A-2 <IPA International Standardization 2> Johnson, Jim : SO/IEC JTC 1/SC 22/WG 23 Programming Language Vulnerabilities
September 5 (Mon.) 13:15-14:05
Hall-A (International Conference Hall 3F)
Johnson, Jim
(U.S. Department of Defence)
Jim Johnson is a computer scientist with the U.S. Department of Defense. He graduated with a B.S. in Computer Science from Texas Tech University and is currently working on a M.S. in Computer Science at the University of Maryland, Baltimore County. He has been working with ISO on guidance to users and designers of programming languages. His focus is on computer vulnerabilities in programming languages.
ISO/IEC JTC 1/SC 22/WG 23 Programming Language Vulnerabilities
An ISO/IEC working group on Programming Language Vulnerabilities has developed a technical report which identifies vulnerabilities of languages, features of the language that encourage or permit the writing of code containing application vulnerabilities, and suggests ways to mitigate or avoid them. Annexes contain language specific examples and guidance, and have been developed for a variety of languages. An annex specific to the Ruby language has been included in the baseline draft of the technical report’s second edition.