ISO/IEC TR 24772:2013 Preview
Information technology -- Programming languages -- Guidance to avoiding vulnerabilities in programming languages through language selection and use
The electronic version of this International Standard can be downloaded from the ISO/IEC Information Technology Task Force (ITTF) web site
ISO/IEC TR 24772:2013 specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission-critical and business-critical software. In general, this guidance is applicable to the software developed, reviewed, or maintained for any application.
Vulnerabilities are described in a generic manner that is applicable to a broad range of programming languages.
Buy this standard
A standard is reviewed every 5 years