Vulnerable C++
<p>Programming languages contain features that could cause code to behave badly. Either by creating hazards in safety critical software, or by creating entry points for attacks in security-critical software.</p> <p>ISO SC22 WG23 working group collects common language vulnerabilities and provides standards that map the common vulnerabilities to specific programming languages and their mitigations.</p> <p>This talk will give an overview of typical vulnerabilities and will demonstrate examples on how C++ maps to those generic vulnerabilities and how the upcoming standard 24772-10 provides advice for mitigation.</p>
Peter Sommerlad
<p>Peter Sommerlad is a consultant and trainer for Safe Modern C++ and Agile Software Engineering. Peter was professor at and director of IFS Institute for Software at FHO/HSR Rapperswil, Switzerland until February 2020. Peter is co-author of POSA Vol.1 and Security Patterns. He inspired the C++ IDE Cevelop with a unique C++ feedback, refactoring, and code modernization experience. Peter is a member of MISRA-C++, Hillside, ACM, IEEE Computer Society, ACCU, ISO WG23 and the ISO WG21 C++.</p>