Document ISO/IEC/JTC 1/SC 22/WG 23 N1003

Draft Minutes Meeting #71
ISO/IEC JTC 1/SC 22/WG2

9 November 2020 1700-1900 UTC


Meeting Location : Zoom



Hi,



Stephen Michell is inviting you to a scheduled Zoom meeting.



Topic: ISO/IEC/JTC 1/SC 22/WG 23 Meeting 71

Time: Nov 9, 2020 05:00 PM Universal Time UTC



Join from PC, Mac, Linux, iOS or Android: https://iso.zoom.us/j/92369373206?pwd=YUdST3EveDZ1cHZOaDI0YmtJaGJOUT09

Password: wg23

Or iPhone one-tap :

US: +13126266799,,92369373206# or +13462487799,,92369373206#

Or Telephone:

Dial(for higher quality, dial a number based on your current location):

US: +1 312 626 6799 or +1 346 248 7799 or +1 408 638 0968 or +1 646 876 9923 or +1 669 900 6833 or +1 253 215 8782 or +1 301 715 8592 or 877 853 5247 (Toll Free)

Meeting ID: 923 6937 3206

Password: 486803

International numbers available: https://iso.zoom.us/u/aiFAMIZe9



Or Skype for Business (Lync):

https://iso.zoom.us/skype/92369373206



Agenda

71.1 Opening activities

71.1.1 Opening Comments

71.1.2 Introduction of Participants/Roll Call



71.1.3 Procedures for this Meeting

71.1.4 Approval of previous Minutes of meeting

71.1.5 Review of actions items and resolutions, Action Item and Decision Logs (N/A)

71.1.6 Approval of Agenda

71.1.7 Future Meeting Schedule


2021

#76

TBD Nov 2021

TBE


#75

TBD Sep 2021

With SC 22


#74

TBD Jun 2021

With WG 4 Fortran Committee


#73

19 April 2021

Electronic

1600-1800 UTC

#72

15 Feb 2021

Electronic

1700-1900 UTC












2020

#71

9 Nov 2020

Electronic

1700-1900 UTC






























71.2 Liaison Activities (for in-person meetings only)

71.2.1 PL22.3/WG5 (Fortran)

71.2.2 WG4 (COBOL)

71.2.3 WG9 (Ada) Erhard Ploedereder

71.2.4 PL22.11/WG14 C Clive Pygott

71.2.5 PL22.16/WG21 (C++) Michael Wong
71.2.6 MISRA C Clive Pygott
Next version close to publication. Expect it to address ISO/IEC 9899:2011.

71.2.7 MISRA (C++) Clive Pygott

71.2.8 SPARK Erhard Ploedereder

71.2.9 Other Liaison Activities or National body reports

71.3. Report from SC 22 (Convenor)



This is the only significant issue for this meeting.

The SC 22 committee manager has reported that ISO rejected the free availability of TR 24772-1:2019, TR 24772-2:2020 and 24772-3:2020 because they are technical reports and not technical standards. This leaves us no choice but to reissue the documents as international standards.

SC 32 has been through this process and has had no difficulty gaining free availability for documents that were freely available TR's, and reissued as IS's.

Erhard proposes that we do not attempt to make parts 1, 2 and 3 all international standards at the same time, but to rather quickly do part 1, and if successful and accepted by ISO as freely available, then to make the other documents into IS's.

The process for making TR 24772-1 n(and the others) into IS's is to attach the upgraded document to a new work item proposal (NWIP) with a simultaneous CD ballot. Once those complete it is followed by a DIS ballot and publication (if no negative comments – otherwise an FDIS is also needed).

The major difference between a TR and an IS is that an IS has normative text and that organizations can claim conformance to it. With all of the guidance that these TR's provide, we surely cannot dictate that every organization implement every recommendation. Therefore, I propose that we add a sub-sub-clause in clause 5 that tells organizations how to claim conformance. The instructions will demand an evaluation of the space that the product or system is intended to fill, determine risks and attack surfaces, and develop a plan to mitigate the risks and minimize the attack surfaces.

In order to mitigate risks and minimize attack surfaces, the organization studies the guidance provided in the relevant 24772 document(s) and decides what guidance must be implemented in the project, and then develops design guides programming guides to meet their requirements.

Then we leave the rest of the document alone, except to reference relevant process documents, such as IEC 61508 series (functional safety standards), the ISO/IEC 27000 series of safety standards, and relevant software engineering standards (possibly ISO/IEC 12207).



70. 4 Document Review

Review of following document activities

Draft IS 24772-1 and draft ISO form 4 (NWIP).

70.6 Review of Assignment of responsibilities

70.7 Resolutions and Action Items


70.8. Adjournment