[C-safe-secure-studygroup] minutes

Robert Seacord rcseacord at gmail.com
Fri Nov 3 17:33:39 GMT 2017

New Action Items:  Laurence- Add Michael Wong to the study group and wiki

Michael Wong:

financial - safety critical
control systems

nuclear has it's own regulatory

Robert Wong:
Stuff like block chaining

It's it costly to replace.

IEC 16508 Risk identification and classification scheme
bottom two levels are safety-related
top two levels are going to kill-

ASIL levels

What does MISRA address.  Mostly safety-related.

A coding standard.

Don't need a separate profile.
Would want to include undefined behaviors.

One process safety-critical and safety-related systems.

Clive and Aaron gave a brief overview of the study group.

WG14 moving to a final draft of C17.  Planning on publishing next year.


Big change is that we've been using defect wrong.  Not going to have many
defects. We're changing the terminology over to issues and clarification

Not likely to publish any more TCs against.

We can now handle changes in the new mechanism.

Keaton has take over the SC22 chair.

Notes from the WebEx chat:

from Robert Seacord to Everyone:
Hi everybody!  Starting soon...
from Robert Seacord to Everyone:
from Aaron Ballman to Everyone:
extern struct foo *f(size_t *size);
size_t size = 0;
struct foo *fp = f(&size);
char *cp = (char *)fp;
char *buffer = (char *)malloc(size);
if (buffer) {
  for (size_t i = 0; i < size; ++i) {
    buffer[i] = cp[i];
from Aaron Ballman to Everyone:
struct foo *fp2 = (struct foo *)buffer;
from Aaron Ballman to Everyone:
6.2.7 covers compatible types
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.trustable.io/pipermail/c-safe-secure-studygroup/attachments/20171103/feaa78ad/attachment.html>

More information about the C-safe-secure-studygroup mailing list