Categories: Software-Development

A code review intends to improve the quality of the code. Someone other than the author of the code performs the examination. Code review is mandatory for new code and code changes (pull request).

Code signing is a crucial process in software development that ensures the integrity and authenticity of software code. It involves applying a digital signature to software programs, scripts, or drivers.

This guide describes the most fundamental parts of component capabilities. It also includes a flowchart of component capabilities updates and a list of attributes sometimes mistaken for component capabilities.

Component capability markdown template.

Component description template. It contains the markdown template and examples of PlantUML graphics.

Dynamic behavior template for components.

This guide provides a quick overview of component tests and when and how they should be used.

User documentation should provide the necessary information to help the customer ensure that the site is as secure as possible.

When a new static code analysis (SCA) tool has been chosen for a product or part of a product, it needs to be described to facilitate its use in the considered and other products.

This guide defines requirements and methodologies for VHDL designs and test benches. It helps PA develop FPGAs using VHDL.

This guideline describes how to write Functional Description and Detailed Design documents.

This guideline describes how to perform a Functional Description and Detailed Design review.

A bug is an unexpected problem in the software or hardware which can be reported for any issue in a product by e.g. product managers, product owners, test engineers, or customers (via L3 or L4 Support).

Binary composition analysis is a method used to examine the components inside binary files to detect and manage security risks. This guide describes how to perform such analysis with Black Duck Binary Analysis (BDBA).

Implementation Proposal (IMP) markdown template for ADO.

This guides includes general information about performance testing and a brief description of different types of performance testing.

Table of contents

What is a pull request?

Checklist for software pull requests.

The following component test frameworks are recommended but not mandatory.

The following unit test frameworks are recommended but not mandatory.

Secure coding standards are guidelines, best practices, and coding conventions that can be used by software developers to prevent security vulnerabilities and improve the overall quality of the software during the software design & development phases.

This document describes the secure coding guidelines for the .NET programming language. Some of the guidelines are generic, whereas some are specific to the .NET programming language.

This document describes the secure coding guidelines for the C programming language. Some of the guidelines are generic, whereas some of them are specific to the C programming language.

This document describes the secure coding guidelines for ReactJS. Some of the guidelines are generic, whereas others are specific to ReactJS.

This chapter gives some basic best practices for a secure software design. Assessing how security is addressed in the design of a product is one important step to ensure that the product meets the best security level and can be done at various points in a product lifecycle.

Introduction

This guide gives an overview of the software artifact model which describes the relationship between artifacts used in software development.

Software development supports the incremental development of features that can be delivered to streams or other stakeholders. Included are design, implementation, unit tests, component tests, and bug fixing. Software development can result in deliverables, e.g., firmware, applications, and tools.

This code review guideline is written for those in the Control organization working with Git and includes the functional safety related aspects to adhere to. The guideline is directed to both source code level as well as feature level.

Static source code analysis is a method for analyzing the source code without executing it. This guide provides relevant information about static code analysis within PCP R&D.

After reading Secure Design Best Practices, this page describes some weaknesses around concepts that are frequently used or encountered in software development environments. This includes all aspects of the software development lifecycle including implementation.

This guideline briefly describes test techniques used at the different test levels. Each project defines the test levels and when to use the various test techniques.

This guide gives an overview of what a unit test is, and when and how it should be used.

This guide provides valuable tips to anyone involved in creating unit tests. A good unit test should be easy to understand, reliable, quick to run, and without dependencies.

This guide describes the different states of Azure DevOps (ADO) work items. Consistent work item state transitions are essential to enable consistent follow up on status.