This document catalogues common software programming language vulnerabilities and their mitigations in the development of systems where assured behaviour is required for security, safety, mission-critical and business-critical software. In general, this guidance is applicable to the software developed, reviewed, or maintained for any application. This document is Part 1 of a series. Vulnerabilities and their mitigations are described in this document in a generic manner that is applicable to a broad range of programming languages. This document is supplemented by other Parts in this series that describe how vulnerabilities catalogued in this document arise and how they can be mitigated in specific programming languages, such as C, C++, Ada, Java, Python, SPARK, and Fortran.
Status: Under development
Edition: 1Number of pages: 164
Technical Committee: ISO/IEC JTC 1/SC 22 Programming languages, their environments and system software interfaces
- ICS :
- 35.060 Languages used in information technology
This standard contributes to the following Sustainable Development Goals:
Buy this standard
|std 1 124|
|std 2 124||Paper|
ISO/IEC TR 24772-1:2019
ISO/IEC DIS 24772-1Stage: 40.60
Got a question?
Check out our FAQs
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)
Keep up to date with ISO
Sign up to our newsletter for the latest news, views and product information.