Customer Support: +353 (0)1 857 6730

Corporate Website About Us
  • There are no items in your cart
Please enter a keyword to search
Advanced search
Home
BSI
PD ISO/IEC TR 24772:2013

PD ISO/IEC TR 24772:2013

Superseded

Superseded

A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.

View Superseded by

Information technology. Programming languages. Guidance to avoiding vulnerabilities in programming languages through language selection and use

Available format(s)

Hardcopy , PDF

Superseded date

03-04-2020

Superseded by

PD ISO/IEC TR 24772-2:2020
PD ISO/IEC TR 24772-1:2019

Language(s)

English

Published date

31-05-2013

Publisher

British Standards Institution

€416.02
Excluding VAT
EUR
CAD
CHF
CNY
DKK
EUR
GBP
HKD
IDR
INR
JPY
KRW
MXN
NOK
NZD
SEK
SGD
USD
ZAR
Hardcopy - English
PDF - English
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20

Foreword
Introduction
1. Scope
2. Normative references
3. Terms and definitions, symbols and conventions
4. Basic concepts
5. Vulnerability issues
6. Programming Language Vulnerabilities
7. Application Vulnerabilities
8. New Vulnerabilities
Annex A (informative) - Vulnerability Taxonomy and List
Annex B (informative) - Language Specific Vulnerability
        Template
Annex C (informative) - Vulnerability descriptions for
        the language Ada
Annex D (informative) - Vulnerability descriptions for
        the language C
Annex E (informative) - Vulnerability descriptions for
        the language Python
Annex F (informative) - Vulnerability descriptions for
        the language Ruby
Annex G (informative) - Vulnerability descriptions for
        the language SPARK
Annex H (informative) - Vulnerability descriptions for
        the language PHP
Bibliography
Index

Defines software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission-critical and business-critical software.

Committee
IST/5
DocumentType
Standard
Pages
340
PublisherName
British Standards Institution
Status
Superseded
SupersededBy

Standards Relationship
ISO/IEC TR 24772:2013 Identical

ISO/IEC TR 10000-1:1998 Information technology — Framework and taxonomy of International Standardized Profiles — Part 1: General principles and documentation framework
ISO/IEC 2382-1:1993 Information technology Vocabulary Part 1: Fundamental terms
RTCA DO 178 : C2011 SOFTWARE CONSIDERATIONS IN AIRBORNE SYSTEMS AND EQUIPMENT CERTIFICATION
ISO/IEC 30170:2012 Information technology Programming languages Ruby
ISO/IEC 15291:1999 Information technology Programming languages Ada Semantic Interface Specification (ASIS)
IEC 61508-5:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 5: Examples of methods for the determination of safety integrity levels (see Functional Safety and IEC 61508)
IEC 61508-4:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 4: Definitions and abbreviations (see Functional Safety and IEC 61508)
IEC 61508-3:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 3: Software requirements (see Functional Safety and IEC 61508)
ISO/IEC/IEEE 60559:2011 Information technology — Microprocessor Systems — Floating-Point arithmetic
ISO/IEC TR 15942:2000 Information technology — Programming languages — Guide for the use of the Ada programming language in high integrity systems
ISO 80000-2:2009 Quantities and units Part 2: Mathematical signs and symbols to be used in the natural sciences and technology
ISO/IEC 1539-1:2010 Information technology Programming languages Fortran Part 1: Base language
ISO/IEC 9899:2011 Information technology Programming languages C
IEC 61508-6:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 6: Guidelines on the application of IEC 61508-2 and IEC 61508-3 (see Functional Safety and IEC 61508)
ISO/IEC TR 24731-1:2007 Information technology Programming languages, their environments and system software interfaces Extensions to the C library Part 1: Bounds-checking interfaces
ISO/IEC TR 24718:2005 Information technology — Programming languages — Guide for the use of the Ada Ravenscar Profile in high integrity systems
IEC 61508-1:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 1: General requirements (see Functional Safety and IEC 61508)
IEEE 754-2008 REDLINE IEEE Standard for Floating-Point Arithmetic
ISO/IEC 8652:2012 Information technology — Programming languages — Ada
IEC 61508-7:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 7: Overview of techniques and measures (see Functional Safety and IEC 61508)
IEC 61508-2:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 2: Requirements for electrical/electronic/programmable electronic safety-related systems (see Functional Safety and IEC 61508)

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Get in touch with us