ISO/IEC TR 24772:2013
Withdrawn
A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
View Superseded by
Information technology — Programming languages — Guidance to avoiding vulnerabilities in programming languages through language selection and use
Hardcopy , PDF
English
04-03-2013
09-04-2025
ISO/IEC TR 24772:2013 specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission-critical and business-critical software. In general, this guidance is applicable to the software developed, reviewed, or maintained for any application.
Vulnerabilities are described in a generic manner that is applicable to a broad range of programming languages.
| Committee |
ISO/IEC JTC 1/SC 22
|
| DocumentType |
Standard
|
| Pages |
319
|
| PublisherName |
International Organization for Standardization
|
| Status |
Withdrawn
|
| SupersededBy | |
| Supersedes |
| Standards | Relationship |
| NEN NPR ISO/IEC TR 24772 : 2013 | Identical |
| PD ISO/IEC TR 24772:2013 | Identical |
| ISO/IEC TS 17961:2013 | Information technology — Programming languages, their environments and system software interfaces — C secure coding rules |
| PD ISO/IEC TS 17961:2013 | Information technology. Programming languages, their environments and system software interfaces. C secure coding rules |
| BS ISO/IEC/IEEE 23026:2015 | Systems and software engineering. Engineering and management of websites for systems, software, and services information |
| ISO/IEC/IEEE 23026:2015 | Systems and software engineering — Engineering and management of websites for systems, software, and services information |
| ISO/IEC TR 10000-1:1998 | Information technology — Framework and taxonomy of International Standardized Profiles — Part 1: General principles and documentation framework |
| ISO/IEC 2382-1:1993 | Information technology — Vocabulary — Part 1: Fundamental terms |
| ISO/IEC 30170:2012 | Information technology — Programming languages — Ruby |
| ISO/IEC 15291:1999 | Information technology — Programming languages — Ada Semantic Interface Specification (ASIS) |
| IEC 61508-5:2010 | Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 5: Examples of methods for the determination of safety integrity levels (see Functional Safety and IEC 61508) |
| IEC 61508-4:2010 | Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 4: Definitions and abbreviations (see Functional Safety and IEC 61508) |
| IEC 61508-3:2010 | Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 3: Software requirements (see Functional Safety and IEC 61508) |
| ISO/IEC/IEEE 60559:2011 | Information technology — Microprocessor Systems — Floating-Point arithmetic |
| ISO/IEC TR 15942:2000 | Information technology — Programming languages — Guide for the use of the Ada programming language in high integrity systems |
| ISO 80000-2:2009 | Quantities and units — Part 2: Mathematical signs and symbols to be used in the natural sciences and technology |
| ISO/IEC 1539-1:2010 | Information technology — Programming languages — Fortran — Part 1: Base language |
| ISO/IEC 9899:2011 | Information technology — Programming languages — C |
| IEC 61508-6:2010 | Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 6: Guidelines on the application of IEC 61508-2 and IEC 61508-3 (see Functional Safety and IEC 61508) |
| ISO/IEC TR 24731-1:2007 | Information technology — Programming languages, their environments and system software interfaces — Extensions to the C library — Part 1: Bounds-checking interfaces |
| ISO/IEC TR 24718:2005 | Information technology — Programming languages — Guide for the use of the Ada Ravenscar Profile in high integrity systems |
| IEC 61508-1:2010 | Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 1: General requirements (see Functional Safety and IEC 61508) |
| IEEE 754-2008 REDLINE | IEEE Standard for Floating-Point Arithmetic |
| ISO/IEC 8652:2012 | Information technology — Programming languages — Ada |
| IEC 61508-7:2010 | Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 7: Overview of techniques and measures (see Functional Safety and IEC 61508) |
| IEC 61508-2:2010 | Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 2: Requirements for electrical/electronic/programmable electronic safety-related systems (see Functional Safety and IEC 61508) |
Access your standards online with a subscription
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.
Important note : Users cannot be edited or removed once added to your Multi user PDF.