Slide 1

ISO TS 17961:2013

C Secure Coding Rules

What is ISO TS 17961:2013?

ISO/IEC TS 17961 is a comprehensive framework consolidating two prior ISO publications, namely ISO/IEC TS 17961:2013 and ISO/IEC TS 17961:2013/COR 1:2016. The primary objective of this framework is to establish a set of secure coding rules.

  • ISO/IEC TS 17961:2013 comprises a compilation of guidelines designed to ensure secure coding practices in the C programming language. Additionally, it offers code examples that demonstrate both noncompliant and compliant coding approaches. The non-compliant examples highlight language constructs that possess vulnerabilities leading to potential security risks. Conversely, the compliant examples serve as illustrations of code expected to be devoid of diagnostic vulnerabilities.
  • ISO/IEC TS 17961:2013/COR 1:2016 represents an updated version of the aforementioned secure coding standard. It introduces a new rule specifically about memory allocation.

ISO/IEC TS 17961 [ISO/IEC TS 17961:2013] aims to define a fundamental set of prerequisites for analyzers, encompassing static analysis tools and C language compilers, to be employed by vendors seeking to identify insecure code beyond the stipulations of the language standard. These rules are intended to be enforceable through static analysis. The selection of these rules is contingent upon analyzers that can proficiently detect secure coding flaws while minimizing the occurrence of false positives.

How to comply with ISO TS 17961:2013?

Our static analysis tool QA-MISRA can help to comply with ISO/IEC TS 17961.

Start a free trial of QA-MISRA to evaluate your code against ISO/IEC TS 17961 guidelines.

With QA-MISRA there are no hidden extras, coding language variants, or compliance module add-ons. It provides a single solution to automatically check your C or C++ source code for compliance against the most common international software safety and security standards.

  • Highlights coding rule violations
  • Reports unspecified, undefined or compiler-dependent behavior
  • Clearly flags possible runtime issues