Hi all,
In order to introduce myself: I'm currently working with ISO/IEC
JTC1/SC22/WG14 - specifically Robert Seacord [1] - in order to form a
Study Group looking at Safety / Security Rules for the C programming
language, and I wanted to get in touch with you regarding this.
The charter of the group is:
1. To study the problem of adding coverage for safety-critical and
safety/security-critical issues into the existing C Secure Coding Rules
TS 17961.
2. To study the problem of addressing safety and security issues
related to parts of the C standard not currently covered by the TS, such
as concurrency.
3. To propose updates to TS 17961 based on these studies and based on
experience gained with the TS since its publication.
4. To recommend to WG14, in Spring 2017, a course of action for the
resulting document, such as creating a new edition of the TS, or making
it into an International Standard.
Whatever the output of the study group is, we want it to be open rather
than behind closed doors. We have both CERT-C and MISRA-C
representatives on board who will be working together to this end.
Part of the group will be made up of representatives of vendors of
static analysis tools (such as Coverity, Fortify, Checkmarx, Gimpel, and
PRQA) and so I am contacting you because of your involvement in Smatch.
We are very keen to ensure representation in this regard from
open-source initiatives.
Is the Study Group something you feel you could add value to?
In terms of activity - it is expected to be fairly low level
(teleconferences every other week, and an occasional face to face
meeting). Normally we would have some homework between meetings.
Different people contribute at different levels; it's all very voluntary.
If you would like to participate, please contact Robert Seacord
<rcseacord@xxxxxxxxx>, who will serve as the initial Chair of the group.
We have set up a mailing list and can add you to this, which is where
we'll discuss arranging the first meeting, which will be sometime in the
new year.
Thanks,
Laurence
[1] https://en.wikipedia.org/wiki/Robert_C._Seacord
--
Laurence Urhegyi
Project Manager
Codethink Ltd
302 Ducie House
37 Ducie Street
Manchester
M1 2JW
UK
Codethink delivers cutting edge open source design, development and
integration services - from embedded stack software to advanced ux
http://codethink.co.uk
Office: +44 161 236 5575
--
To unsubscribe from this list: send the line "unsubscribe smatch" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
