A-2 <IPA International Standardization 2> Johnson, Jim : SO/IEC JTC 1/SC 22/WG 23 Programming Language Vulnerabilities

Date

September 5 (Mon.) 13:15-14:05

Room

Hall-A (International Conference Hall 3F)

Speaker

Johnson, Jim
(U.S. Department of Defence)

Speaker’s profile

Jim Johnson is a computer scientist with the U.S. Department of Defense. He graduated with a B.S. in Computer Science from Texas Tech University and is currently working on a M.S. in Computer Science at the University of Maryland, Baltimore County. He has been working with ISO on guidance to users and designers of programming languages. His focus is on computer vulnerabilities in programming languages.

Presentation title

ISO/IEC JTC 1/SC 22/WG 23 Programming Language Vulnerabilities

Presentation outline

An ISO/IEC working group on Programming Language Vulnerabilities has developed a technical report which identifies vulnerabilities of languages, features of the language that encourage or permit the writing of code containing application vulnerabilities, and suggests ways to mitigate or avoid them. Annexes contain language specific examples and guidance, and have been developed for a variety of languages. An annex specific to the Ruby language has been included in the baseline draft of the technical report’s second edition.