Document ISO/IEC/JTC 1/SC 22/WG 23 N1003

Draft Minutes Meeting #71
ISO/IEC JTC 1/SC 22/WG2

9 November 2020 1700-1900 UTC


Meeting Location : Zoom





Agenda

71.1 Opening activities

71.1.1 Opening Comments

71.1.2 Introduction of Participants/Roll Call

Stephen Michell (convenor)

David Keaton (SC 22 cair)

Erhard Ploedereder

Tullio Vardanega

Paul Preney

Pat Rogers (WG 9)

71.1.3 Procedures for this Meeting

71.1.4 Approval of previous Minutes of meeting

Not reviewed.

71.1.5 Review of actions items and resolutions, Action Item and Decision Logs (N/A)

Not addressed.

71.1.6 Approval of Agenda

Approved as.

71.1.7 Future Meeting Schedule


2021

#76

TBD Nov 2021

TBE


#75

TBD Sep 2021

With SC 22


#74

TBD Jun 2021

With WG 4 Fortran Committee


#73

19 April 2021

Electronic

1600-1800 UTC

#72

15 Feb 2021

Electronic

1700-1900 UTC












2020

#71

9 Nov 2020

Electronic

1700-1900 UTC






























71.2 Liaison Activities (for in-person meetings only)

71.2.1 PL22.3/WG5 (Fortran)

71.2.2 WG4 (COBOL)

71.2.3 WG9 (Ada) Erhard Ploedereder

71.2.4 PL22.11/WG14 C Clive Pygott

71.2.5 PL22.16/WG21 (C++) Michael Wong

71.2.6 MISRA C Clive Pygott
Next version close to publication. Expect it to address ISO/IEC 9899:20
20.

71.2.7 MISRA (C++) Clive Pygott

71.2.8 SPARK Erhard Ploedereder

71.2.9 Other Liaison Activities or National body reports

71.3. Report from SC 22 (Convenor)



Report from JTC 1 plenary. This morning, JTC 1 reconfirmed its commitment to open documents up to and including the CD ballot stage.



Converting to IS.

The SC 22 committee manager has reported that ISO rejected the free availability of TR 24772-1:2019, TR 24772-2:2020 and 24772-3:2020 because they are technical reports and not technical standards. This leaves us no choice but to reissue the documents as international standards.

SC 32 has been through this process and has had no difficulty gaining free availability for documents that were freely available TR's, and reissued as IS's.

Erhard proposes that we do not attempt to make parts 1, 2 and 3 all international standards at the same time, but to rather quickly do part 1, and if successful and accepted by ISO as freely available, then to make the other documents into IS's.

Discussion:

Tullio agrees with the approach. Clive agrees.

David: Note that we need a new work item proposal for each part, so this approach makes sense.



The process for making TR 24772-1 (and the others) into IS's is to attach the upgraded document to new work item proposals (NWIP) with a simultaneous CD ballot. Once those complete it is followed by a DIS ballot and publication (if no negative comments – otherwise an FDIS is also needed).

The major difference between a TR and an IS is that an IS has normative text and that organizations can claim conformance to it. With all of the guidance that these TR's provide, we surely cannot dictate that every organization implement every recommendation. Therefore, I propose that we add a sub-sub-clause in clause 5 that tells organizations how to claim conformance. The instructions will demand an evaluation of the space that the product or system is intended to fill, determine risks and attack surfaces, and develop a plan to mitigate the risks and minimize the attack surfaces.

In order to mitigate risks and minimize attack surfaces, the organization studies the guidance provided in the relevant 24772 document(s) and decides what guidance must be implemented in the project, and then develops design guides programming guides to meet their requirements.

Then we leave the rest of the document alone, except to reference relevant process documents, such as IEC 61508 series (functional safety standards), the ISO/IEC 27000 series of safety standards, and relevant software engineering standards (possibly ISO/IEC 12207).



70. 4 Document Review

Review of following document activities

Draft IS 24772-1 and draft ISO form 4 (NWIP).

70.6 Review of Assignment of responsibilities

70.7 Resolutions and Action Items


70.8. Adjournment