Talk: C++ (Core) Guidelines - Safer C++

Several groups work on specifying guidelines for making C++ software safe or secure, e.g., ISO JTC1-SC22-WG23, MISRA-C++, AUTOSAR, CERT. And there are also the C++ Core Guidelines proposed by Bjarne Stroustrup and Herb Sutter with other colleagues. Fortunately they inspire each other, but try to address different contexts.

Most of these Guidelines build around safe coding practices without losing C++'s efficiency, such as using const deliberately or minimize the use of raw pointers. Many of the guidelines provide hints for enforcing the guideline and some even require or imply effective static analysis tooling to make them useful.

Our institute has a long history of providing static analysis within an IDE and also suggesting transformation for improving code, such as, applying C++11's initializers, instead of uninitialized or old-fashioned initialized variable declarations. While already addressing some areas covered by the Core Guidelines, we recently targeted many more of those explicitly and provide corresponding static analysis and quick-fix refactoring support to adjust existing C++ code toward following the core guidelines.

This talk will introduce some of the C++ (Core) Guidelines and give some examples how you can modernize your code and improve its quality without losing performance through automated tooling built into Cevelop.

Topics covered:
* What are the C++ Core Guidelines
** Philosophy and goals
** Relationship to C++ Safety Guidelines
** Areas covered
** Some safety-related Examples (Rule-of-Zero, RAII, Ownership-or-not?)
* Automatic "repair" of code
** const Correctness
** Constructors/destructors/assignment
** Pointers and arrays
* Future work

The audience will get an overview of the C++ Core Guidelines. Using practical code examples improvements through application of the guidelines is demonstrated. Tools will be shown, that aid in detection of guideline violation and automatic repair to guideline-conforming code. Attending developers will be enabled to apply the Core Guidelines in the future to create or refactor to safer and more maintainable C++ code.