[C-safe-secure-studygroup] Next Steps for the group - Update to WG14

Laurence Urhegyi Laurence.Urhegyi at codethink.co.uk
Wed Sep 19 18:23:29 BST 2018 

We just had the meeting. We only had representation from folks with a 
safety-critical background, so couldn't make any progress looking through rules, 
sadly.

An update on current position of the group:

We currently have no chairperson, as Robert cannot commit to this for the rest 
of 2018 due to travel schedule. Others in the group cannot take on the role due 
to other constraints. This means we also don't have enough contribution from 
people with security-critical expertise: Aaron and Martin have been trying their 
best but cannot always attend on a regular basis.

We're due to present an update at the next WG14 meeting (w/c Mon Oct 15, 
Pittsburgh, USA). The ideal outcome would be encouraging some additional 
contributors to come forward, and maybe even a chairperson. At the very least, 
some group attendees can meet f2f and take stock of where we're at.

Below is a first pass of an outline for the update we intend to give. I'd like 
to request that people review the below and add to it as they see fit. Any 
contributions are appreciated. In the meantime we'll continue to hold these 
meetings and hope more people can be available.

WG14 Update
~~~~~~~~~~~

* We've been working through the MISRA-C rules to triage them to identify 
whether they'd fit into a Safety, Security or Safety and Security profile for a 
technical document, where the rules would be aimed at diagnosis by static 
analysis tools, as opposed to rules for programmers - along with an established 
deviation process - as MISRA targets.
* We're just over half way through the MISRA-C rules.
* After this is complete, the plan is move onto writing the new rules for the 
new technical document, addressing the three profiles mentioned above.
* Some attempt has been made to begin writing - or 're-framing' - the rules so 
that they would be suitable for static analysis tools, but not much progress has 
been made here.
* Overall progress is slower than hoped for.
* We currently have no chairperson and a lack of contributions from people with 
security-critical expertise, due to constraints on availability more than any 
other factor.

More information about the C-safe-secure-studygroup mailing list