Safer C++ with MISRA-C++:2023 and beyond
As a co-author of the MISRA-C++:2023 guidelines and contributor to ISO SC22 WG23 C++ vulnerabilities standard (24772-10) the trainer is in a unique position to provide insights into these safety standards while not being one of the tooling implementors.
You will learn how to write conforming C++ in a constructive way, instead of reacting to compliancy checker warnings. We will look at, for example,
- vulnerabilities of built-in integral types and how to sidestep those.
- using user-defined types to improve the design and decrease vulnerabilities of function interfaces.
- acknowledging vulnerabilities of pointer-like types and how to reduce the need for them.
- MISRA-compliant class design from Rule-of-Zero, Rule of DesDeMovA, Modern Rule-of-Three, to the Rule-of-Five/Six for General Manager types.
- specific vulnerabilities of concurrent code and how upcoming MISRA C++ might address them.
- MISRA-C++ guidelines intended to be deviated, so that such deviation is deliberate, thoughtful, and documented.
- plus more...
This is not a workshop addressing the most recent C++26 features, but cares for modern C++ in high quality and safety and security related setting. If you bring your own code examples and questions to discuss you can make the most out of this workshop and draw from Peter's four decades of experience as a developer and educator in providing developer guidance (First C++ guidelines published 1992), creating reliable software, and teaching software engineering.
Peter Sommerlad is an independent trainer and consultant for modern and safe C++ and software engineering. Before the pandemic, he was professor and director of IFS Institute for Software at FHO/HSR Rapperswil, Switzerland. Peter is co-author of the books POSA Vol.1 and Security Patterns and contributed to "97 things every programmer should know". His goal is to make software simpler and safer and help programmers getting there. Peter is a member of MISRA-C++, Hillside, ACM, IEEE Computer Society, and the ISO WG21 "C++" and WG23 "vulnerabilities" standardization committee.