This website uses cookies to make the content more user-friendly and effective. By using this website, you agree to the use of cookies. You can find additonal information about the use of cookies and the possibility of objecting to the use of cookies here.

26 - 28 February 2019 // Nuremberg, Germany

Conferences and supporting programme

back to day overview
Session 27 - MISRA C/C++

Write Safe AND Secure Application Code with MISRA C:2012 Vortragssprache Englisch

When examined with a critical eye, the commonly held belief that security and safety critical code are hugely different to each other is a conundrum. Why would that be? Within the safety domain, the aim for software developers is to produce code that performs as required, whilst ensuring that erroneous behaviour does not result in an accident. Within the security domain, their aim is to produce software that performs as required whilst ensuring that manipulation of input data does not result in denial of service or the leaking of sensitive data. Best practise for the development of either safety or security critical code is to apply a formalised software development process, starting with a set of requirements and tracing those requirements through to executable code. Undefined, unspecified and implementation-defined behaviours within the C language can lead to safety or security failures. And data handling errors such as invalid values, domain violations, tainted data, leaking of confidential information can prevent both safety and security objectives from being realised. With so much commonality between the optimal development processes for safety and security critical code, it is a puzzle as to why there is a common misconception that MISRA is just for safety-related not for security-related projects. In response to that misconception, in April 2016, MISRA released “MISRA C:2012 – Addendum 2” which highlights which of the 46 C Secure rules are covered by the MISRA C: 2012 guidelines. Even MISRA C:2012 Amendment 1, written to enhance MISRA C:2012, largely enhances the language of existing checks explaining why they are important from a security perspective with reference to the ISO C Secure Guidelines, particularly with regards to the use of 'untrustworthy data.“ This presentation will discuss how the original MISRA C:2012 document has always targeted concerns such as buffer overruns and memory errors, and why that is important for both safety and security. It will explain why it promotes the detection of inconsistent data use, and why that is pertinent for all critical code. And it will explore the difference in focus between CERT C’s application centric approach to the detection of issues, in contrast to MISRA’s ethos of using design patterns to prevent their introduction. In conclusion, it will describe how the majority of MISRA rules lend themselves to automated checking, and how the associated tools and techniques lend themselves admirably to the quest to provide an outstanding level of robustness and integrity to maximise the security of connected devices in automotive, IIoT, medical devices and beyond.

--- Date: 01.03.2018 Time: 11:30 AM - 12:00 PM Location: Conference Counter NCC Ost

Speakers

man

Mark Richardson

LDRA Limited

top

The selected entry has been placed in your favourites!

If you register you can save your favourites permanently and access all entries even when underway – via laptop or tablet.

You can register an account here to save your settings in the Exhibitors and Products Database and as well as in the Supporting Programme.The registration is not for the TicketShop and ExhibitorShop.

Register now

Your advantages at a glance:

  • Advantage Save your favourites permanently. Use the instant access – mobile too, anytime and anywhere – incl. memo function.
  • Advantage The optional newsletter gives you regular up-to-date information about new exhibitors and products – matched to your interests.
  • Advantage Call up your favourites mobile too! Simply log in and access them at anytime.