1. Software Standards Specification
  2. Software Requirements Definition
  3. Software Best Practices
  4. Input Validation
  5. Output Validation
  6. Cookie Requirements
  7. Access Failure Error Checking
  8. Buffer Overflow
  9. Code Structure
  10. Software Functions
  11. Software Modules
  12. Requirements for Variables
  13. Software Code Comment Requirements
  14. Quality Code Requirements
  15. Software Code Review
  16. Software Code Testing Requirements
  17. Software Change Control

    Security Best Practices

  18. Secure Functional Requirements
  19. Account Creation
  20. Change Password
  21. Forgot Password
  22. Personal Question
  23. Contact Webmaster
  24. CAPTCHA Tests
  25. Answer Verification

Code Structure

It is important to have a logical structure to programs. Programs should be organized so developers and maintainers can easily determine what modules and routines perform what function.


  • Program - A program is an organization of modules that are assembled to provide a business function.
  • Module - A module is a set of functions which implement one concept. For example a module may support database access. A module is usually a collection of functions in one file but may require several related files.
  • Function - A function is a relatively short part of code that performs one specific function. A function should not be longer than one page. An example of a function is code that prints a string. Functions are typically used multiple times inside the program.
  • Interface - An interface is a function (also called a method) which is used by a function or module to communicate with other parts of the program.

Structured Programming Rules

Structured programming and keeping a program intellectually manageable depends upon adherance to structured programming rules. The program should be designed from the top down to keep it understandable while using modular design. Some structured programming rules include:

  • Code no more than one statement per line.
  • Divide programs into functions.
  • Functions should perform only one task.
  • Variable names should be meaningful.
  • Use of global variables should be avoided.
  • All variables should be explicitly declared and given an initial value.
  • Hierarchial data structures should be used to keep the data and program structured.
  • Each function must have an initial comment which explains:
    • What its purpose or use is.
    • What arguments it requires or accepts and what their use is.
    • What value(s) the function returns.
    • What values or parts of the program the function may change.
    • Algorithms used.
    • Conditions which may cause the program to fail.
    • The creator of the function.
    • The date the function was created.
    • The version number of the function.
  • Compound conditional statements should be limited to avoid confusion.
  • Indentation should be consistent.
  • When used in functions, the use of { and } should be on their own lines to demark blocks of code.
  • Upper case should be used for defined static constants.
  • For all keywords and variables, use lower case.
  • Use simple incrementer variables for loops such as the Fortran integer variable names which are i, j, k, l, m, and n.
  • In graphics or coordinates, use variables x, y, and z for coordinates.

Coding Structure

  • Stored procedures are to be for database access.
  • Modules are used to group program functions into a unit or single file containing related program functions. This makes it easier to find functions when analyzing or writing the program code. Modules should be designed to be generic when possible so they may be used in other applications. This will improve quality of code by re-using code that is already checked against quality standards and tested.