Phone: (011) 7541-421, 3409-301, 3409-335, 6547-293, 3409-310
E-mail: Standards sales: prodaja@iss.rs Education: iss-edukacija@iss.rs Information about standards: infocentar@iss.rs
Stevana Brakusa 2, 11030 Beograd
Main menu

ISO/IEC TR 24772-1:2019

Programming languages — Guidance to avoiding vulnerabilities in programming languages — Part 1: Language-independent guidance

Dec 10, 2019

General information

90.92     Aug 25, 2021

ISO/IEC

ISO/IEC JTC 1/SC 22

Technical Report

35.060  

English  

Buying

Published

Language in which you want to receive the document.

Scope

This document specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission-critical and business-critical software. Language-specific descriptions of these vulnerabilities are provided in other parts of the ISO/IEC 24772 series.
It is applicable to the software developed, reviewed, or maintained for any application.
This document does not address software engineering and management issues such as how to design and implement programs, use configuration management tools, use managerial processes, and perform process improvement. Furthermore, the specification of properties and applications to be assured are not treated.
Vulnerabilities are described in a generic manner that is applicable to a broad range of programming languages.

Life cycle

PREVIOUSLY

WITHDRAWN
ISO/IEC TR 24772:2013

NOW

PUBLISHED
ISO/IEC TR 24772-1:2019
90.92 Standard to be revised
Aug 25, 2021

REVISED BY

PROJECT
ISO/IEC 24772-1