iTeh Standards logo
EURUSD
Your shopping cart is empty.
ISO

ISO/IEC JTC 1/SC 22/WG 23 - Programming Language Vulnerabilities

Vulnérabilité des langages de programmation

General Information

Status
Active
Work Field
Information technology
Parent
ISO/IEC JTC 1/SC 22 - Programming languages, their environments and system software interfaces

Frequently Asked Questions

ISO/IEC JTC 1/SC 22/WG 23 is a Subcommittee within the International Organization for Standardization (ISO). It is named "Programming Language Vulnerabilities". This committee has published 3 standards.

ISO/IEC JTC 1/SC 22/WG 23 develops ISO standards in the area of Information technology. Currently, there are 3 published standards from this subcommittee.

The International Organization for Standardization (ISO) is an independent, non-governmental international organization that develops and publishes international standards. Founded in 1947 and headquartered in Geneva, Switzerland, ISO brings together experts from 170+ member countries to share knowledge and develop voluntary, consensus-based standards that support innovation and provide solutions to global challenges.

A Subcommittee (SC) in ISO operates under a Technical Committee and focuses on a specific subset of the TC's scope. Subcommittees develop standards and technical specifications in their specialized area, reporting to their parent Technical Committee. They may also have working groups for detailed technical work.

Standardization Organization
ICS
Directive
Mandate
50
ISO
ISO/IEC TR 24772-3:2020(Main)
Programming languages - Guidance to avoiding vulnerabilities in programming languages - Part 3: C

This document specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission-critical and business-critical software. In general, this guidance is applicable to the software developed, reviewed, or maintained for any application. This document describes the way that the vulnerabilities listed in ISO/IEC TR 24772-1 are manifested or avoided in the C language.

  • Technical report
    42 pages
    English language
    sale 15% off
ISO
ISO/IEC TR 24772-2:2020(Main)
Programming languages - Guidance to avoiding vulnerabilities in programming languages - Part 2: Ada

This document specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission-critical and business-critical software. In general, this document is applicable to the software developed, reviewed or maintained for any application. Vulnerabilities described in this document present the way that the vulnerability described in ISO/IEC TR 24772-1 are manifested in Ada.

  • Technical report
    45 pages
    English language
    sale 15% off
ISO
ISO/IEC TR 24772-1:2019(Main)
Programming languages - Guidance to avoiding vulnerabilities in programming languages - Part 1: Language-independent guidance

This document specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission-critical and business-critical software. Language-specific descriptions of these vulnerabilities are provided in other parts of the ISO/IEC 24772 series. It is applicable to the software developed, reviewed, or maintained for any application. This document does not address software engineering and management issues such as how to design and implement programs, use configuration management tools, use managerial processes, and perform process improvement. Furthermore, the specification of properties and applications to be assured are not treated. Vulnerabilities are described in a generic manner that is applicable to a broad range of programming languages.

  • Technical report
    166 pages
    English language
    sale 15% off
50