ISO/IEC TS 17961:2013 Preview
Information technology -- Programming languages, their environments and system software interfaces -- C secure coding rules
ISO/IEC TS 17961:2013 specifies
- rules for secure coding in the C programming language, and
- code examples.
ISO/IEC TS 17961:2013 does not specify
- the mechanism by which these rules are enforced, or
- any particular coding style to be enforced.
Each rule in this Technical Specification is accompanied by code examples. Two distinct kinds of examples are provided:
- noncompliant examples demonstrating language constructs that have weaknesses with potentially exploitable security implications; such examples are expected to elicit a diagnostic from a conforming analyzer for the affected language construct; and
- compliant examples are expected not to elicit a diagnostic.
Buy this standard
A standard is reviewed every 5 years
Revisions / Corrigenda
Now under review
ISO/IEC TS 17961:2013
ISO/IEC TS 17961:2013/Cor 1:2016