Document ISO/IEC/JTC 1/SC 22/WG 23 N0501

Agenda: Meeting #31
ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities
27-28 January 2015

Meeting Times:

26 January 2015: 0900-1700 CST
27 January 2015: 0900-1700 CST

Meeting and Teleconference Information:


Topic: WG 23 meeting 31

Place: Boardwalk Hotel, Kemah, Texas, USA

Date: Monday, 27-28 February 2015

Time: 9:00-17:00, Central Standard Time (1500-2300 UTC)

Meeting Number: 954 288 262

Meeting Password: wg23



Meeting information


Topic: JT 1/SC 22/WG 23 Meeting 31

Date: Every 1 day, from Monday, January 26, 2015 to Tuesday, January 27, 2015

Time: 10:00 am, Eastern Standard Time (New York, GMT-05:00)

Meeting Number: 959 054 189

Meeting Password: wg23



To start or join the online meeting


Go to



Audio conference information


To receive a call back, provide your phone number when you join the meeting, or call the number below and enter the access code.

Call-in toll-free number (UK): 0800-051-3810

Call-in toll number (UK): +44-203-478-5289

Global call-in numbers:

Toll-free dialing restrictions:


Access code:959 054 189



For assistance


1. Go to

2. On the left navigation bar, click "Support".

To add this meeting to your calendar program (for example Microsoft Outlook), click this link:


To check whether you have the appropriate players installed for UCF (Universal Communications Format) rich media files, go to




IMPORTANT NOTICE: This WebEx service includes a feature that allows audio and any documents and other materials exchanged or viewed during the session to be recorded. You should inform all meeting attendees prior to recording if you intend to record the meeting. Please note that any such recordings may be subject to discovery in the event of litigation.


You can contact me at:


Local Contacts:


1. Opening activities

1.1 Opening Comments

1.2 Introduction of Participants/Roll Call

1.3 Procedures for this Meeting

1.4 Approval of previous Minutes

1.5 Review of actions items and resolutions, Action Item and Decision Logs

1.6 Approval of Agenda [N 0459]

1.7 Future Meeting Schedule





15 April


London with C in


TBD Jan-Mar

Monthly teleconference





Oct 27-29 (approx.)

Sep 16-18

June 26-27

New Delhi, India with SC 27


Madrid with Ada Europe


May 25

Teleconference UTC 2000


April 27

Teleconference UTC 2000


March 30

Teleconference UTC 2100


February 23



2. Liaison Activities (as needed)

2.1 SC 22

2.2 PL22.3/WG5 (Fortran)

2.3 WG4 (COBOL)

2.4 WG9 (Ada)

2.5 PL22.11/WG14 (C)

2.6 PL22.16/WG21 (C++)

2.7 Ecma International, TC49/TG2 (C#)

2.8 Ecma International, TC39 (ECMAScript)

2.9 MISRA (C)

2.10 MISRA (C++)

2.11 SPARK

2.12 SC7/WG19 (UML)

2.13 SC27/WG3, WG4 Security

2.14 Other Liaison Activities or National body reports

3. Document Review

1.     DIS 17960 Code Signing

2.     TR 24772 Vulnerabilities

o   Work Plan, Multipart document

o   Differences between Draft V3 and Ada Annex (Erhard)

o   Review of N0485 rework spreadsheet, where we need to confirm or change the recommendations in N485, assign responsibility and decide how to adjust the TR to match the decisions confirmed.

3.     Development of Business Plan

We presently do not have an active project that justifies keeping the WG alive. The business plan sets out the projects underway and what the WG needs from the SC to help it set up the correct projects and organize the work. In the case of WG 23, we have the following needs:

§  We need a project creation at plenary to maintain the TR.

§  We need a project split to create

§  TR24772-2 (main)

§  TR 24772-1 (definitions, vocabulary and general concepts) (just a suggestion for discussion)

§  TR 24772-3 Ada-specific vulnerability analysis

§  TR 24772-4 C-specific vulnerability analysis

§  etc.

§  We need an editor assigned for each part.

4. Other Business

4.1 Assignment of responsibilities

Editor / Editing Group

5. Resolutions

6. Adjournment