Abstract
ISO IEC JTC 1 SC 22 WG 23 Vulnerabilities Working Group is documenting new vulnerabilities in preparation for the release of TR 24772 edition 3. An identified area is in the accounting and management of time in normal systems and real-time systems. Various vulnerabilities related to time are documented, as well as avoidance and mitigations of the issues raised.
- ISO IEC TR 15942:2013, "Information Technology -- Programming Languages -- Guidance on Avoiding Programming Language Vulnerabilities", International Standards Organization, Geneva, Switzerland, 2012Google Scholar
- ISO IEC 8652:2012. "Programming Languages and their Environments -- Programming Language Ada". International Standards Organization, Geneva, Switzerland, 2012.Google Scholar
- Burns, Alan, and Wellings, Andy. "Programming Language Vulnerabilities -- Lets not forget concurrency", International Real Time Ada Workshop 14, ACM Ada Letters, New York, NY, 2012.Google Scholar
- Motor Industry Software Reliability Association. "Guidelines for the Use of the C Languag( s in Vehicle Based Software", 2012 (third edition).Google Scholar
- Motor Industry Software Reliability Association."Guidelines for the Use of the C++ Language in Vehicle Based Software", 2008.Google Scholar
- ISO IEC TR 14592, "Guidance for the use of Ada in high integrity systems", ISO, Geneva Switzerland, 2001.Google Scholar
- Stroustrop, B. "Joint Strike Fighter Air Vehicle C++ Coding Standards for the System Development and Demonstration Program", available from http://www.stroustrup.com/JSF-AV-rules.pdfGoogle Scholar
- "Common Weakness Enumeration", MITRE Corp, cwe.mitre.orgGoogle Scholar
Recommendations
Mitigating program security vulnerabilities: Approaches and challenges
Programs are implemented in a variety of languages and contain serious vulnerabilities which might be exploited to cause security breaches. These vulnerabilities have been exploited in real life and caused damages to related stakeholders such as program ...
Automatic Testing of Program Security Vulnerabilities
COMPSAC '09: Proceedings of the 2009 33rd Annual IEEE International Computer Software and Applications Conference - Volume 02Vulnerabilities in applications and their widespread exploitation through successful attacks are common these days. Testing applications for preventing vulnerabilities is an important step to address this issue. In recent years, a number of security ...






Comments