ISO/IEC Standards and Standards Proposals Authored by CERT Secure Coding Team Members

The Secure Coding Initiative has long been involved in developing international C standards, and more recently has been involved in developing international C++ standards. This involvement is documented not only by the ISO/IEC TS 17961 C Secure Coding Rules standard we coauthored, but also by the many ISO/IEC standards proposals authored/coauthored by members of the CERT Secure Coding team, which have been submitted for consideration by the international standards bodies' working groups.

These proposals are highly technical, and require extensive understanding of the details of the standards, the language, and platforms the language is used on. Finding problems resulting in proposals is a difficult thing to do, requiring expertise to understand implications of underspecified or wrong standards (versus correct standards, or versus "unspecified but for good reasons"). Identifying these problems and recommending solutions is major work of the standards bodies, and results in more secure code for all who use the coding language, via internationally agreed-upon standards.

ISO/IEC Standard (Co-)Authored by CERT Secure Coding Team Members

ISO/IEC TS 17961 C Secure Coding Rules - This is an international secure coding standard for the C language.

ISO/IEC Standards Proposals (Co-)Authored by CERT Secure Coding Team Members

Standards Proposals for C (WG 14)

N1802 2014/03/13 David Keaton, Correct definition of ctime_s (accepted ISO/IEC JTC 1/SC 22/ WG 14)

N1817 2014/04/02 Aaron Ballman, Harmonize Left-Shift with C++14 Standard

N1813 2014/03/25 Robert C. Seacord, Lock-Free Atomic Object Should be Declared Volatile When Accessed in Signal Handler

N1848 2014 David Svoboda, INT_VBIT &related Macros Specifying Number of Value Bits for an int

N1659 2012/10/25 David Keaton, Clarification of Designated Initializers

N1596 2012/01/13 David Keaton, Preliminary Schedule for SC TS

N1585 2011/10/14 David Keaton, A Response to Comments on the C Annex of TR 24772

N1577 2011/09/20 David Keaton, Rationale for a C Secure Coding Analysis Technical Specification

N1568 2011/03/17 David Keaton, Myers, and Plum, BSI 19 Clarification and Revision

N1549 2010/12/22 David Keaton, Clarifications to Anonymous Structures and Unions

N1450 2010/04/06 David Keaton et al, C Secure Coding Guidelines Study Group Liaison Report

N1406 2009/09/28 David Keaton, Anonymous Member Structures and Unions.

N1342 2008/08/25 David Keaton, Clarification of Composite Type

N1141 2005/09/26 David Keaton, Proposed Encoding Error Behavior for the sprintf_s Function

N940 2001/03/16 David Keaton, Rationale Edits for March 2001 release

N937 2001/03/16 David Keaton, Rationale

N815 1998/02/20 David Keaton, C9X Boolean Type

N840 1998/07/27 David Keaton, Minutes for Copenhagen 1998 (online document not available)

N814 1998/02/05 David Keaton et al, VLA's and decl/code Mixing

N743 1997/06/27 David Keaton, bit-field

N716 1997/06/19 David Keaton, Compound Literals

N497 1995/11/23 David Keaton, Issues Affecting a long long Data Type

N496 1995/11/23 David Prosser & David Keaton, Compound Literals

N495 1995/11/23 David Keaton, Initializer Repetition Counts

N494 1995/11/23 David Keaton et al, Designated Initializers

N427 1995/06/12 David Keaton, RP: Nonzero, Default Initial Values

N366 1994/07/08 David Keaton, Minutes of 06-08 June 94 DPCE Meeting (online document not available)

N357 1994/06/05 Prosser & David Keaton, Compound Literals (online document not available)

N356 1994/06/051211 Prosser & David Keaton, Designated Initializers (online document not available)

N1751 2013/08/30 Aaron Ballman, Thread-Specific Storage Destructor Invocation

N1750 2013/08/30 Aaron Ballman, Implicit thrd_exit

N1478 2010/05/25 David Svoboda, Supporting the 'noreturn' Property in C1x

N1453 2010/04/27 David Svoboda, Supporting the 'noreturn' Property in C1x

N1403 2009/09/28 David Svoboda, Towards Support for Attributes in C

N1381 2009/04/01 David Svoboda, memset_s

N1358 2009/02/10 David Svoboda, Extensions to the C1X Library

N1761 2013/09/28 Robert C. Seacord, TS 17961 for Publication (password protected)

N1718 2013/05/30 Robert C. Seacord, Draft DTS 17961 (without change bars; ent to ISO for DTS ballot)

N1717 2013/05/30 Robert C. Seacord, Draft DTS 17961 (with change bars)

N1715 2013/05/20 Robert C. Seacord, Editor's Report for PDTS 17961 Ballot Responses

N1669 2012/12/22 Robert C. Seacord, Draft of 17961 for PDTS Ballot

N1666 2012/11/14 Robert C. Seacord, Comments on N1663

N1663 2012/11/02 Robert C. Seacord, Working Draft of PDTS 17961

N1662 2012/11/02 Robert C. Seacord, Disposition of N1636

N1624 2012/06/26 Robert C. Seacord, WD TS 17961

N1617 2012/06/04 Robert C. Seacord, Missing divid by zero Entry in Annex J.2

N1610 2012/03/15 Robert C. Seacord, Editor's Report for WD TS 17961

N1609 2012/03/15 Robert C. Seacord, WD TS 17961

N1579 2011/09/20 Robert C. Seacord, C Secure Coding Rules

N1578 2011/09/23 Robert C. Seacord, C Secure Coding Rules Editor's Report

N1393 2009/07/29 Robert C. Seacord, C Secure Coding Guidelines (password protected)

N1339 2008/08/11 Robert C. Seacord, Extensions to the C1X library to enhance security

N1255 2007/09/10 Robert C. Seacord, C Coding standard

N1210 2007/03/21 Robert C. Seacord, Possible Defects in ISO/IEC TR 24731-1

N1209 2007/03/21 Robert C. Seacord, CERT C Programming Language Secure Coding Standard (DRAFT)

N1175 2006/04/28 Robert C. Seacord, Specification for Managed Strings

N1132 2005/08/26 Robert C. Seacord et al, Specification for Managed Strings


Standards Proposals for C++ (WG21)

N3205 2010/11/11 David Svoboda, Delete Operators Default to noexcept

N3167 2010/10/13 David Svoboda, Delete Operators Default to noexcept

N3166 2010/10/13 David Svoboda, Destructors Default to noexcept

N3103 2010/08/23 David Svoboda et al, Security Impact of noexcept

CWG 1381 2011/08/26 David Svoboda, Specify that Implicitly Declared Special Member Functions that Invoke No Other Functions Should Not Allow Exceptions

CWG 1211 2010/10/20 David Svoboda, Misaligned Ivalues

CWG 1914 2014/04/15 Aaron Ballman, Duplicate Standard Attributes

CWG 1915 2014/04/15 Aaron Ballman, Potentially-invoked destructors in non-throwing constructors

CWG 1992 2014/08/27 Martin Sebor/Aaron Ballman, new (std::nothrow) in[N] can throw

LWG 2473 2015/05/08 Aaron Ballman, basic_filebuf's relation to C FILE semantics

LWG 2326 2015/04/08 Stephan T. Lavavej/Aaron Ballman, uniform_int_distribution<unsigned char>should be permitted