What Is ISO/IEC TS 17961 (Secure C)?
Here, we provide an overview of ISO/IEC TS 17961 (Secure C) and provided guidance on how to best comply with the secure coding standard.
Read along or jump ahead to the section that interests you the most:
- What Is ISO 17961 (Secure C)?
- ISO/IEC TS 17961 (Secure C) Overview
- Why ISO/IEC TS 17961 (Secure C) Is Important
- How ISO/IEC TS 17961 (Secure C) Works With MISRA
- How to Achieve ISO/IEC TS 17961 (Secure C) Compliance
What Is ISO 17961 (Secure C)?
ISO 17961 is a secure coding standard for C. The full name of the standard is ISO/IEC TS 17961.
It was designed specifically to be enforced by static code analyzers. ISO/IEC TS 17961 helps to ensure fewer false positives are identified when a static code analyzer is used.
ISO/IEC TS 17961 (Secure C) Overview
Before ISO/IEC TS 17961, the use of static analysis to help ensure that code was secure was done in an improvised, as-needed manner. Unfortunately, this resulted in non-uniform coverage of significant security issues.
For that reason, ISO/IEC TS 17961 was developed in order to specify secure coding rules. In addition, the standard requires that static code analyzers identify secure code rule violations in the same manner.
The standard is a combination of two previous ISO publications:
- ISO/IEC TS 17961:2013: This standard is a collection of rules for secure coding in the C programming language as well as provides code examples. The noncompliant code examples that demonstrate language constructs that have weaknesses with potentially exploitable security implications. And, compliant examples that are expected not to elicit a diagnostic.
- ISO/IEC TS 17961:2013/COR 1:2016: This is an update to the previous secure coding standard that includes a new rule for memory allocation.
Why ISO/IEC TS 17961 (Secure C) Is Important
ISO/IEC TS 17961 is important to ensure that safety-critical code written in C is safe, reliable, and secure.
In addition, the standard enforces a baseline set of requirements. This reduces the number of false positives identified by a static code analyzer.
How ISO/IEC TS 17961 (Secure C) Works With MISRA
While ISO/IEC TS 17961 provides developers with secure coding standards for C, it's not the only one. MISRA provides coding standards for developing safety-critical systems. And, MISRA C is the most widely used set of coding guidelines for C around the world.
While originally designed for functional safety, MISRA C also covers security. Included as a part of the third edition of MISRA C, Addendum 2 strengthens code security by illustrating how each MISRA rule maps to the C Secure rules in ISO/IEC TS 17961. This means, if your code is compliant with MISRA C:2012, it is also compliant with ISO/IEC TS 17961.
How to Achieve ISO/IEC TS 17961 (Secure C) Compliance
Complying ISO/IEC TS 17961 can be a challenge unless you have the right software development tools.
Static analyzers —like Klocwork — will help you to meet development guidelines for the production of safe, secure, and reliable software.
Klocwork is certified for developing functional safety software by TÜV-SÜD. And, its compliance taxonomies — including MISRA, AUTOSAR, and CERT — helps developers to identify and address defects sooner.
Using a static code analyzer makes compliance easier by:
- Enforcing coding standards and identifying rule violations.
- Accelerating code reviews and manual testing efforts.
- Reporting on compliance over time and across product versions.
To see how Klocwork will help you accelerate compliance, sign up for our next live demo.