UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

close
Already an Engineering360 user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your Engineering360 Experience

close
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ISO/IEC TR 24772-1

Programming languages — Guidance to avoiding vulnerabilities in programming languages — Part 1: Language-independent guidance

active, Most Current
Buy Now
Organization: ISO
Publication Date: 1 December 2019
Status: active
Page Count: 184
ICS Code (Languages used in information technology): 35.060
scope:

This document specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission-critical and business-critical software. Language-specific descriptions of these vulnerabilities are provided in other parts of the ISO/IEC 24772 series.

It is applicable to the software developed, reviewed, or maintained for any application.

This document does not address software engineering and management issues such as how to design and implement programs, use configuration management tools, use managerial processes, and perform process improvement. Furthermore, the specification of properties and applications to be assured are not treated.

Vulnerabilities are described in a generic manner that is applicable to a broad range of programming languages.

Document History

ISO/IEC TR 24772-1
December 1, 2019
Programming languages — Guidance to avoiding vulnerabilities in programming languages — Part 1: Language-independent guidance
This document specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission-critical and...

References

Advertisement