[C-safe-secure-studygroup] Next Steps for the group - Update to WG14

Aaron Ballman aaron at aaronballman.com
Fri Sep 21 23:09:24 BST 2018 

On Fri, Sep 21, 2018 at 4:05 PM, Robert Seacord <rcseacord at gmail.com> wrote:
> I'm still sort of here, although my travel schedule has made it impossible
> to attend the meetings.
>
> I will be attending the C Standards meeting in Pittsburgh, since it's just
> down the road from me.
>
> We could have a face to face on Friday and maybe make some significant
> progress.  I would imagine that we can secure some rooms since CMU is a big
> campus.
>
> Anyone available on this day for an f2f?

I'll be at the WG14 meetings as well, though I fly back on Friday. I'd
also be fine with an evening session, if people wanted to extend their
day.

~Aaron

>
> On Wed, Sep 19, 2018, 1:23 PM Laurence Urhegyi
> <Laurence.Urhegyi at codethink.co.uk> wrote:
>>
>> We just had the meeting. We only had representation from folks with a
>> safety-critical background, so couldn't make any progress looking through
>> rules,
>> sadly.
>>
>> An update on current position of the group:
>>
>> We currently have no chairperson, as Robert cannot commit to this for the
>> rest
>> of 2018 due to travel schedule. Others in the group cannot take on the
>> role due
>> to other constraints. This means we also don't have enough contribution
>> from
>> people with security-critical expertise: Aaron and Martin have been trying
>> their
>> best but cannot always attend on a regular basis.
>>
>> We're due to present an update at the next WG14 meeting (w/c Mon Oct 15,
>> Pittsburgh, USA). The ideal outcome would be encouraging some additional
>> contributors to come forward, and maybe even a chairperson. At the very
>> least,
>> some group attendees can meet f2f and take stock of where we're at.
>>
>> Below is a first pass of an outline for the update we intend to give. I'd
>> like
>> to request that people review the below and add to it as they see fit. Any
>> contributions are appreciated. In the meantime we'll continue to hold
>> these
>> meetings and hope more people can be available.
>>
>> WG14 Update
>> ~~~~~~~~~~~
>>
>> * We've been working through the MISRA-C rules to triage them to identify
>> whether they'd fit into a Safety, Security or Safety and Security profile
>> for a
>> technical document, where the rules would be aimed at diagnosis by static
>> analysis tools, as opposed to rules for programmers - along with an
>> established
>> deviation process - as MISRA targets.
>> * We're just over half way through the MISRA-C rules.
>> * After this is complete, the plan is move onto writing the new rules for
>> the
>> new technical document, addressing the three profiles mentioned above.
>> * Some attempt has been made to begin writing - or 're-framing' - the
>> rules so
>> that they would be suitable for static analysis tools, but not much
>> progress has
>> been made here.
>> * Overall progress is slower than hoped for.
>> * We currently have no chairperson and a lack of contributions from people
>> with
>> security-critical expertise, due to constraints on availability more than
>> any
>> other factor.
>>
>>
>> _______________________________________________
>> C-safe-secure-studygroup mailing list
>> C-safe-secure-studygroup at lists.trustable.io
>>
>> https://lists.trustable.io/cgi-bin/mailman/listinfo/c-safe-secure-studygroup
>
>
> _______________________________________________
> C-safe-secure-studygroup mailing list
> C-safe-secure-studygroup at lists.trustable.io
> https://lists.trustable.io/cgi-bin/mailman/listinfo/c-safe-secure-studygroup
>

More information about the C-safe-secure-studygroup mailing list