Simplifying coding
Coding
No unsafe library function calls
No unchecked access/write
Fail-secure as default
Limited resource consumption
Separate Data plane and Control plane
Robust module interfaces
Timeout all failed connections
Input validation
Minimize platform dependent
Minimize shared or global values
Minimize threads locks or other race conditions
Minimize Privileges
Minimize error handling messages
Minimize type castings of pointers, use void type pointers if necessary because the other type castings will triger compiler <dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]> warning
Use inline functions for highly concurrent function calls
Encapsulate vendor specific API, N-version based interfaces for Cryptography libraries
Compiling Warnings
Compilers set default options [-Wall –Werror], use a newer version compilers which can give more clear compiling messages
Static analyzer
Use built-in clang static analyzer or specialized analyzer splint to mitigate coding risk
Dynamic analyzer
Use clang/GCC AddressSanitizer as default and use Valgrind to verify, but do not use them same time
Use O2 as default optimizations, use an O3 for code which need vectorizable loops, peel loops, inline functions etc.
Profiling
Use strace to minimize system call, use Perf or the other profile tools to optimize performance
vectorizable loops, peel loops, inline functions etc.
Fuzzing
Use fuzzing tools to test code
Code signing
Code signing and code verification as default
Read more.