This weblog publish is coauthored by Manuel Arenaz, lead contributor of the Fortran customary.
As safety specialists, we are sometimes requested to audit software program and supply experience on safe coding practices. Our analysis and efforts have produced a number of coding requirements particularly coping with safety in standard programming languages, equivalent to C, Java, and C++. This publish describes our work on the SEI CERT Fortran Coding Commonplace, which gives a core of well-documented and enforceable coding tips for Fortran.
Fortran within the Trendy Software program Ecosystem
Fortran is without doubt one of the oldest high-level programming languages nonetheless in energetic use and stays a cornerstone of scientific, engineering, and high-performance computing (HPC) software program. On the TIOBE Index from Could 2026, Fortran was the eleventh most-used programming language. Because the extensively adopted Fortran 77 (F77) customary, the language has repeatedly advanced by main revisions, together with Fortran 90, 95, 2003, 2008, 2018, and the latest Fortran 2023 customary, introducing trendy options for modularity, interoperability, parallelism, and software program engineering.
Fortran continues to energy important purposes in areas equivalent to local weather and climate prediction, aerospace, nuclear vitality, computational physics, and nationwide safety. Outstanding Fortran-based purposes embody the U.S. Navy’s NEPTUNE weather-prediction mannequin, the LS-DYNA finite-element solver for structural and crash simulations, and BLAS/LAPACK numerical linear algebra libraries extensively utilized in scientific computing.
As these historically remoted scientific and HPC purposes grow to be more and more built-in into trendy, interconnected software program ecosystems, the publicity of Fortran codebases to cybersecurity threats and software program provide chain dangers has considerably elevated. In response, the Fortran group has proven rising curiosity in safe software program improvement practices, vulnerability prevention, and safe coding requirements. Latest efforts embody the publication of ISO/IEC TR 24772-8 on avoiding vulnerabilities in Fortran and the emergence of static and software program composition evaluation instruments focusing on Fortran purposes.
As well as, the latest emergence of specialised static evaluation instruments for Fortran now permits builders to offer an automatic audit of a Fortran codebase by inspecting supply code and producing diagnostic alerts that vary from insecure coding practices and bugs to reliability and maintainability points. These capabilities, akin to these lengthy out there for C and C++, present a sensible basis for contemporary safe software program improvement in Fortran.
The SEI CERT Fortran Coding Commonplace continues to be younger and rising. The C and Java requirements every have greater than 100 guidelines in over 15 sections. The Fortran customary at present has 25 tips, initially organized in a number of sections together with:
Addressing Safety Vulnerabilities in Fortran
Fortran shares many programming ideas and low-level capabilities with C and C++, together with procedural programming, guide reminiscence administration, interoperability with exterior libraries, and performance-oriented design. On the similar time, Fortran gives a number of options which can be significantly well-suited for scientific and high-performance computing, together with intrinsic multidimensional array operations, native array slicing and whole-array syntax, built-in help for numerical computation, specific parallel programming constructs, and language-level amenities for environment friendly vectorization and mathematical optimization.
Traditionally, the Fortran group has targeted on new options and improved efficiency reasonably than safety. Our work on the SEI CERT Fortran Coding Commonplace facilities on Fortran language and library points that particularly deal with safety, equivalent to implicit declaration of variables, use of uninitialized variables, undefined habits, out-of-bounds reminiscence accesses, and correct argument checking.
The SEI CERT Fortran Coding Commonplace leverages the crew’s information of Fortran and a number of other sources to offer related materials on safety. These embody on-line assets such because the safety and reliability checkers documented within the Codee Open Catalog and present guidelines from the SEI CERT C Coding Commonplace which can be relevant to Fortran as a result of similarities between the languages. For instance, CERT Fortran guideline ARR01-F and CERT C rule ARR30-C each mandate that each one indices to an array are throughout the bounds of the array.
Fortran has most of the similar safety points that plague C and C++. A well known important problem widespread to all three languages is undefined habits, which happens when a program executes operations for which the language customary doesn’t outline a predictable consequence, permitting compilers to generate arbitrary habits. In Fortran, undefined habits might come up from points equivalent to using uninitialized variables, out-of-bounds array accesses, or invalid process interfaces. These conditions are significantly harmful as a result of they’ll silently produce incorrect numerical outcomes, utility crashes, nondeterministic execution, or exploitable vulnerabilities which can be troublesome to detect and reproduce. This problem is mentioned additional in guideline MSC03-F within the SEI CERT Fortran Coding Commonplace, which illustrates undefined habits by Fortran code that permits the compiler to take away a verify to detect integer overflow fully.
In contrast to C and C++, Fortran traditionally helps implicit typing of variables, a language characteristic launched in early variations of Fortran to cut back the quantity of code programmers wanted to put in writing on programs with restricted computing assets. Underneath implicit typing guidelines, undeclared variables are mechanically assigned a kind based mostly on the primary letter of their identify, which may simply cover typographical errors and programming errors. In trendy software program, this habits is taken into account harmful as a result of a misspelled variable identify might silently introduce a brand new variable as an alternative of triggering a compilation error, probably resulting in undefined habits, incorrect numerical outcomes, or safety vulnerabilities. Guideline TYP02-F discusses this problem additional.
Noncompliant Code Instance
Whereas a floating-point division of seven / 2.5 = 2.8, an integer division produces 7 / 2 = 3 (with a the rest of 1). Since res begins with “R”, it’s nonetheless an actual (floating-point) kind, and so this system prints 3.0 reasonably than 3.
This program prints 2.8 utilizing flang 22.1.7, or 2.79999995 utilizing gfortran 15.2.1 on MacOS 26.5.
Trendy Fortran has extra security options than traditional C. For instance, automated reminiscence administration for allocatable arrays, array bounds checking, and stronger interfaces and argument checking. These options assist stop widespread lessons of vulnerabilities equivalent to reminiscence leaks, invalid reminiscence accesses, interface mismatches, and out-of-bounds errors, bettering the reliability and safety of scientific and high-performance computing purposes. Pointers PRC01-F, PRC02-F, and PRC03-F talk about these points additional.
What’s Forward for the SEI CERT Coding Commonplace for Fortran
The SEI CERT Fortran Coding Commonplace is now publicly accessible, however it isn’t completed. By making the usual publicly accessible, we invite the Fortran group to assist us enhance it by reviewing the prevailing tips and suggesting new ones. You will get concerned through the use of GitHub’s points framework to begin discussions about the usual. Or you possibly can fork the venture and submit a pull request with steered enhancements. The CERT Safe Coding crew will evaluation all pull requests and merge authorised requests into the usual. Now we have launched a latest video concerning the technique of updating the SEI CERT Coding Requirements in GitHub.
We hope so as to add a number of tips every week. Presumably the Fortran customary might develop to about the identical dimension because the C or Java requirements as a result of all three languages are comparable in scope.