Designing and Implementing Safe C++ Applications
Amir Kirsh
This workshop aims to address the design and implementation principles and tactics necessary for creating safe C++ applications. While memory issues will be given proper attention, it's important to note that application safety extends beyond this. To ensure application safety, it is crucial to capture requirements correctly, make appropriate design choices, implement code securely, and conduct testing, static code analysis, and dynamic sanitizing. Through relevant examples and class practice, we will cover the entire life cycle of creating safe C++ applications, and provide a checklist for achieving enhanced safety and improved code quality.
Outline
Safety is a crucial topic for C++. The idea of the workshop is to tackle safety in a very methodical way. Starting from understanding what is safety (and the difference between "security" and "safety"), the threats (risks) and mitigations at all levels of the development life cycle, including coding but not only. We will cover: - Architecture and Design - API design - C++ specific issues and mitigations - Coding best practices - Tools: sanitizers, static code analysis
Amir Kirsh
Amir Kirsh is a C++ lecturer at the Academic College of Tel-Aviv-Yaffo and Tel-Aviv University, previously the Chief Programmer at Comverse, after being CTO and VP R&D at a startup acquired by Comverse. He is also a co-organizer of the annual Core C++ conference and a member of the ISO C++ Israeli National Body.