA: Addison-Wesley Professional, 1995.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ecf4b370-d00f-40f8-a0ea-1abf5c021c69"><ac:parameter ac:name="">Meyers 96</ac:parameter></ac:structured-macro>[Meyers 1996] Meyers, Scott. More Effective C++: 35 New Ways to Improve Your Programs and Designs. Boston, MA: Addison-Wesley, 1996.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ff13f50a-5cce-4830-a309-ee4153bbef58"><ac:parameter ac:name="">Meyers 97</ac:parameter></ac:structured-macro>[Meyers 1997] Meyers, Scott. Effective C++ : 55 Specific Ways to Improve Your Programs and Designs, 3rd ed. Boston, MA: Addison-Wesley Professional, 1997.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="c000f707-6bf0-496f-8ab2-4f39658f9c90"><ac:parameter ac:name="">Meyers 01</ac:parameter></ac:structured-macro>[Meyers 2001] Meyers, Scott. Effective STL: 50 Specific Ways to Improve Your Use of the Standard Template Library. Boston, MA: Addison-Wesley Professional, 2001.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="7bd4421c-519c-4d91-bdfd-c015d00f3fe9"><ac:parameter ac:name="">Meyers 05</ac:parameter></ac:structured-macro>[Meyers 2005] Meyers, Scott. Effective C++: 55 Specific Ways to Improve Your Programs and Designs (3rd Edition). Boston, MA: Addison-Wesley Professional, 2005.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="366ddc23-04e1-4308-8346-b62535d309b7"><ac:parameter ac:name="">Microsoft 10</ac:parameter></ac:structured-macro>[Microsoft 2010] STL std::string class causes crashes and memory corruption on multi-processor machines
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6611959e-1704-4ae5-936c-ace7f9bc3a67"><ac:parameter ac:name="">MISRA 04</ac:parameter></ac:structured-macro>[MISRA 2004] MIRA Limited. "MISRA C: 2004 Guidelines for the Use of the C Language in Critical Systems." Warwickshire, UK: MIRA Limited, October 2004 (ISBN 095241564X).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="8f83ab16-f815-4fe3-b5eb-0e774f6ea033"><ac:parameter ac:name="">MISRA 08</ac:parameter></ac:structured-macro>[MISRA 2008] MIRA Limited. "MISRA C++: 2008 "Guidelines for the Use of the C++ Language in Critical Systems", ISBN 978-906400-03-3 (paperback), ISBN 978-906400-04-0 (PDF), June 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="b0a0b619-9305-4dcc-954a-fcc27cd2393f"><ac:parameter ac:name="">MITRE 07</ac:parameter></ac:structured-macro>[MITRE 2007] MITRE. Common Weakness Enumeration, Draft 9, April 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5454abd3-6ec5-4a54-93a7-42185344f2d1"><ac:parameter ac:name="">MITRE 08a</ac:parameter></ac:structured-macro>[MITRE 2008a] MITRE. CWE ID 327, "Use of a Broken or Risky Cryptographic Algorithm," 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6b8bd8e2-6d6e-49ed-8c22-500c934f7147"><ac:parameter ac:name="">MITRE 08b</ac:parameter></ac:structured-macro>[MITRE 2008b] MITRE. CWE ID 330, "Use of Insufficiently Random Values," 2008.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9b5c47d8-2411-40d8-9af2-f40e04c39c6c"><ac:parameter ac:name="">MSDN 10</ac:parameter></ac:structured-macro>[MSDN 2010] MSDN. "CryptGenRandom Function."
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="4433a258-408a-4584-9326-9b010d7b23da"><ac:parameter ac:name="">NIST 06</ac:parameter></ac:structured-macro>[NIST 2006] NIST. SAMATE Reference Dataset (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="2ad9eb7f-de05-46a5-adc6-b1dc5525269b"><ac:parameter ac:name="">POSIX.1-2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="292917ad-b397-425a-ac7e-81978eff8ede"><ac:parameter ac:name="">IEEE Std 1003.1-2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="32d4741a-b9e4-43ba-8d4f-3567c5774690"><ac:parameter ac:name="">ISO/IEC 9945:2008</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d7fdec97-fa7b-43ad-9a66-228bd506e5d2"><ac:parameter ac:name="">Open Group 08</ac:parameter></ac:structured-macro>[Open Group 2008] The Open Group. "The Open Group Base Specifications Issue 7, IEEE Std 1003.1, 2008 Edition." (2008).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a8856244-7992-40e5-a685-aaca694d8cf0"><ac:parameter ac:name="">POSIX.1-2004</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="3b493caa-4a75-4e26-812b-10c9fa0ac5ff"><ac:parameter ac:name="">IEEE Std 1003.1-2004</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="aa9926bd-2452-4ddc-8095-3cdc2813ac2d"><ac:parameter ac:name="">ISO/IEC 9945:2003</ac:parameter></ac:structured-macro> <ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="ec5a2b99-84e4-42ce-8443-7b1f3a5f118c"><ac:parameter ac:name="">Open Group 04</ac:parameter></ac:structured-macro>[Open Group 2004] The Open Group. "The Open Group Base Specifications Issue 6, IEEE Std 1003.1, 2004 Edition." (2004).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="9e86f9fc-d15d-442d-a4d8-ce3f46e94c28"><ac:parameter ac:name="">Plum 91</ac:parameter></ac:structured-macro>[Plum 1991] Plum, Thomas. C++ Programming. Kamuela, HI: Plum Hall, Inc., November 1991 (ISBN 0911537104).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="41bf3f59-6992-4008-9b9f-9de023db5fb9"><ac:parameter ac:name="">Quinlan 06</ac:parameter></ac:structured-macro>[Quinlan 2006] Quinlan, Dan; Vuduc, Richard; Panas, Thomas; Härdtlein, Jochen; & Sæbjørnsen, Andreas. "Support for Whole-Program Analysis and the Verification of the One-Definition Rule in C++," 27-35. NIST Special Publication 500-262, Proceedings of the Static Analysis Summit. Gaithersburg, MD, July 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="6d0374df-4fa8-450a-90d8-d749141d99d7"><ac:parameter ac:name="">Saks 99</ac:parameter></ac:structured-macro>[Saks 1999] Dan Saks. const T vs.T const. Embedded Systems Programming. Pg. 13-16. February 1999. http://www.dansaks.com/articles/1999-02%20const%20T%20vs%20T%20const.pdf
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="de860c59-83cb-4e28-bad6-98f047530b00"><ac:parameter ac:name="">Saks 07</ac:parameter></ac:structured-macro>[Saks 2007] Saks, Dan. "Sequence Points" Embedded Systems Design, 07/01/02.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="40ab8ccb-8fdf-4af2-8ea6-cc3dadba8175"><ac:parameter ac:name="">Seacord 05</ac:parameter></ac:structured-macro>[Seacord 2005] Seacord, R. Secure Coding in C and C++. Upper Saddle River, NJ: Addison-Wesley, 2006 (ISBN 0321335724).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="bef50d01-49e3-45e6-83fe-edcb58cca0c4"><ac:parameter ac:name="">Sebor 04</ac:parameter></ac:structured-macro>[Sebor 2004] Sebor, Martin. C++ Standard Core Language Active Issues, Revision 68, Issue 475, 2010.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="60aa2aee-b868-4f95-991b-53fdbfe53838"><ac:parameter ac:name="">SGI 06</ac:parameter></ac:structured-macro>[SGI 2006] Silicon Graphics, Inc. "basic_string<charT, traits, Alloc>." Standard Template Library Programmer's Guide, 2006.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d9f5ea09-531d-43ca-9754-80a2ac20bbd2"><ac:parameter ac:name="">Steele 77</ac:parameter></ac:structured-macro>[Steele 1977] Steele, G. L. 1977. Arithmetic shifting considered harmful. SIGPLAN Not. 12, 11 (Nov. 1977), 61-69.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="a9551554-ee22-49ef-8dfe-4ff951ce1f1d"><ac:parameter ac:name="">Stroustrup 97</ac:parameter></ac:structured-macro>[Stroustrup 1997] Stroustrup, Bjarne. The C++ Programming Language, Third Edition. Reading, MA: Addison-Wesley, 1997 (ISBN 0201889544).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="d869ad8f-e719-4904-abec-ac332a5b4ce8"><ac:parameter ac:name="">Stroustrup 06</ac:parameter></ac:structured-macro>[Stroustrup 2006] Stroustrup, Bjarne. C++ Style and Technique FAQ (2006).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="5c3ffd75-3198-4e96-9ea9-da8620b2c6aa"><ac:parameter ac:name="">Stroustrup 01</ac:parameter></ac:structured-macro>[Stroustrup 2001] Stroustrup, Bjarne. Exception Safety: Concepts and Techniques (2001).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="f606b9a1-a55d-4ee0-b755-74ee5db8f67e"><ac:parameter ac:name="">Sutter 00</ac:parameter></ac:structured-macro>[Sutter 2000] Sutter, Herb. Exceptional C++: 47 Engineering Puzzles, Programming Problems, and Solutions. Addison-Wesley Professional, 2000 (ISBN 0201615622).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="02d6d777-f87b-4773-994e-7f22466a418e"><ac:parameter ac:name="">Sutter 01</ac:parameter></ac:structured-macro>[Sutter 2001] Sutter, Herb. More Exceptional C++: 40 New Engineering Puzzles, Programming Problems, and Solutions. Addison-Wesley Professional, 2001 (ISBN 020170434).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="cb68aaf2-dc48-4961-80e5-925fb735329e"><ac:parameter ac:name="">Sutter 04</ac:parameter></ac:structured-macro>[Sutter 2004] Sutter, Herb & Alexandrescu, Andrei. C++ Coding Standards: 101 Rules, Guidelines, and Best Practices. Boston, MA: Addison-Wesley Professional, 2004 (ISBN 0321113586).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="798390e0-b0b8-45a9-b3eb-234ca38f1f9b"><ac:parameter ac:name="">Viega 03</ac:parameter></ac:structured-macro>[Viega 2003] Viega, John & Messier, Matt. Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Networking, Input Validation & More. Sebastopol, CA: O'Reilly, 2003 (ISBN 0-596-00394-3).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="66d33420-32a5-40c4-980e-481fc4583253"><ac:parameter ac:name="">Warren 02</ac:parameter></ac:structured-macro>[Warren 2002] Warren, Henry S. Hacker's Delight. Boston, MA: Addison Wesley Professional. 2002 (ISBN 0201914654).
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="e2ab1dab-f70e-4c1f-8aed-d1fd7f978b78"><ac:parameter ac:name="">Williams 10</ac:parameter></ac:structured-macro>[Williams 2010] Williams, Anthony. Simpler Multithreading in C++0x, Internet.com, 2010.
<ac:structured-macro ac:name="anchor" ac:schema-version="1" ac:macro-id="562c2be2-59fd-4ec5-bb9a-3f1ea0dc1129"><ac:parameter ac:name=""> xorl 2009</ac:parameter></ac:structured-macro>[xorl 2009] xorl. xorl %eax, %eax.