Presentation is loading. Please wait.

Presentation is loading. Please wait.

For OWGV Meeting #1, 2006 June, Washington, DC, USA 1D2-060622 Conveners Remarks, Meeting #1 of ISO/IEC JTC 1/SC 22/OWG:V Jim Moore Convener, ISO/IEC JTC.

Published byMaya Gordon Modified over 11 years ago

Similar presentations

Presentation on theme: "For OWGV Meeting #1, 2006 June, Washington, DC, USA 1D2-060622 Conveners Remarks, Meeting #1 of ISO/IEC JTC 1/SC 22/OWG:V Jim Moore Convener, ISO/IEC JTC."— Presentation transcript:

1 For OWGV Meeting #1, 2006 June, Washington, DC, USA 1D2-060622 Conveners Remarks, Meeting #1 of ISO/IEC JTC 1/SC 22/OWG:V Jim Moore Convener, ISO/IEC JTC 1/SC 22/OWG Vulnerability James.W.Moore@ieee.org

2 For OWGV Meeting #1, 2006 June, Washington, DC, USA 2D2-060622 Cyber Security is a Growing Problem -- From Joe Jarzombek, PMP, Director for Software Assurance, NCSD, DHS

3 For OWGV Meeting #1, 2006 June, Washington, DC, USA 3D2-060622 Threat -- From Joe Jarzombek, PMP, Director for Software Assurance, NCSD, DHS The problem has implications for: Safety Privacy Security Economy Even national security

4 For OWGV Meeting #1, 2006 June, Washington, DC, USA 4D2-060622 Government Response -- From Joe Jarzombek, PMP, Director for Software Assurance, NCSD, DHS There are initiatives underway in the US, in both Defense and Homeland Security.

5 For OWGV Meeting #1, 2006 June, Washington, DC, USA 5D2-060622 Relationship of Software Assurance to Other Disciplines

6 For OWGV Meeting #1, 2006 June, Washington, DC, USA 6D2-060622 Relationship of Software Assurance to Other Disciplines Some avoidable mistakes are encouraged by poor usage (arguably, poor design) of programming languages.

7 For OWGV Meeting #1, 2006 June, Washington, DC, USA 7D2-060622 Problem Any programming language has constructs that are imperfectly defined, implementation- dependent or difficult to use correctly. As a result, software programs sometimes execute differently than intended by the writer. In some cases, these vulnerabilities can be exploited by unfriendly parties. –Can compromise safety, security and privacy. –Can be used to make additional attacks.

8 For OWGV Meeting #1, 2006 June, Washington, DC, USA 8D2-060622 Complicating Factors The choice of programming language for a project is not solely a technical decision and is not made solely by software engineers. Some vulnerabilities cannot be mitigated by better use of the language but require mitigation by other methods, e.g. review, static analysis.

9 For OWGV Meeting #1, 2006 June, Washington, DC, USA 9D2-060622 JTC1TC176TC65 ISOIEC SC7SC27 Quality MgmtSafety IT SecuritySoftware and Systems Engineering SC22 Programming Languages Relevant International Standards Committees

10 For OWGV Meeting #1, 2006 June, Washington, DC, USA 10D2-060622 Officers John Hill, Chair, ISO/IEC JTC 1/SC 22 Sally Seitz (ANSI), Secretariat, SC 22 Jim Moore, Convener, SC 22/OWGV John Benito, Co-Convener, SC 22/OWGV Secretary ? Project Editor ?

11 For OWGV Meeting #1, 2006 June, Washington, DC, USA 11D2-060622 Participation ParticipantNB DelegateWG LiaisonOther Liaison John BenitoUSWG14 (C) Ben BrosgolRT/SC Java Rod ChapmanSPARK Franco GasperoniFrance (HOD) Cesar Gonzalez-PerezSC 7/WG 19 Barry HedquistUS Kiyoshi IshihataJapan (HOD) Rex JaeschkeUS (HOD) Derek JonesUK (HOD) Stephen MichellCanada (HOD) Ed de MoelUSMDC (MUMPS) Jim MooreUS Dan NagleUS?J3 (Fortran) Erhard PloederederGermany (HOD)WG9 (Ada) Tom PlumUS?ECMA TC39/TG2 (C#) Robert SeacordCERT Barry Tauber?J4 (Cobol)

12 For OWGV Meeting #1, 2006 June, Washington, DC, USA 12D2-060622 Progress 2005-10SC 22 approves NP for project 24772. 2005-10SC 22 creates OWGV; Moore is appointed as convener. 2005-11Moore makes information briefing to WG9. 2005-03Benito named as co-convener of OWGV. 2005-03Moore makes information briefing to WG14. Benito briefs WG21. 2005-03Disposition of comments on NP filed. 2006-06Benito makes information briefing to WG9. 2006-06OWGV Meeting #1, 26-27 June, Washington, DC 2006-09OWGV Meeting #2, 14-15 September, London, UK

Download ppt "For OWGV Meeting #1, 2006 June, Washington, DC, USA 1D2-060622 Conveners Remarks, Meeting #1 of ISO/IEC JTC 1/SC 22/OWG:V Jim Moore Convener, ISO/IEC JTC."

Similar presentations

Electric Induction Wireless Commumication Invitation to JTC 1/SC 06 for open review For Ecmas prospective comments and dispositions to the DIS in ISO/IEC.

Electric Induction Wireless Commumication Invitation to JTC 1/SC 06 for open review For Ecmas prospective comments and dispositions to the DIS in ISO/IEC.
1 IAF Working Group on FSMS Azusa Nakagawa-Inoue PAC TC meeting 16 June 2010.

1 IAF Working Group on FSMS Azusa Nakagawa-Inoue PAC TC meeting 16 June 2010.
1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.
Chapter 1 Image Slides Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Chapter 1 Image Slides Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Chapter Overview 13 April 2006 North Star Chapter 1 2006 Program Theme Integrated Product Development Emphasis - Systems Engineering Interaction with Other.

Chapter Overview 13 April 2006 North Star Chapter Program Theme Integrated Product Development Emphasis - Systems Engineering Interaction with Other.
1 Report from ABET Inc. 21 June 2008 Moshe Kam Alternate ABET Director Denver, Colorado.

1 Report from ABET Inc. 21 June 2008 Moshe Kam Alternate ABET Director Denver, Colorado.
For SIGAda Conference, 2005 November, Atlanta 1 A New Standards Project on Avoiding Programming Language Vulnerabilities Jim Moore Liaison Representative.

For SIGAda Conference, 2005 November, Atlanta 1 A New Standards Project on Avoiding Programming Language Vulnerabilities Jim Moore Liaison Representative.
2007-09-15 Blue Pilot Consulting, Inc. 1 A new type of Working Group used for a new SC22 Working Group OWG: Vulnerability John Benito JTC 1/SC 22 WG14.

Blue Pilot Consulting, Inc. 1 A new type of Working Group used for a new SC22 Working Group OWG: Vulnerability John Benito JTC 1/SC 22 WG14.
For OWGV Meeting #1, 2006 June, Washington, DC, USA 1D2-060622 Terms of Reference: ISO/IEC Project 22.24772, Guidance to Avoiding Vulnerabilities in Programming.

For OWGV Meeting #1, 2006 June, Washington, DC, USA 1D Terms of Reference: ISO/IEC Project , Guidance to Avoiding Vulnerabilities in Programming.
Liaison Report: JSR-282 (Real-Time Specification for Java) JSR-302 (Safety-Critical Java Technologies) Liaison Report: JSR-282 (Real-Time Specification.

Liaison Report: JSR-282 (Real-Time Specification for Java) JSR-302 (Safety-Critical Java Technologies) Liaison Report: JSR-282 (Real-Time Specification.
1 Report of Progress of ISO/IEC 24772, Programming Language Vulnerabilities, in ISO/IEC JTC 1/SC 22 John Benito, Convener Jim Moore, Secretary ISO/IEC.

1 Report of Progress of ISO/IEC 24772, Programming Language Vulnerabilities, in ISO/IEC JTC 1/SC 22 John Benito, Convener Jim Moore, Secretary ISO/IEC.
1 OWG: Vulnerability ISO working group on Guidance for Avoiding Vulnerabilities through language selection and use John Benito, Convener Jim Moore, Secretary.

1 OWG: Vulnerability ISO working group on Guidance for Avoiding Vulnerabilities through language selection and use John Benito, Convener Jim Moore, Secretary.
For C Language WG, 2006 March, Berlin 1 A New Standards Project on Avoiding Programming Language Vulnerabilities Jim Moore Liaison Representative from.

For C Language WG, 2006 March, Berlin 1 A New Standards Project on Avoiding Programming Language Vulnerabilities Jim Moore Liaison Representative from.
1 OWG: Vulnerability ISO working group on Guidance for Avoiding Vulnerabilities through language selection and use. ISO/IEC JTC 1/SC 22/ OWGV N0139.

1 OWG: Vulnerability ISO working group on Guidance for Avoiding Vulnerabilities through language selection and use. ISO/IEC JTC 1/SC 22/ OWGV N0139.
1 ISO/IEC JTC 1/SC 22/WG 23 ISO working group on Guidance for Avoiding Vulnerabilities through language selection and use John Benito, Convener Jim Moore,

1 ISO/IEC JTC 1/SC 22/WG 23 ISO working group on Guidance for Avoiding Vulnerabilities through language selection and use John Benito, Convener Jim Moore,
September 2013 ASTM Officers Training Workshop September 2013 ASTM Officers Training Workshop Membership & Roster Maintenance September 2013 ASTM Officers.

September 2013 ASTM Officers Training Workshop September 2013 ASTM Officers Training Workshop Membership & Roster Maintenance September 2013 ASTM Officers.
Doc.: IEEE 802.19-06/0008r2 Submission March 2006 Steve Shellhammer, QualcommSlide 1 EC Summary of PAR Development Notice: This document has been prepared.

Doc.: IEEE /0008r2 Submission March 2006 Steve Shellhammer, QualcommSlide 1 EC Summary of PAR Development Notice: This document has been prepared.
The IEEE and International Standards Steve Mills July 2006 IEEE 802 Plenary.

The IEEE and International Standards Steve Mills July 2006 IEEE 802 Plenary.
Doc.: IEEE 802.15-06-0102-00 Submission March 2006 Robert F. HeileSlide 1 802.15 41st Session of meetings of the IEEE 802.15 Working Group for Wireless.

Doc.: IEEE Submission March 2006 Robert F. HeileSlide st Session of meetings of the IEEE Working Group for Wireless.
Doc.: IEEE 802.15-06-0xxx-00 Submission July 2006 Robert F. HeileSlide 1 802.15 43rd Session of meetings of the IEEE 802.15 Working Group for Wireless.

Doc.: IEEE xxx-00 Submission July 2006 Robert F. HeileSlide rd Session of meetings of the IEEE Working Group for Wireless.

Similar presentations

Ads by Google