ISO/IEC TR 24772:2010 信息技术 编程语言 通过语言选择和使用规避编程语言脆弱点的方法指南

标准编号：ISO/IEC TR 24772:2010

中文名称：信息技术 编程语言 通过语言选择和使用规避编程语言脆弱点的方法指南

英文名称：Information technology — Programming languages — Guidance to avoiding vulnerabilities in programming languages through language selection and use

发布日期：2010-10

标准范围

ISO/IEC TR 24772:2010规定了在安全、安全、任务关键型和业务关键型软件需要确保行为的系统开发中，应避免软件编程语言漏洞。一般来说，本指南适用于为任何应用程序开发、审查或维护的软件。漏洞是以一种通用的方式描述的，适用于广泛的编程语言。

ISO/IEC TR 24772:2010 specifies software programming language vulnerabilities to be avoided in the development of systems where assured behaviour is required for security, safety, mission critical and business critical software. In general, this guidance is applicable to the software developed, reviewed, or maintained for any application. Vulnerabilities are described in a generic manner that is applicable to a broad range of programming languages.

标准预览图