IBM Canada, 8200 Warden Ave, Markham Ontario
Meeting Times:
6-7 April 2017: 0900-1700 Eastern Standard Time (1400-2200 UTC)
Stephen Michell
Erhard Ploedereder
Larry Wagoner
Tullio Vardenega (Thursday)
Joyce Tokar (Thursday)
Michael Wong (Thursday)
Aaron Ballman (Friday)
Clive Pygott (WebEx)
David Keaton (Friday)
Tom Scogland (Friday)
Paul Preney
Hubert Tong
approved
|
|
||||
|
2018 |
||||
|
|
|
|
|
|
|
Pre-mtg 56 |
01/11/18 |
|
|
|
|
#55 |
12-14/09/18 |
Toronto, Ontario, Canada |
|
|
|
#54 |
15-16/06/18 |
With WG 9 and Ada Europe |
|
|
|
Pre-mtg-54 |
|
Teleconference |
|
|
|
#53 |
TBD April 2018 |
Brno, Chez Republic |
|
|
|
Pre-mtg 53 |
TBD March 2018 |
Teleconference |
||
|
#52 |
22-23 January 2018 |
Phoenix, AZ, CSA Group office |
||
|
|
||||
|
2017 |
||||
|
pre-mtg-52 |
20/11/17 |
Teleconference (UTC 2000, 2 hr) |
|
|
|
#51 |
6-10 Nov 2017 (possible) |
Sandia, NM if WG 21 SG materializes |
|
|
|
post-mtg-50 |
16/10/17 |
Teleconference (UTC 2000, 2 hr) |
|
|
|
#50 |
17-18 August 2017 |
BSI London (with SC 22 Plenary) |
|
|
|
#49 |
19-20 June 2017 |
Vienna, Austria with Ada Europe(2 day) |
|
|
|
post-mtg-48 |
15/05/17 |
Teleconference (UTC 2000, 2 hr) |
|
|
|
|
|
|
|
|
|
|
|
|
||
|
|
|
|
||
Action items 48-01 through 05 are in N0700 Minutes of pre-meeting 48 WebEx
Latest version of TR24772-1
AI 48-06 – Erhard, Clive - We discuss issues about some C/C++ issues such as const and static. If there is a vulnerability here that is not covered, propose one with a partial writeup. Clive and Erhard.
AI 48-07 – Steve – Clause 6.5, enumeration – write up scoping issue and type promotion/implicit conversions of enumerated types.
AI 48-08 – Steve - Change 6.63 Protocol Lock Errors to Lock protocol errors
Latest version of TR 24772-2 Ada
Latest version of TR 24772-3 C
We note that the concept of explicit casts is missing. A proposal is needed. We may need a ‘const’ vulnerability.
AI 48-09 – Clive: Propose text for clause 4 Language concepts in TR 24772-3 C specific language vulnerabilities, to be reviewed by WG 14 afterward.
Document N0592.
Document [N0560] needs review.
Discussions of document N0691 or later version.
Discussion of reaching out to WG 21. There is a WG 21 SG on undefined behaviour. Idea to create a SG for vulnerabilities (safety and security), connected with the core guidelines. Present to WG 21 in Toronto, July and how WG 21 can participate. Maybe a study group to look at how WG 21 can contribute to TR 24772-10, and to recommend language approaches and features to reduce the vulnerability posture.
AI 48-10 – Stephen Michell - Paper needed by June 19. Form a group to prepare – Stephen, Michael, Paul, Hubert, Erhard (comment), Tullio (comment)
Standards to be aware of
ISO 26262
IEC 61508
People to include, if possible,
Aaron Ballman (aaron@aaronballman.com), David Svoboda, Patrice Roy, Gabriel Dos Reis, David Sankel, Michael Wong
Review how the rules are incorporated into Part 1 and Part 3. Consider the generic rules for other Parts.
Action items 48-01 through 05 are in N0700 Minutes of pre-meeting 48 WebEx
AI 48-06 – Clive Pygott and Erhard Ploedereder – propose a writeup for vulnerabilities associated with static casts, const casts and reinterpretation casts
AI 48-07 – Stephen Michell – Clause 6.5, enumeration – write up scoping issue and type promotion/implicit conversions of enumerated types.
AI 48-08 – Stephen Michell - Change 6.63 Protocol Lock Errors to Lock protocol errors
AI 48-09 – Clive Pygott - Propose text for clause 4 Language concepts in TR 24772-3 C specific language vulnerabilities, to be reviewed by WG 14 afterward.
AI 48-10 – Stephen Michell - Paper for addressing C++ vulnerabilities needed by June 19. Form a group to prepare – Stephen, Michael, Paul, Hubert, Erhard (comment), Tullio (comment)