This is muy useful! A standard methodology for secure programming is a good idea, so long as the recommendations contained in it are general enough (and tried and true) as to minimize the chance of a widespread secure programming practice becoming vulnerable. (For example, if someone improperly advised other programmers to check input (e.g. to avoid buffer overflows) incorrectly, and all implementations of a "secure" practice were comprimised.)

At any rate, this looks very useful, and (hopefully) effective.