[trustable-software] From security to safety, or the other way around?
Robert Seacord
Robert.Seacord at nccgroup.trust
Tue Sep 27 14:39:27 UTC 2016
Paul,
I think your suggestion is the ideal solution to this problem and that these standards need to be developed and support by the community. I could certainly make the contents of the CERT C Coding Standard available in this fashion.
Thanks,
rCs
-----Original Message-----
From: Paul Sherwood [mailto:paul.sherwood at codethink.co.uk]
Sent: Tuesday, September 27, 2016 7:55 AM
To: andrew at andrewbanks.com; Robert Seacord <Robert.Seacord at nccgroup.trust>
Cc: Discussion about trustable software engineering <trustable-software at lists.veristac.io>
Subject: Re: [trustable-software] From security to safety, or the other way around?
Hi chaps,
it's great to see that established communities like CERT and MISRA are recognising the need to bring safety + security together. Unfortunately I'm not qualified to comment on the details of which direction to push, as i said.
But recognising that creating more and more standards is probably wrong [1], can I ask you both directly:
Would there be any chance to establish an open source model for MISRA and/or CERT, with a view to establish a shared understanding of best-practice together?
My dream scenario would be if we could somehow get to
- a publicly accessible git repository (e.g. on Github, GitLab or
similar)
- containing markdown text
- of one or the other standard (or maybe both)
- licensed in a permissive way
- supporting contributors
- with public discussion and community-led process to drive towards even more widely applicable norms/standards.
br
Paul
[1] https://xkcd.com/927/
More information about the trustable-software
mailing list