ISO/IEC TS 17961:2013 specifies
rules for secure coding in the C programming language, and
ISO/IEC TS 17961:2013 does not specify
the mechanism by which these rules are enforced, or
any particular coding style to be enforced.
Each rule in this Technical Specification is accompanied by code examples. Two distinct kinds of examples are provided:
noncompliant examples demonstrating language constructs that have weaknesses with potentially exploitable security implications; such examples are expected to elicit a diagnostic from a conforming analyzer for the affected language construct; and
compliant examples are expected not to elicit a diagnostic.