Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 118th Congress · S. 2226 (PAP) — To authorize appropriations for fiscal year 2024 for military activities of the Department of Defense for military co... · Sec. 1713

Sec. 1713. Policy and guidance on memory-safe software programming

253 words·~1 min read·/bill/118/s/2226/pap/section-1713·

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Not later than 270 days after the date of the enactment of this Act, the Secretary of Defense shall develop a Department of Defense-wide policy and guidance in the form of a directive memorandum to implement the recommendations of the National Security Agency contained in the Software Memory Safety Cybersecurity Information Sheet published by the Agency in November, 2022, regarding memory-safe software programming languages and testing to identify memory-related vulnerabilities in software developed, acquired by, and used by the Department of Defense. The policy required in subsection
(a)shall— establish the conditions and associated approval processes under which a component of the Department may— contract for the development of custom software that includes open source and reused software written in programming languages that are not classified as memory-safe by the Agency; acquire commercial software items that use programming languages that are not classified as memory-safe by the Agency; contract for software-as-a-service where the contractor uses programming languages that are not classified as memory-safe by the Agency; and develop software in Federal Government-owned software factories programming languages that are not classified as memory-safe by the Agency; and establish requirements and processes for employing static and dynamic application security testing that can identify memory-use issues and vulnerabilities and resolve them for software contracted for, developed, or acquired as described in paragraph (1). Not later than 300 days after the date of the enactment of this Act, the Secretary shall provide the congressional defense committees a briefing on the policy and guidance developed under subsection (a).
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.