ISO/IEC TR 24772-1:2019 

Programming languages - Guidance to avoiding vulnerabilities in programming languages - Part 1: Language-independent guidance

English
CHF 

Do you need a multi-user copy?

English
CHF 

Preview

Abstract

This document specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission-critical and business-critical software. Language-specific descriptions of these vulnerabilities are provided in other parts of the ISO/IEC 24772 series.
It is applicable to the software developed, reviewed, or maintained for any application.
This document does not address software engineering and management issues such as how to design and implement programs, use configuration management tools, use managerial processes, and perform process improvement. Furthermore, the specification of properties and applications to be assured are not treated.
Vulnerabilities are described in a generic manner that is applicable to a broad range of programming languages.

Look inside


Additional information

Publication typeTechnical Report
Publication date2019-12-10
Edition1.0
Available language(s)English
TC/SCISO/IEC JTC 1/SC 22 - Programming languages, their environments and system software interfacesrss
ICS35.060 - Languages used in information technology
Pages166
File size3179 KB

The following test report forms are related:



Share this page


Share your publications

Learn how to share your publications with your colleagues, using networking options.

Payment information

Our prices are in Swiss francs (CHF). We accept all major credit cards (American Express, Mastercard and Visa), PayPal and bank transfers as form of payment.


Keep in touch

Keep up to date with new publication releases and announcements with our free IEC Just Published email newsletter.

Contact customer services

Please send your enquiry by email or call us on +41 22 919 02 11 between 09:00 – 17:00 CET Monday to Friday.