...
ISO/IEC TS 17961 Compared with Other Standards
Coding Standard | C Standard | Security Standard | Safety Standard | International Standard | Whole Language |
|---|---|---|---|---|---|
CWE | None/all | Yes | No | No | N/A |
MISRA C2 | C89 | No | Yes | No | No |
MISRA C3 | C99 | No | Yes | No | No |
CERT C99 | C99 | Yes | No | No | Yes |
CERT C11 | C11 | Yes |
No | No | Yes | |||
ISO/IEC TS 17961 | C11 | Yes | No | Yes | Yes |
A conforming analyzer must be capable of producing a diagnostic for each distinct rule in the technical specification upon detecting a violation of that rule in isolation. If the same program text violates multiple rules simultaneously, a conforming analyzer may aggregate diagnostics but must produce at least one diagnostic. The diagnostic message might be of the form
...
In addition to other goals already stated, the CERT C Coding Standard has been updated for consistency with ISO/IEC TS 17961. Although the documents serve different audiences, consistency between the documents should improve the ability of developers to use ISO/IEC TS 17961–conforming analyzers to find violations of rules from this coding standard. The Secure Coding Validation Suite is a set of tests developed by CERT to validate the rules defined in ISO/IEC TS 17961. These tests are based on the examples in this technical specification and are distributed with a BSD-style license.