FIT-CS-01 — Code security, quality and development environment
App signed with valid trusted certificate. Release mode (non-debuggable). Tested development policies. No debug symbols in native binaries. No debug code/messages. No test settings or verbose logging. Third-party component vulnerability tracking. Minimal error messages. Platform security features fully activated. No external code loading.
| Property | Value |
|---|---|
| Section | 5.7 Code Security, Quality and Development Environment |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-OPS-08 | Secure Development Lifecycle |
| SID-HARD-02 | Input Validation and Injection Prevention |
| SID-OPS-04 | Vulnerability Management |
Source: Nordic EUDIW Certification System – Wallet Instance FitCEM PP Appendix