Skip to content
Please enter a keyword to search

  • ISO/IEC TR 24772:2013

    View superseded by
    Withdrawn A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
    View superseded by

    Information technology Programming languages Guidance to avoiding vulnerabilities in programming languages through language selection and use

    Available format(s):  Hardcopy, PDF, PDF 3 Users, PDF 5 Users, PDF 9 Users

    Withdrawn date:  16-07-2021

    Language(s):  English

    Published date:  04-03-2013

    Publisher:  International Organization for Standardization

    Add To Cart

    Abstract - (Show below) - (Hide below)

    ISO/IEC TR 24772:2013 specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission-critical and business-critical software. In general, this guidance is applicable to the software developed, reviewed, or maintained for any application.

    Vulnerabilities are described in a generic manner that is applicable to a broad range of programming languages.

    General Product Information - (Show below) - (Hide below)

    Document Type Standard
    Publisher International Organization for Standardization
    Status Withdrawn
    Superseded By
    Supersedes

    Standards Referenced By This Book - (Show below) - (Hide below)

    ISO/IEC TS 17961:2013 Information technology — Programming languages, their environments and system software interfaces — C secure coding rules
    PD ISO/IEC TS 17961:2013 Information technology. Programming languages, their environments and system software interfaces. C secure coding rules
    CAN/CSA-ISO/IEC TS 17961:18 Information technology — Programming languages, their environments and system software interfaces — C secure coding rules (Adopted ISO/IEC TS 17961:2013, first edition, 2013-11-15, including adopted technical corrigendum 1:2016)
    BS ISO/IEC/IEEE 23026:2015 Systems and software engineering. Engineering and management of websites for systems, software, and services information
    ISO/IEC/IEEE 23026:2015 Systems and software engineering — Engineering and management of websites for systems, software, and services information

    Standards Referencing This Book - (Show below) - (Hide below)

    ISO/IEC TR 10000-1:1998 Information technology Framework and taxonomy of International Standardized Profiles Part 1: General principles and documentation framework
    ISO/IEC 2382-1:1993 Information technology Vocabulary Part 1: Fundamental terms
    RTCA DO 178 : C2011 SOFTWARE CONSIDERATIONS IN AIRBORNE SYSTEMS AND EQUIPMENT CERTIFICATION
    ISO/IEC 30170:2012 Information technology Programming languages Ruby
    ISO/IEC 15291:1999 Information technology Programming languages Ada Semantic Interface Specification (ASIS)
    IEC 61508-5:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 5: Examples of methods for the determination of safety integrity levels (see Functional Safety and IEC 61508)
    IEC 61508-4:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 4: Definitions and abbreviations (see Functional Safety and IEC 61508)
    IEC 61508-3:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 3: Software requirements (see Functional Safety and IEC 61508)
    ISO/IEC/IEEE 60559:2011 Information technology Microprocessor Systems Floating-Point arithmetic
    ISO/IEC TR 15942:2000 Information technology Programming languages Guide for the use of the Ada programming language in high integrity systems
    ISO 80000-2:2009 Quantities and units Part 2: Mathematical signs and symbols to be used in the natural sciences and technology
    ISO/IEC 1539-1:2010 Information technology Programming languages Fortran Part 1: Base language
    ISO/IEC 9899:2011 Information technology Programming languages C
    IEC 61508-6:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 6: Guidelines on the application of IEC 61508-2 and IEC 61508-3 (see Functional Safety and IEC 61508)
    ISO/IEC TR 24731-1:2007 Information technology Programming languages, their environments and system software interfaces Extensions to the C library Part 1: Bounds-checking interfaces
    ISO/IEC TR 24718:2005 Information technology — Programming languages — Guide for the use of the Ada Ravenscar Profile in high integrity systems
    IEC 61508-1:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 1: General requirements (see Functional Safety and IEC 61508)
    IEEE 754-2008 REDLINE IEEE Standard for Floating-Point Arithmetic
    ISO/IEC 8652:2012 Information technology — Programming languages — Ada
    IEC 61508-7:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 7: Overview of techniques and measures (see Functional Safety and IEC 61508)
    IEC 61508-2:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 2: Requirements for electrical/electronic/programmable electronic safety-related systems (see Functional Safety and IEC 61508)
    View more information

    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective