The Secure By Design guidance universally prioritizes using memory safe languages to prevent overflow and other vuln classes. This is not new. Adam Crain presented Applying The Rust Programming Language back at S4x20, over four years ago. The challenge, especially in OT, is we have a lot of code written and deployed in a non-memory safe language. What do we do.
We have two technical sessions addressing this conversion issue at S4x25. And I’m guessing that Matthew Rogers of CISA’s session What Secure By Design Should You Prioritize might have use a memory safe language in it. Here are the sessions.
It’s Not As Simple As “Use A Memory Safe Language with Colin Breck of Tesla
Tuesday on Stage 2: Technical Deep Dives
The US and other governments, OWASP, and almost every authoritative source prioritizes using memory-safe programming languages, discouraging the use of C and C++ and proactively recommending Rust. This is great if you are starting over or can rewrite your codebase.
This session will focus on what is also needed, guidance on how to incrementally move C and C++ forward. The ease of writing memory-safe C++ is getting closer to Rust, WebAssembly can further sandbox code without sacrificing performance, and for projects using languages that are not memory safe, they should publish their security programs and demonstrate their comprehensiveness if they are to be considered for critical infrastructure.
Colin will offer a practitioner’s perspective on memory-safe languages, formal verification, making quality visible, sandboxing with WebAssembly, and embeddeding open-source code written in memory-unsafe languages.
Future software should be memory safe, but secure code is about a lot more than memory safety.
Converting A C++ Codebase To Rust with Mitch Souders of Runsafe Security
Thursday on Stage 3
The guidance is clear … use a memory safe programming language. Great for new projects, but what if you have a 30K lines of code codebase in C++? In this session, Mitch will describe how his team converted this codebase to Rust. It wasn’t easy or straightforward.
He will go into different approaches they took to converting the code, how they verified the code, and what they will do differently next time. And there likely will be a next time as overall the project was a success.