[C-safe-secure-studygroup] Meeting Minutes - 21 February 2018
Laurence Urhegyi
laurence.urhegyi at codethink.co.uk
Wed Feb 21 18:45:47 GMT 2018
Hi,
Meeting notes from today (not the 7 feb like i wrongly said in the
subject of the agenda mail).
ACTION: Robert, please add a write up for the two CERT C rules which are
similar to MISRA rule 11.8 - that is exp 40-C and exp 32-C.
For the meet up in Prague: Thursday afternoon if WG14 finishes early, or
meet on Friday, or maybe in a pub one night.
On the topic of our audience and the deviation process (Others please
feel free to add to these notes too):
The outputted document for this study group is for analysers, not for
system developers. So: 'hey, analyser vendor, can your tool diagnose the
following rule?' This is black/white: the tool will either conform or
not. It's up to different organisations to mandate a deviation process.
But we keep seeing MISRA rules which are useful, but we are finding edge
cases and we need a deviation process for these. Can we get analyser
vendors to admit that there needs to be a process for deviations, which
*will* come up at some point? Analyser vendors can have the black/white
position, but what about analyser users? it should be them who have the
deviation? Deviation process for end users?
See the intro to the Any specific changes to the intro - modify the wiki
and post to the list.
Rule 11.8
https://gitlab.com/trustable/C_Safety_and_Security_Rules_Study_Group/wikis/misrarule11.8
Safety profile? Yes
Security profile? Non consensus
Lastly, please check the below list of assigned rules and add an entry
to the wiki page prior to the next meeting.
11.6 - Roberto
11.7 - Gavin
12.4 - Roberto
13.1 - Clive
13.2 - Fulvio
13.3 - Gavin
13.4 - Robert
13.5 - Martin
13.6 - Aaron
14.1 - Roberto
14.2 - Clive
14.3 - Fulvio
14.4 - Robert
15.1 - Aaron
15.2 - Martin
15.3 - Roberto
15.4 - Gavin
15.5 - Robert
15.6 - Fulvio
15.7 - Clive
16.1 - Martin
16.2 - Aaron
More information about the C-safe-secure-studygroup
mailing list