Document ISO/IEC/JTC 1/SC 22/WG 23 N0674

Minutes of Meeting #46
ISO/IEC JTC 1/SC 22/WG 23: Programming Language Vulnerabilities
15-16 September 2016


Meeting Location :

Austrian Standards Institute - ASI

Heinestraße 38 A-1020

Vienna Austria


Meeting Times:

15-16 June 2016: 0900-1700 Central European daylight time (0700-1500 UTC)

Agenda

1 Opening activities

1.1 Opening Comments

1.2 Introduction of Participants/Roll Call

Stephen Michell
Erhard Ploedereder
Haibo Li
Chen Hai
Clive Pygott
Keld Simonsen
Ulrich Neumerkel
David Keaton
Yong Woo Lee
Joyce Tokar (webex)
Larry Wagoner (WebEx)
Tullio Vardanega


1.3 Procedures for this Meeting

1.4 Approval of previous Minutes (meeting 45, document N663)

1.5 Review of actions items and resolutions, Action Item and Decision Logs

1.6 Approval of Agenda [N 0667]

1.7 Future Meeting Schedule


2017

pre-mtg-51

20/11/17

Teleconference (UTC 2000, 2 hr)


post-mtg-50

16/10/17

Teleconference (UTC 2000, 2 hr)


#50

17-18 August 2017

BSI London (with SC 22 Plenary)


#49

12-13 June 2017

Vienna, Austria with Ada Europe(2 day)


post-mtg-48

15/05/17

Teleconference (UTC 2000, 2 hr)


#48

6-7 April 2017

IBM Markham, Canada (2 day)


pre-mtg-48

06/03/17

Teleconference (UTC 2100, 2 hr)

#47

23-24 January 2017

Orlando, Florida

Close off Part1 clause 6 and Parts 2 and 3


2016

pre-mtg-47

21/11/16

Teleconference (UTC 2000, 2 hr)

OoClose examination of Part 3 and Part 1

post-mtg-46

11/10/16

Teleconference (UTC 2000, 2 hr)

Close examination of Part 2 and Part 1





















2. Liaison Activities

2.1 SC 22
Examined convenors report. No issues. SC 22 took WG 14 and 17’s technical corrigendum issue and will take it to JTC 1 for consideration and discussion with ITTF.

2.2 PL 22 (Open)

2.3 PL22.3/WG5 (Fortran)

No report.

2.4 WG4 (COBOL)

No report.

2.5 WG9 (Ada)

See xxx. Re WG 9’s work on Part 2. Making good progress. First ballot passed with one no-vote and significant comments. Comments addressed at this meeting with Part 2 editor and will be voted by WG 9 in October.

2.6 PL22.11/WG14 C

Technical Corrigendum for C coding rules was approved and published on Aug 15th.

2.7 PL22.16/WG21 (C++)

No report

2.8 Ecma International, TC49/TG2 (C#) (Stephen Michell)

Convenor and SC 22 chair will work with TC 39 to attempt to get assistance in developing a Part for EcmaScript.

2.9 Ecma International, TC39 (ECMAScript) (Stephen Michell)

Convenor and SC 22 chair will work with TC 39 to attempt to get assistance in developing a Part for EcmaScript.

2.10 MISRA C (Clive Pygott)

No major decisions or issues of note. Producing a TC or addendum that addresses the ISO IEC 17961 C Coding rules.

2.11 MISRA (C++) (Clive Pygott)

Expect a draft update to version 2 by the end of 2017.

2.12 SPARK

Stephen to get together with Florian to get Spark Annex revised.

2.13 SC7/WG19 (UML)

No Report

2.14 SC27/WG3, WG4 Security (Stephen Michell)

No Report

    1. IEC 65A (Safety) (Stephen Michell)

      Contact has been made. Stephen has been added as a technical expert to the committee.

2.16 Other Liaison Activities or National body reports

3. Document Review

3.1 TR 24772-1 Vulnerabilities, language independent

Document N673,

Discussion of fault tolerance (6.37). The current writeup is too much of a tutorial on fault handling and recovery, and not enough analysis on what vulnerabilities arise due to a lack of fault tolerance, or because of fault tolerance (such as a denial of service). Erhard Ploedereder already has an AI for clause 6.37, so no further action is needed here.


We discussed the additional iteration required to synchronize the language-specific parts with Part1. Part 1 has now added some new vulnerabilities in clause 6 for OO features, and 3 vulnerabilities in clause 7 for time-related and clock-related vulnerabilities. Parts 2-8 will require updating to match the clause 6 vulnerabilities, but we shall do this once they have completed this round of revisions.


We agree that we will freeze TR 24772-1 clauses 1 through 6 by meeting 47, so that the other Parts can complete the work and we can ballot in early 2018.

3.2 TR 24772-2 Ada language specific part

Worked with Joyce Tokar, the Part 2 editor to resolve comments on the WG 9 iteration of a revised part 2. No document is posted here as it is still in the hands of WG 9. WG 9 will review the proposed changes at the October meeting and are expected to return the document to WG 23 for consideration.



Post edits here once received from the editor.

3.3 TR 24772-3 C language specific part

Document N0673. We review the document. Changes proposed are included in N0676.

Action

46-01

David Keaton

For TR 24772-3, Propose wording for concurrency vulnerabilities in 6.60 through 6.64.

Open

 

2016-09-16


Action

46-02

Clive Pygott

For TR 24772-3,Produce the initial draft of vulnerability 6.65 (Format Strings).


 

2016-09-16


Action

46-03

Clive Pygott

For TR 24772-3, Revise section 3 of TR 24772-3 following the layout of Part 1 in N0676, move extraneous material to section 4 as appropriate.

Open

 

2016-09-16

Action

46-04

Clive Pygott

Search Part 3 (N0674) for usage of terms contained in clause 3, and remove terms in clause 3 that are not used (or move to clause 4)

Open

 

2016-09-16

Action

46-05

Clive Pygott

Add the statement in N0674 (Part 3) clause 6.X.2 “In addition to the guidance of TR 24772-1 clause 6.X.5”, unless the guidance of Part 1 truly does not also apply.

Open

 

2016-09-16

3.4 TR 24772-4 Python language specific part

Document N0592.

3.5 TR 24772-8 Fortran

Document [N0560] needs review.

3.6 TR 24772-X C++

Consider document [N0582]


3.7 Bibliography for each TR24772 Part

We have an existing AI, but applies only to Part 3. Need



Action

 46-06

Joyce Tokar

Review new clause 5 and bibliography of Part 1 and rationalize any remaining changes in TR 24772-2. (bibliography came from TR 24772:2012 and was for all languages)

Open

 

2016-09-16



Action

46-07

Santiago Uruena Pascual

Review new clause 5 and bibliography of Part 1 and rationalize any remaining changes in TR 24772-4. (bibliography came from TR 24772:2012 and was for all languages)

Open

 

2016-09-16



Action

46-08

Dan Nagel

Review new clause 5 and bibliography of Part 1 and rationalize any remaining changes in TR 24772-8. (bibliography came from TR 24772:2012 and was for all languages)

Open

 

2016-09-16



3.8 Dirty Dozen Rules for C, generic, and other languages

Strategy on how to use and incorporate such rules.

4 Strategy (Face to face meetings only)

We are going to attempt to post almost-concurrent DTR ballots of TR 24772-1, -2 and -3 by the end of 2017. The intention is to stabilize part 1 by April 2017.

The next annexes that we want to do: Spark, PHP and Ruby.

WG 23 should consider planning meetings to optimize interactions with John, Joyce and Florian to initiate the creation of the Spark Park.

Action

46-09

Erhard Ploedereder

Contact John Barnes, Florian Schanda and Joyce Tokar about helping to put together the Spark Part.

Open

 

2016-09-16

Action

46-10

Stephen Michell

Contact The Japan HoD to initiate work on the Ruby Part.

Open

 

2016-09-16

Action

46-11

Larry Wagoner

Explore possibilities to revise the PHP Annex (i.e. create the PHP Part).

Open

 

2016-09-16

5 Publicity (Face to face meetings only)

Those attending conferences, and present if possible (Steve’s presentations on vulnerabilities is posted as N0577 as a starting point).

6 Other Business

6.1 Review of Assignment of responsibilities


7. Resolutions and Action Items


Action

46-01

David Keaton

For TR 24772-3, Propose wording for concurrency vulnerabilities in 6.60 through 6.64.

Open

 

2016-09-16


Action

46-02

Clive Pygott

For TR 24772-3,Produce the initial draft of vulnerability 6.65 (Format Strings).


 

2016-09-16


Action

46-03

Clive Pygott

For TR 24772-3, Revise section 3 of TR 24772-3 following the layout of Part 1 in N0676, move extraneous material to section 4 as appropriate.

Open

 

2016-09-16

Action

46-04

Clive Pygott

Search Part 3 (N0674) for usage of terms contained in clause 3, and remove terms in clause 3 that are not used (or move to clause 4)

Open

 

2016-09-16

Action

46-05

Clive Pygott

Add the statement in N0674 (Part 3) clause 6.X.2 “In addition to the guidance of TR 24772-1 clause 6.X.5”, unless the guidance of Part 1 truly does not also apply.

Open

 

2016-09-16



Action

 46-06

Joyce Tokar

Review new clause 5 and bibliography of Part 1 and rationalize any remaining changes in TR 24772-2. (bibliography came from TR 24772:2012 and was for all languages)

Open

 

2016-09-16



Action

46-07

Santiago Uruena Pascual

Review new clause 5 and bibliography of Part 1 and rationalize any remaining changes in TR 24772-4. (bibliography came from TR 24772:2012 and was for all languages)

Open

 

2016-09-16



Action

46-08

Dan Nagel

Review new clause 5 and bibliography of Part 1 and rationalize any remaining changes in TR 24772-8. (bibliography came from TR 24772:2012 and was for all languages)

Open

 

2016-09-16


Action

46-09

Erhard Ploedereder

Contact John Barnes, Florian Schanda and Joyce Tokar about helping to put together the Spark Part.

Open

 

2016-09-16

Action

46-10

Stephen Michell

Contact The Japan HoD to initiate work on the Ruby Part.

Open

 

2016-09-16

Action

46-11

Larry Wagoner

Explore possibilities to revise the PHP Annex (i.e. create the PHP Part).

Open

 

2016-09-16



8. Adjournment

Adjourned at 1630, 16 September 2016.