What Is ISO/IEC TS 17961
ISO/IEC TS 17961 is a secure coding standard for C. It was designed specifically to be enforced by software code analyzers using static analysis techniques. What’s more, ISO/IEC TS 17961 helps to ensure fewer false positives are identified when a static code analyzer is used.
Here, we provide an overview of ISO/IEC TS 17961 and provided guidance on how to best comply with the secure coding standard.
ISO/IEC TS 17961 Overview
Before ISO/IEC TS 17961, the use of static analysis to help ensure that code was secure was done in an improvised, as-needed manner. Unfortunately, this resulted in non-uniform coverage of significant security issues.
For that reason, ISO/IEC TS 17961 was developed in order to specify secure coding rules. In addition, the standard requires that static code analyzers identify secure code rule violations in the same manner.
The standard is a combination of two previous ISO publications:
- ISO/IEC TS 17961:2013: This standard is a collection of rules for secure coding in the C programming language as well as provides code examples. The noncompliant code examples that demonstrate language constructs that have weaknesses with potentially exploitable security implications. And, compliant examples that are expected not to elicit a diagnostic.
- ISO/IEC TS 17961:2013/COR 1:2016: This is an update to the previous secure coding standard that includes a new rule for memory allocation.
Why ISO/IEC TS 17961 Is Important
The intent behind ISO/IEC TS 17961 is to ensure that safety-critical code written in C is safe, reliable, and secure. In addition, the standard enforces a baseline set of requirements that reduces the number of false positives identified by a static code analyzer.
How ISO/IEC TS 17961 Works With MISRA
While ISO/IEC TS 17961 provides developers with secure coding standards for C, it's not the only one. MISRA provides coding standards for developing safety-critical systems. And, MISRA C is the most widely used set of coding guidelines for C around the world.
While originally designed for functional safety, MISRA C also covers security. Included as a part of the third edition of MISRA C, Addendum 2 strengthens code security by illustrating how each MISRA rule maps to the C Secure rules in ISO/IEC TS 17961. Which means, if you code is compliant with MISRA C:2012, it is also compliant with ISO/IEC TS 17961.
ISO/IEC TS 17961 Compliance
Complying with coding standards — such as ISO/IEC TS 17961 — can be a challenge unless you have the right software development tools. Static analyzers —like Klocwork — will help you to meet development guidelines for the production of safe, secure, and reliable software. What’s more, Klocwork is certified for developing functional safety software by TÜV-SÜD. And, its compliance taxonomies — including MISRA, AUTOSAR, and CERT — helps developers to identify and address defects sooner.
Using a static code analyzer makes compliance easier by:
- Enforcing coding standards and identifying rule violations.
- Accelerating code reviews and manual testing efforts.
- Reporting on compliance over time and across product versions.
To see how Klocwork will help you accelerate compliance, request a trial.
Visit Perforce at Embedded World 2020
Stop by booth 4-568 to learn more about using static code analysis for embedded development.