[langsec-discuss] NASA's 10 Coding Commandments
munin at mimisbrunnr.net
Sun Jul 26 16:55:55 UTC 2015
MISRA-C is the longer version of this: http://www.misra-c.com/ <http://www.misra-c.com/>
If you can buy or find a copy, it goes into a lot of detail on how to make a C codebase conform. The MISRA standard seems to be about both minimizing surprise due to technical difficulties, like compiler and linker bugs / specification mis-matches, and also due to the sociological / organizational process of writing software.
It would be interesting to see how rules like this correlate with empirical data about bugs in software, but gathering that data is hard. We’re trying, though…
> On Jul 25, 2015, at 11:23 PM, travis+ml-langsec at subspacefield.org wrote:
> http://www.subspacefield.org/~travis/ | if spammer then john at subspacefield.org
> "Computer crime, the glamor crime of the 1970s, will become in the
> 1980s one of the greatest sources of preventable business loss."
> John M. Carroll, "Computer Security", first edition cover flap, 1977
> langsec-discuss mailing list
> langsec-discuss at mail.langsec.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the langsec-discuss