These minutes were approved at meeting #7.
01 Oct 2007 09:00-12:00, 13:30-17:00
02 Oct 2007 09:00-12:00, 13:30-17:00
03 Oct 2007 09:00-12:00
Royal Kona Resort
75-5852 Alii Drive
Kailua-Kona, HI 96740 USA
Phone: +1-808-329-3111 or +1-800-919-8333
Logistics information [N0096], also see Hotel reservation form [N0058]
InterNational Committee for Information Technology Standards
Plum Hall, Inc.
3 Waihona Box 44610
Kamuela, HI 96743
Email: Thomas Plum
1.1 Opening Comments (Plum, Benito)
John Benito convened the meeting at 9:10 am, Monday, 1 October.
Plum Hall provided a wireless network for the meetings. Tom Plum had to join the meeting late. He welcomed us to the meeting and checked to ensure that our facilities were satisfactory.
1.2 Introduction of Participants/Roll Call
Those attending all or part of the meeting included:
- John Benito, Convener
- Francis Glassborow, UK
- Jens Maurer, WG21
- Stephen Michell, Canada
- Jim Moore, Secretary
- Erhard Ploedereder, Ada Europe, WG9
- Tom Plum, WG14, WG21, ECMA TC39/TG2
- Bjarne Stroustrup, WG21
- Nick Stoughton, SC22 (POSIX), Austin Group
- Larry Wagoner, US
1.3 Procedures for this Meeting (Benito)
The convener briefly reviewed the procedures for the meeting, emphasizing the role of decision-making by consensus.
1.4 Approval of previous Minutes, [N0089] (Moore)
The minutes were approved.
1.5 Review of previous actions items and resolutions, Action Item and Decision Logs
We reviewed the log and updated it.
1.6 Approval of Agenda [N0097]
The agenda was approved.
1.7 Information on Future Meetings.
1.7.1 Future Meeting Schedule
SC22 meets Sep 22-25. We need to meet in either the previous week or the next week.
1.7.2 Future Agenda Items
1.7.3 Future Mailings
2.1 SC 22
At last week's meeting, the OWGV was continued for another year with the same officers. The draft document [N0095] was registered as a PDTR.
No other reports were provided.
3.1 Business Plan and Convener's Report to SC22 [N0094]
The requests made by OWGV were approved at the plenary meeting of SC22.
3.2 Editor's draft 070806 of PDTR 24772 [N0095]
The most current version of the document appears on the Wiki at any given time.
3.3 [Added] Review Wagoner's submission [N0099]
We reviewed the document. Wagoner tried to perform an analysis from the safety point of view that was similar to his earlier analysis from the security point of view. It was difficult to find an empirical analysis of safety vulnerabilities. The best analysis that he could find was Les Hatton's. He tried to convert Hatton's 20 rules to a language-neutral description. Ploedereder said that some rules (e.g. rule 9) are problematic because of decideability issues. Ploedereder said that he would want some agreed wording that requires that such issues must be decideable at reasonable cost.
Wagoner then analyzed MISRA C 2004 for additional rules, as well as the JSF C++ standard and the Holtzmann rules from NASA/JPL.
As we discussed the submission, the secretary made annotations to [N0099], thus creating [N0102].
Tom Plum took an action item: "Consider the practicality of a set of vulnerability descriptions related to object-oriented programming. Consider JSF C++ rules 70 thru 100, 177, 178, 179, 185, 219, as well as OOTIA." [Action Item 06-01]
4.1 Discussion: Should there be a rationale document associated with TR 24772? [Action Item #05-02]
We discussed free availability of the TR. We decided to select a strategy that MITRE should provide the TR as a deliverable to the government. This would provide the rationale for free availability from ISO. The criteria for free availability are in JTC 1 N7269, SC 22 N 4114.
5.1 Review of Decisions Reached
The secretary will annotate the vulnerability database based on the results of the meeting. The convener will update the draft TR. The officers will advise participants when this is done. We would then expect individual participants to update assigned subsets of the vulnerabilities.
5.2 Formal Votes on Resolutions
5.3 Review of Action Items
5.4 Thanks to Host
We thanked our host, Tom Plum of Plum Hall.
The meeting was adjourned at approximately noon on Wednesday.