[C-safe-secure-studygroup] Situational Awareness: C-safe-secure-studygroup Discussion in Brno

Thu May 3 09:46:02 BST 2018

Hi Robert and gang

Thanks for the update.

A couple of comments on the below:

>> We haven't had any discussion with MISRA in a long time, and the question
remains what sort of relationship do they hope to have with us.  

Please let me respectfully remind you that, of the regular participants of
the calls and posters to this list, Clive, Fulvio and Roberto (plus me and
Gavin) are all MISRA WG members - and that points raised on here are
frequently discussed within MISRA C, and fed back!

>> It feels to me like they are stalling

I'm not sure what more you want from us?

>> The other question raised by Martin was about schedule and how long all
this was going to take.

The third clarification is: and what is the expected output from the CS&SSG.
it is still ambiguous J

Given that the CS&SSG has focussed almost entirely on MISRA C guidelines so
far, and in general accepted most of our guidelines (with some exceptions),
the output so far could, quite reasonably, be summarised by one-or-more
"Guideline Reclassification Plans" (see MISRA Compliance:2016 section 5)
and/or a set of Deviation Permits - rather than the necessity of creating a
separate/divergent set of MISRA-originated Rules?

That said, the MISRA C WG will review the CS&SSG Wiki comments and feedback
to this (CS&SS) group..

Regards

Andrew

From: Robert Seacord <rcseacord at gmail.com>

Subject: [C-safe-secure-studygroup] Discussion in Brno

Date: 3 May 2018 at 12:44:47 am AEST

To: C Safety and Security Study Group Discussion
<C-safe-secure-studygroup at lists.trustable.io>

Reply-To: C Safety and Security Study Group Discussion
<c-safe-secure-studygroup at lists.trustable.io>

We ended up meeting informally over lunch in Brno during the C Standards
meeting.  Alot of people followed us thinking that we were just going to
lunch, and unfortunately, I'm not sure everyone who intended to attend the
discussion sat at the side of the table where the discussion was taking
place.  Definitely present was:

Robert Seacord

Martin Sebor

Clive Pygott

Aaron Ballman

sort of off in the distance was:

David Keaton

Stephen Mitchell (WG23)

Seated near Martin was a PhD student who eventually realized he picked the
wrong seat.

Unlike Comey, no one took  extemporaneous notes, so here is what I recall of
the discussion.  Feel free to add or subtract if you were present.

We discussed the relationship with MISRA again.  Clive is on the C++ MISRA
group, so was as close of a representative as we had.  We haven't had any
discussion with MISRA in a long time, and the question remains what sort of
relationship do they hope to have with us.  It feels to me like they are
stalling, but perhaps they are just moving imperceptibly slow.  The answer
to this question influence how close we might want to stick to MISRA or how
much freedom we feel we have to diverge.  Aaron made the point that analyzer
vendors might prefer if we stick close so that they don't have to build yet
another set of checkers.  We agreed to raise this topic again with the
broader group.

The other question raised by Martin was about schedule and how long all this
was going to take.  Up until now, we have mostly been going through a
process of learning what is in the MISRA standard, and the MISRA folks have
most likely been learning how the security folks views may be different from
what they are used to.  One suggestion that came up was that perhaps we take
some time off from this MISRA review and attempt to write some actual rules.
The purpose of this exercise is to see how difficult this will be and how
long it might take.  The initial plan was to have each regular attending
study group member to take one rule that we have already reviewed and fully
develop it.  We can discuss this at the next study group meeting as well.

That's about all I can recall for now, although we probably argued about
floating point counters a bit more.

Thanks,

rCs

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.trustable.io/pipermail/c-safe-secure-studygroup/attachments/20180503/fcb15c1e/attachment-0001.html>