| ISO/IEC JTC 1/SC 22/OWG:Vulnerabilities |
Jim Moore, James.W.Moore@ieee.org |
|
This page provides access to all of the working group's official documents as well as some informal ones.
[ Meeting Package ] [ Document Log ] [ Wiki for Informal Documents ] [ Informative Material ]
The most recently issued meeting package is the "Pre-Meeting Package for Meeting #8" [zip]. (Meeting packages are no longer entered in the document log because they consume space with redundant information.) If you're catching up, all documents that predate the meeting package are contained in this package [zip].
[Documents are listed in reverse chronological order]
|
Document Number: 22-OWGV- |
Date Posted | Relationship to Other Docs | Title |
| (Unassigned) | |||
| N0145 | 2008-09-05 | Draft of language-specific annex for Fortran, contributed by Dan Nagle [txt] | |
| N0144 | 2008-09-05 | Proposed template for language specific annexes, contributed by Larry Wagoner [doc] | |
| N0143 | 2008-08-26 | New Vulnerability Descriptions Proposed by J3 (Fortran), contributed by Dan Nagle [doc, pdf] | |
| N0142 | 2008-08-26 | Revised in place on 08-27. | Logistics, OWGV Meeting #9, Stuttgart, Germany, 2008-09-29/10-01, contributed by Erhard Ploedereder [pdf] |
| N0141 | 2008-08-26 | Preliminary Agenda, Meeting #9 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability, Stuttgart, Germany, 29 September 2008 / 01 October 2008, contributed by convener [html] | |
| N0140 | 2008-07-29 | Presentation made by Jim Moore to ISO/IEC JTC 1/SC 22/WG 9 with slide added to record discussion [pdf], 2006-08 | |
| N0139 | 2008-07-29 | Presentation made by John Benito to Military & Aerospace Electronics Forum [pdf], 2008-04 | |
| N0138 | 2008-08-20 | Replaces [N0134] | Editor's draft of PDTR 24772, prepared by John Benito [pdf]. Spreadsheet for providing comments [xls]. |
| N0137 | 2008-07-29 | Business Plan and Convener's Report, ISO/IEC JTC 1/SC 22/OWG:Vulnerability, 2008-07-11, contributed by John Benito [pdf] | |
| N0136 | 2008-07-07 | Results of OWGV Editorial Meeting, 30 June to 02 July 2008, submitted by secretary: [dir] [zip] | |
| N0135 | 2008-06-10 | Preliminary agenda, Editorial Meeting, 30 June - 02 July 2008, submitted by convener [pdf] | |
| N0134 | 2008-06-03 | Replaces [N0125]. Replaced by [N0138]. | Editor's draft of PDTR 24772, prepared by John Benito [pdf] |
| N0133 | 2008-04-16 | Revision of [N0092] | Template for Language-Independent Descriptions of Vulnerabilities, Version 7 [doc] |
| N0132 | 2008-04-10 | Suggested editorial corrections to PDTR, Larry Wagoner [doc] | |
| N0131 | 2008-04-10 | Superseded directory of vulnerabilities, as of 13 March 2008 [zip]. (Posted only for archival purposes.) | |
| N0130 | 2008-04-10 | Schedule moving forward toward PDTR [xls] | |
| N0129 | 2008-04-09 | Disposition of [N0127] and other comments | Disposition of consolidated comments on vulnerability descriptions, prepared by Secretary [xls] |
| N0128 | 2008-04-09 | Unapproved Minutes: Meeting #8 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability, 9-11 April 2008, Amsterdam, Netherlands [html], prepared by secretary | |
| N0127 | 2008-03-31 | Disposition of comments [N0129] | Consolidated comments on vulnerability descriptions, prepared by Secretary [xls] |
| N0126 | Replaces [N0118]. | 2nd Preliminary Agenda: Meeting #8 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability, 9-11 April 2008, Amsterdam, Netherlands [html], prepared by convener | |
| N0125 | 2008-03-26 | Replaces [N0106]. Replaced by [N0134]. | Editor's draft of PDTR 24772, prepared by John Benito [pdf] |
| N0124 | 2008-03-26 | Replaces [N0120]. | Mapping between OWGV language vulnerabilities and the JSF, MISRA C, CERT C, and CERT C++, Version 2, Robert Seacord [xlsx, pdf] |
| N0123 | 2008-03-26 | Editor's Report for Meeting #8, TR 24772 [pdf] | |
| N0122 | 2008-02-14 | Array bounds checking bibliography, Derek Jones [html] | |
| N0121 | 2008-02-14 | Replaces [N0078] | (Revised) "Forms of language specification: Examples from commonly used computer languages" [pdf], Derek Jones |
| N0120 | 2008-02-14 | Replaced by [N0124] | Mapping between OWGV language vulnerabilities and the JSF, MISRA, CERT C, and CERT C++ rule sets, Robert Seacord [xls] |
| N0119 | 2008-02-14 | "A new type of Working Group used for a new SC22 Working Group: OWG Vulnerability", John Benito, convener [pdf] | |
| N0118 | 2008-02-14 | Replaced by [N0126] | Preliminary Agenda: Meeting #8 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability, 9-11 April 2008, Amsterdam, Netherlands [html], prepared by convener |
| N0117 | 2007-12-24 | Replaces [N0112] | Outline of Vulnerability Descriptions, 24 December 2007 (with assignments for update), contributed by John Benito, editor [pdf] |
| N0116 | 2007-12-16 | Safety considerations in programming systems, contributed by Steve Michell [pdf] | |
| N0115 | 2007-12-15 | Commenting spreadsheet to be used in making comments on vulnerability descriptions [xls] | |
| N0114 | 2007-12-15 | Automatically Generated Code, contributed by Robert Seacord [pdf] | |
| N0113 | 2007-12-14 | List of Coding Guideline Documents, contributed by Derek Jones [pdf] | |
| N0112 | 2007-12-14 | Annotation of [N0109]. Replaced by [N0117]. | Proposed organization of vulnerability descriptions (with annotations from OWGV Meeting #7) [pdf] |
| N0111 | 2007-12-15 |
Minutes: Meeting #7 of ISO/JTC1/SC22/OWG: Vulnerability 12-14 December 2007, Pittsburgh, Pennsylvania, USA [html], prepared by Secretary |
|
| N0110 | 2007-12-11 | Final Resolutions of the 20th Plenary meeting of ISO/IEC JTC 1/SC 22, 24-28 September 2007, Singapore [pdf] | |
| N0109 | 2007-12-13 | Annotated as [N0112] | Proposed organization of vulnerability descriptions, contributed by Larry Wagoner [pdf] |
| N0108 | 2007-11-28 | Proposed additions to ISO/IEC PDTR 24772, contributed by C H Pygott [pdf] | |
| N0107 | 2007-11-28 | Editor's report, project 24772, contributed by John Benito [html] | |
| N0106 | 2007-11-28 | Replaces [N0095]. Replaced by [N0125]. | Editor's draft of PDTR 24772, prepared by John Benito [pdf] |
| N0105 | 2007-11-24 | Examples of Mapping MISRA-C Rules to COBOL, contributed by Barry Tauber [pdf] | |
| N0104 | 2007-11-24 | Distinguishing Criticality of Undefined Behavior, contributed by Tom Plum [html] | |
| N0103 | 2007-11-15 | Preliminary Agenda: Meeting #7 of ISO/IEC JTC 1/SC 22/OWG: Vulnerability, 12-14 December 2007, Pittsburgh, Pennsylvania, USA [html], prepared by convener | |
| N0102 | 2007-10-03, corrected 10-25 | Annotates [N0099] | Annotations to N0099 made during Meeting #6 of OWGV [pdf] |
| N0101 | 2007-10-15 | John Benito, "OWG: Vulnerability," [pdf] presentation to conference associated with meeting of ISO/IEC JTC 1/SC 22, 28 September 2007. | |
| N0100 | 2007-10-04, corrected 10-25 |
Minutes: Meeting #6 of ISO/JTC1/SC22/OWG: Vulnerability 1-3 October 2007, Kona, Hawaii, USA [html], prepared by Secretary |
|
| N0099 | 2007-09-29 | Proposal to the ISO/IEC Project 22.24772: Guidance for Avoiding Vulnerabilities through Language Selection and Use, contributed by Larry Wagoner [pdf]. (All of the papers's references can be located using this website's list of [References].) | |
| N0098 | 2007-09-12 | Logistics information for OWGV Meeting #8, Amsterdam, Netherlands [html] | |
| N0097 | 2007-08-20; revised 09-04 |
Preliminary Agenda: Meeting #6 of ISO/JTC1/SC22/OWG: Vulnerability 1-3 October 2007, Kona, Hawaii, USA [html], prepared by convener |
|
| N0096 | 2007-08-06 | See also [N0058] | Logistics information for OWGV Meeting #6, Kona, Hawaii, USA [html]. |
| N0095 | 2007-08-06 | Revises and replaces [N0079]. Replaced by [N0106]. | Editor's draft 070806 of PDTR 24772, prepared by John Benito, submitted for PDTR registration [pdf]. |
| N0094 | 2007-08-03 | Business Plan and Convener's Report, ISO/IEC JTC 1/SC 22/OWG:Vulnerability, 2007-07-31, contributed by John Benito [pdf] | |
| N0093 | 2007-07-24 | Proposed vulnerabilities as of the close of Meeting #5 [dir]. [This is posted only as a snapshot of the results. For the most recent status use the current directory of vulnerability proposals.] | |
| N0092 | 2007-07-24; revised 2007-11-26 | Revises and replaces [N0072]. Revised as [N0133]. | Template for Language-Independent Descriptions of Vulnerabilities, Version 6 [doc] |
| N0091 | 2007-07-24 | Revises and replaces [N0085] | Definitions agreed at Meeting #5 for use in the TR [doc] |
| N0090 | 2007-07-24 | Revises and replaces [N0087] | Text for sub-clause 1.4 [doc], as agreed at Meeting #5. |
| N0089 | 2007-07-20; revised 08-20 | Approved Minutes of 19-20 July 2007 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #5), Ottawa, Canada [html]. | |
| N0088 | 2007-07-16 | . | Liaison Report: JSR-282 (Real-Time Specification for Java) and JSR-302 (Safety-Critical Java Technologies), Ben Brosgol (pdf) |
| N0087 | 2007-07-13 | Replaced by [N0090] | "Possible text for sub-clause 1.4" [doc], contributed by Jim Moore. |
| N0086 | 2007-07-13 | "The Physics of a Vulnerability," [pdf] by Bob Martin. Contributed by Jim Moore with the permission of The MITRE Corporation. | |
| N0085 | 2007-07-12 | [Replaced by N0091] | "Definition of Vulnerability" [pdf], contribution by Ben Brosgol, 12 July 2007. |
| N0084 | 2007-07-12 | Replaces [N0073]. | (2nd Revision) "Proposal to the ISO/IEC Project 22.24772: Guidance for Avoiding Vulnerabilities through Language Selection and Use" [pdf]; directory of proposed vulnerability descriptions [dir, zip]; and cover note [pdf] -- personal contribution by Larry Wagoner, 11 July 2007 |
| N0083 | 2007-07-02 | Comments on “Software for Dependable Systems”, contribution by Tom Plum [html] | |
| N0082 | 2007-07-02 | James W. Moore and Robert Seacord, "Secure Coding becomes Standard," [pdf] presentation to Systems and Software Technology Conference (SSTC), June 19, 2007. Also see related article. | |
| N0081 | 2007-07-01 | VOIDED | Pre-Meeting Package, Meeting #5 [zip] -- Instructions: Unzip the file into a folder on your machine; open the folder; double-click on "index"; a small local web site will come up in your web browser. |
| N0080 | 2007-06-30 |
Agenda: Meeting #5 of ISO/JTC1/SC22/OWG: Vulnerability 18th - 20th July 2007, Ottawa, Canada [html], prepared by convener |
|
| N0079 | 2007-06-30 | Revises and replaces [N0074]. | Editor's draft 070629 of PDTR 24772, prepared by John Benito [pdf]. |
| N0078 | 2007-06-30 | Revises and replaces [N0060]. Replaced by [N0121] | (Revised) "Forms of language specification: Examples from commonly used computer languages" [pdf] and directory of proposed vulnerability descriptions [dir, zip], personal contribution from Derek M. Jones |
| N0077 | 2007-06-04 | VOIDED | Post-Meeting Package, Meeting #4 [zip] -- Instructions: Unzip the file into a folder on your machine; open the folder; double-click on "index"; a small local web site will come up in your web browser. |
| N0076 | 2007-06-01 | Logistics information for OWGV Meeting #5, Ottawa, Canada [html]. | |
| N0075 | 2007-05-10 | Responds to [N0070] and [N0071]. | Response of ISO/IEC JTC 1/SC 22/OWGV to: ISO/IEC JTC 1/SC 27 N5494, "JTC 1/SC 27/WG 4 Liaison Statement to JTC 1/SC 22 on Collaborative work on Application Security"; and to ISO/IEC JTC 1/SC 27 N5482, "Report of the Application Security meeting, held in Glenburn Lodge (South Africa), Nov. 17th 2006" [pdf] |
| N0074 | Revises and replaces [N0061]. Replaced by [N0079]. | Editor's draft 3 of intended PDTR 24772, prepared by John Benito [pdf] | |
| N0073 | 2007-06-30 |
Replaces [N0066], [N0067], and [N0068]. Replaced by [N0084]. |
(Revised) "Proposal to the ISO/IEC Project 22.24772: Guidance for Avoiding Vulnerabilities through Language Selection and Use" [pdf] and directory of proposed vulnerability descriptions [dir, zip], personal contribution by Larry Wagoner, 21 June 2007 |
| N0072 | 2007-05-05 | Replaces [N0056]. Replaced by [N0092]. | Template for Language-Independent Descriptions of Vulnerabilities, Version 5 [html] |
| N0071 | 2007-04-30 | Refers to [N0070] | ISO/IEC JTC 1/SC 27 N5494, "JTC 1/SC 27/WG 4 Liaison Statement to JTC 1/SC 22 on Collaborative work on Application Security" [pdf] |
| N0070 | 2007-04-30 | Referenced by [N0071] | ISO/IEC JTC 1/SC 27 N5482, "Report of the Application Security meeting, held in Glenburn Lodge (South Africa), Nov. 17th 2006" [pdf] |
| N0069 | 2007-04-30 | Approved Minutes of 30 April-2 May 2007 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #4), Padua, Italy [html]. | |
| N0068 | 2007-04-23 | Part 3 of [N0066], [N0067], and [N0068]. Superceded by [N0073]. | "Proposal to the ISO/IEC Project 22.24772: Guidance for Avoiding Vulnerabilities through Language Selection and Use: Vulnerabilities to Address in CWE - Part 3" [pdf], personal contribution by Larry Wagoner. |
| N0067 | 2007-04-18 | Part 2 of [N0066], [N0067], and [N0068] Superceded by [N0073]. | "Proposal to the ISO/IEC Project 22.24772: Guidance for Avoiding Vulnerabilities through Language Selection and Use: Vulnerabilities to Address in CWE," Part 2 [pdf], personal contribution by Larry Wagoner |
| N0066 | 2007-04-11 | Part 1 of [N0066], [N0067], and [N0068] Superceded by [N0073]. | "Proposal to the ISO/IEC Project 22.24772: Guidance for Avoiding Vulnerabilities through Language Selection and Use" [pdf], personal contribution by Larry Wagoner |
| N0065 | 2007-04-05 | VOIDED | Pre-Meeting Package, Meeting #4 [zip] -- Instructions: Unzip the file into a folder on your machine; open the folder; double-click on "index"; a small local web site will come up in your web browser. |
| N0064 | 2007-04-04 | Ben Brosgol and Andy Wellings, "A Comparison of Ada and Real-time Java for Safety-Critical Applications," contributed by Ben Brosgol [pdf]. Posted by permission [txt]. | |
| N0063 | 2007-04-04 | Agenda for 30 April-2 May 2007 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #4), Padua, Italy [html] | |
| N0062 | 2007-04-04 | "Vulnerability, Safety, Security, and Quality," [html] personal contribution by Tom Plum | |
| N0061 | 2007-04-04 | Revises and replaces [N0040]. Replace by [N0074]. | Editor's draft 2 of intended PDTR 24772, prepared by John Benito [pdf] |
| N0060 | 2007-04-04 | Replaced by [N0078]. | "Forms of language specification: Examples from commonly used computer languages," [pdf] contributed by Derek Jones. Permission [txt]. |
| N0059 | 2007-04-04 | Preliminary draft of the CERT C Programming Language Secure Coding Standard [pdf], contributed by Robert Seacord. Permission [txt] | |
| N0058 | 2006-12-29 | See also [N0096] | Hotel registration form for Meeting #6, Kona, Hawaii [pdf]. |
| N0057r | 2006-12-31 | Announcement and logistics information for OWGV Meeting #4, Padua, Italy [pdf]. | |
| N0056 | 2006-12-14 | Related to [N0054] and [N0048]. Superseded by [N0072]. | Various Versions of a Template for Language-Independent Descriptions of Vulnerabilities [html] |
| N0055 | 2006-12-14 | Approved Minutes of 11-13 December 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #3), Washington, DC [html] | |
| N0054 | 2006-12-12 | Revisions to [N0048] | Stephen Michell, Revisions of "Vulnerabilities Issues from TR15942" [pdf] |
| N0053 | 2006-11-22 | VOIDED | Pre-Meeting Package, Meeting #3 [zip] -- Instructions: Unzip the file into a folder on your machine; open the folder; double-click on "index"; a small local web site will come up in your web browser. |
| N0052 | 2006-11-22 | Agenda for 11-13 December 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #3), Washington, DC [html] | |
| N0051 | 2006-11-22 | Derek Jones, Some proposed language vulnerability guidelines, 20 November 2006 [pdf] | |
| N0050 | 2006-11-22 | Derek Jones, Expertise: Discussion of guideline related issues, 28 August 2006 [pdf] | |
| N0049 | 2006-11-22 | Brian Wichmann, Tool assurance for predictable execution, 3 November 2006 [pdf] | |
| N0048r | 2006-12-11 | Compilation of items from [N0013]. | Stephen Michell, Vulnerabilities Issues from TR15942 [pdf]. (Revised) |
| N0047 | 2006-10-17 | VOIDED | Post-Meeting Package, Meeting #2[zip] -- Instructions: Unzip the file into a folder on your machine; open the folder; double-click on "index"; a small local web site will come up in your web browser. |
| N0046 | 2006-09-28 | Meeting information, OWG:V Meeting #3, Washington DC, 11-13 December 2006 [html] | |
| N0045r | 2006-12-15 | Jim Moore, Meeting Report of SC22 Plenary, September 2006 [pdf] (Corrected version) | |
| N0044 | 2006-09-19 | Also see [N0043] | Vulnerability classifications used in QinetiQ report [N0043], submitted by Clive Pygott following Meeting #2 [pdf] |
| N0043 | 2006-09-19 |
Adam Schofield & Clive Pygott, "A Tabulation of the
unpredictable features of the C++ language," September 2006, QINETIQ/S&DU/TIM/CR060019, submitted by Clive Pygott following Meeting #2 [pdf]. Posted by permission [pdf]. |
|
| N0042r | 2006-12-14 | Corrected and Approved Minutes of 14-15 September 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #2), London, UK [html] (These minutes were approved with corrections at Meeting #3.) | |
| N0041 | 2007-04-04 | Paul Caseley, "Dependable software dependent systems?," presentation at Meeting #2 [pdf]. Permission to post [htm] | |
| N0040 | 2006-11-06 | Replaced by [N0061] | Working draft 61106 of intended PDTR 24772 [pdf], prepared by John Benito. |
| N0039 | 2006-09-15 | Also see [N0038] | Clive Pygott, "Summary of the Discussion at the HIRTS DARP C/C++ workshop 25/4/2006", personal submission to Meeting #2 [doc] |
| N0038 | 2006-09-15 | Also see [N0039] | Clive Pygott and Chris Tapp, "Objectives of Coding Standards & MISRA C++", personal submission to Meeting #2 [ppt] |
| N0037 | 2006-09-15 | Also see [N0033] | Derek Jones, "Culture and Education," personal submission to Meeting #2 [pdf] |
| N0036 | 2006-09-15 | Derek Jones, "Developer beliefs about binary operator precedence," personal submission to Meeting #2 [pdf] | |
| N0035 | 2006-08-28 | VOIDED | Pre-Meeting Package, Meeting #2 [zip] -- Instructions: Unzip the file into a folder on your machine; open the folder; double-click on "index"; a small local web site will come up in your web browser. |
| N0034 | 2006-08-28 | Replaces [N0012] | UK Contribution, Proposed Base Document for OWGV [html], revised |
| N0033 | 2006-08-28 | Also see [N0037] | Derek Jones, "Culture and Formal Education Issues: Discussion and Proposed Guidelines," personal submission [pdf] |
| N0032 | 2006-08-24 | Brian Wichmann, "What is Predictable Execution?", personal submission [pdf] | |
| N0031 | 2006-08-22 | Robert Seacord, Email dated 2006-08-22, outlining planned CERT approach to levels, first draft of response to Action Item 01-09 [txt, jpg] | |
| N0030 | 2006-08-08 | Jim Moore, "Proposal for Vulnerability Descriptions", Draft 1, prepared in response to Action Item 01-10 [html] | |
| N0029 | 2006-08-28 | Replaces [N0028] | Agenda for 14-15 September 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #2), London, UK [html] |
| N0028 | 2006-08-14 | Superseded by [N0029] | Preliminary Agenda for 14-15 September 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #2), London, UK [html] |
| N0027 | 2006-07-24 | VOIDED | Post-Meeting Package, Meeting #1[zip] -- Instructions: Unzip the file into a folder on your machine; open the folder; double-click on "index"; a small local web site will come up in your web browser. |
| N0026 | 2006-07-06 | Annual Business Plan and Convener’s Report, ISO/IEC JTC 1/SC22 OWG:Vulnerability [pdf]. (This document was published by SC22 as N4078.) | |
| N0025r | 2006-09-15 | Replaces [N0025] | Corrected and Approved Minutes of 26-27 June 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #1), Washington, DC [html] |
| N0025 | 2006-06-29 | Also see [N0016]. Replaced by [N0025r]. | Minutes of 26-27 June 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #1), Washington, DC [html] |
| N0024 | 2006-06-28 | Replaces [N0015] | James W. Moore, Terms of Reference: ISO/IEC Project 22.24772, “Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use” (Revision resulting from Meeting #1.) [pdf] |
| N0023 | 2006-06-26 | Also see [N0017] | Robert C. Seacord, CERT, "CERT Secure Coding Standards" (Presented at Meeting #1 of OWGV, 27 June 2006) [pdf] |
| N0022 | 2006-06-26 | Also see [N0012] | Derek Jones, UK, "Base Document Proposal" (Presented at Meeting #1 of OWGV, 27 June 2006) [pdf] |
| N0021 | 2006-06-26 | Also see [N0013] | Stephen Michell, Canada, "Ada's approach to Software Vulnerabilities" (Presented at Meeting #1 of OWGV, 27 June 2006) [pdf] |
| N0020 | 2006-06-26 | Derek Jones, UK, Information regarding Meeting #2 of OWGV, 14-15 Sep 2006, London (Presented at Meeting #1 of OWGV, 27 June 2006) [pdf] | |
| N0019 | 2006-06-23 | Robert A. Martin, The MITRE Corporation, "The Common Weakness Enumeration Initiative," (Presented at Meeting #1 of OWGV, 27 June 2006) [pdf] | |
| N0018 | 2006-06-27 | Joe Jarzombek, US Department of Homeland Security, "Considerations in Advancing the National Strategy to Secure Cyberspace," for presentation to Meeting #1 of OWGV, 27 June 2006 [pdf] | |
| N0017 | 2006-06-22 | Also see [N0023] | Robert Seacord, Carnegie-Mellon University CERT, "Secure Coding Standards" (permission to post) [pdf] |
| N0016 | 2006-06-22 | Replaces [N0008] | Revised Agenda for 26-27 June 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #1), Washington, DC [html] |
| N0015 | 2006-06-21 | Superseded by [N0024]. | James W. Moore, Terms of Reference: ISO/IEC Project 22.24772, “Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use” [pdf] |
| N0014 | 2006-06-21 | James W. Moore, Convener’s Remarks, Meeting #1 of ISO/IEC JTC 1/SC 22/OWG:V [pdf] | |
| N0013 | 2006-06-20 | Also see [N0021] | ISO/IEC TR 15942:2000, "Information technology -- Programming languages -- Guide for the use of the Ada programming language in high integrity systems" [web, pdf] |
| N0012 | 2006-06-14 | Also see [N0022]; Superseded by [N0034] | UK Contribution, Proposed Base Document for OWGV [html] |
| N0011 | 2006-05-15 | John Benito, OWG: Vulnerability -- A new type of Working Group used for a new SC22 Working Group, SC 22/WG 9 Meeting, Porto, Portugal [pdf] | |
| N0010 | 2006-04-17 | Meeting Announcement and Logistics for the 19-22 September 2006 JTC 1/SC 22 Plenary in London, England (cover [html], document [pdf]) | |
| N0009 | 2006-04-11 | Meeting information, OWG:V Meeting #1, Washington DC, 26-27 June 2006 [html] | |
| N0008 | 2006-04-13 | Superseded by [N0016] | Preliminary Agenda for 26-27 June 2006 Meeting of ISO/IEC JTC 1/SC 22/OWG:Vulnerability (OWG:V Meeting #1), Washington, DC [html] |
| N0007 | 2006-03-13 | Responds to [N0002] | Disposition of Comments for SC22 N3913, "New Work Item Proposal for Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use" [html]. (This document was published by SC22 as N4027.) |
| N0006 | 2006-03-01 | James W. Moore, A New Standards Project on "Avoiding Programming Language Vulnerabilities", SC 22/WG 14 Meeting, Berlin, Germany [pdf] | |
| N0005 | 2005-11-17 | James W. Moore, A New Standards Project on "Avoiding Programming Language Vulnerabilities", SIGAda Conference and SC 22/WG 9 Meeting, Atlanta, GA [pdf] | |
| N0004 | 2005-10-06 | James W. Moore, "Moving Forward," report to the SC22 High Integrity Study Group Mailer [pdf] | |
| N0003 | 2005-10-02 | Excerpts of SC 22 N 3989, "Resolutions Prepared at the Eighteenth Plenary Meeting of ISO/IEC JTC 1/SC 22, 30 September-2 October 2005, Mont Tremblant, Canada" [pdf] | |
| N0002 | 2005-10-05 | Responds to [N0001] | SC22 N3990, "Summary of Voting for SC 22 N 3913, New Work Item Proposal for Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use" (cover [htm], document [pdf]) |
| N0001 | 2005-06-28 |
SC22 N3913, "New Work Item Proposal for Guidance to Avoiding Vulnerabilities in Programming Languages through Language Selection and Use" (cover [htm], document [htm]) |
Work between meetings on evolving documents and informal document interchange at meetings is performed using a Wiki located at:
http://wiki.dinkumware.com/twiki/bin/view/OWGV/WebHome
login: owgv_view
password: Guidance
These credential suffice to view document on the Wiki. Those who are permitted to change documents will be given a different password as needed.
2008-06: Presentation made by Jim Moore to ISO/IEC JTC 1/SC 22/WG 9 with slide added to record discussion [N0140]
2008-04: Presentation made by John Benito to Military & Aerospace Electronics Forum [N0139]
2008-02: Presentation planned by John Benito, [N0119]
2007-09: Presentation to conference in Singapore, [N0101]
2007-06: Presentation to SSTC Conference, [N0082]
2006-06: Presentation to WG9, Ada language working group [N0011]
2006-03: Presentation to WG14, C language working group [N0006]
| Disclaimer | Most of the items contained in this web site and its associated files and directories are preliminary working material of ISO/IEC JTC 1/SC 22, subject to review and correction. |
The web site is maintained for the convenience of the participants in SC 22/OWG:Vulnerabilities by:
James W. Moore, The MITRE Corporation, 7515 Colshire Drive, McLean, VA 22102, +1.703.983.7396, moorej@mitre.org, James.W.Moore@ieee.org.