Memory safe computer languages

Log in or register to post comments
Go To Last Post
19 posts / 0 new
Author
Message
gchapman
gchapman's picture
Level: 10k+ Postman
Joined: Tue. Jan 9, 2007
Posts: 13155 View posts
Location: Clay County, Texas, u.S.A.
#1
Posted by gchapman: Thu. Mar 15, 2018 - 03:59 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Embedded

Achieving memory safety without compromise

by  (Senior Research Engineer at Galois, a cybersecurity R&D organization)

MARCH 13, 2018

https://www.embedded.com/electronics-blogs/say-what-/4460422/Achieving-memory-safety-without-compromise

Summary:

  • C and C++ are primary in embedded systems
  • C and C++ buffer overflows are prevalent in CVE
  • C and C++ : compiler, lint, static analysis (false positives, false negatives)
  • Memory-safe computer languages - Python, Java, C#, JavaScript
  • Embedded memory-safe computer languages - Ivory, Rust
  • Ivory by Galois, domain-specific, toolchain generates safe C
  • Rust by Mozilla, general-purpose
  • Memory-safety by static analysis with reduction of computational complexity
  • Small UAV flight control software implemented in Ivory
  • Autonomous systems cooperative control (?) implemented in Rust on Windows and embedded Linux by C++ to Rust conversion
  • Rust:
  1. stack and heap operations are automatic (iow managed)
  2. run-time per compiler (iow no run-time library)
  3. no garbage collection
  4. stable as of May'15
  5. robust on embedded Linux
  6. maturing on bare metal and RTOS
  7. Tock RTOS

Conclusion: consider Ivory and Rust for safety-critical applications.

 

"Dare to be naïve." - Buckminster Fuller

Tags:

Tools, Compilers and General Programming, Ivory, rust, embedded.com, Tock, RTOS, LLVM, AVR-Rust, SPARK, AdaCore, Microsoft, TypeScript, JavaScript, Node.js, low.js, WebAssembly
Top
gchapman
gchapman's picture
Level: 10k+ Postman
Joined: Tue. Jan 9, 2007
Posts: 13155 View posts
Location: Clay County, Texas, u.S.A.
Posted by gchapman: Thu. Mar 15, 2018 - 04:01 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Galois: Trust in your most critical systems.

https://galois.com/

 

"Dare to be naïve." - Buckminster Fuller

Top
awneil
awneil's picture
Level: 10k+ Postman
Joined: Fri. Jul 1, 2005
Posts: 21318 View posts
Location: Basingstoke, Hampshire, UK
Posted by awneil: Thu. Mar 15, 2018 - 04:17 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Someone else is having quiche for tea ...

 

laugh

Top Tips:

  1. How to properly post source code - see: https://www.avrfreaks.net/comment... - also how to properly include images/pictures
  2. "Garbage" characters on a serial terminal are (almost?) invariably due to wrong baud rate - see: https://learn.sparkfun.com/tutorials/serial-communication
  3. Wrong baud rate is usually due to not running at the speed you thought; check by blinking a LED to see if you get the speed you expected
  4. Difference between a crystal, and a crystal oscillatorhttps://www.avrfreaks.net/comment...
  5. When your question is resolved, mark the solution: https://www.avrfreaks.net/comment...
  6. Beginner's "Getting Started" tips: https://www.avrfreaks.net/comment...
Top
gchapman
gchapman's picture
Level: 10k+ Postman
Joined: Tue. Jan 9, 2007
Posts: 13155 View posts
Location: Clay County, Texas, u.S.A.
Posted by gchapman: Thu. Mar 15, 2018 - 04:19 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Tock Logo

Tock Embedded Operating System

Features

https://www.tockos.org/features

Tock Logo

Tock Embedded Operating System

Hardware

https://www.tockos.org/hardware/

...

Both Hail and imix were design at Universities for our own purposes, but we’re able to make them available with small-run productions funded with grad student rent money. This means they’re not as cheap as they could be.

...

 

Hail

...

SAM4L

(Nordic Semiconductor BLE)

...

... (0.8" x 1.44") (20mm x 36.6mm)

 

imix

Imix on a table

...

SAM4L

(Microchip by Atmel 802.15.4)

(Nordic Semiconductor BLE or ANT)

(True RNG)

(Li-Po charger with clips for 18650)

...

https://github.com/helena-project/imix#imix

 

"Dare to be naïve." - Buckminster Fuller

Top
gchapman
gchapman's picture
Level: 10k+ Postman
Joined: Tue. Jan 9, 2007
Posts: 13155 View posts
Location: Clay County, Texas, u.S.A.
Posted by gchapman: Thu. Mar 15, 2018 - 04:21 PM (Reply to #3)
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

No though for today am considering some Texas BBQ with iced tea wink

 

"Dare to be naïve." - Buckminster Fuller

Top
Bronze Marktheusch
theusch's picture
Level: 10k+ Postman
Joined: Mon. Feb 19, 2001
Posts: 39996 View posts
Location: Wisconsin USA
Posted by theusch: Thu. Mar 15, 2018 - 04:37 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

awneil wrote:
Someone else is having quiche for tea ...

Takes me back...

Real Programmers Don’t Use Pascal

Back in the Golden Era of computers, it was easy to separate the men from the boys
(sometimes called “Real Men” and “Quiche Eaters,” respectively). During this period,
the Real Men were the ones who understood computer programming, and the Quiche
Eaters were the ones who didn’t.
...

A previous work, B. Feirstein’s Real Men Don’t Eat Quiche, a 1982 Pocket Books publication, points out that Real Men don’t “relate” to anything and aren’t afraid of being impersonal.
 

from http://www.usm.uni-muenchen.de/~...

You can put lipstick on a pig, but it is still a pig.

I've never met a pig I didn't like, as long as you have some salt and pepper.

Top
awneil
awneil's picture
Level: 10k+ Postman
Joined: Fri. Jul 1, 2005
Posts: 21318 View posts
Location: Basingstoke, Hampshire, UK
Posted by awneil: Thu. Mar 15, 2018 - 04:43 PM (Reply to #6)
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

yep - that's the reference.

 

Also: https://www.avrfreaks.net/commen...

Top Tips:

  1. How to properly post source code - see: https://www.avrfreaks.net/comment... - also how to properly include images/pictures
  2. "Garbage" characters on a serial terminal are (almost?) invariably due to wrong baud rate - see: https://learn.sparkfun.com/tutorials/serial-communication
  3. Wrong baud rate is usually due to not running at the speed you thought; check by blinking a LED to see if you get the speed you expected
  4. Difference between a crystal, and a crystal oscillatorhttps://www.avrfreaks.net/comment...
  5. When your question is resolved, mark the solution: https://www.avrfreaks.net/comment...
  6. Beginner's "Getting Started" tips: https://www.avrfreaks.net/comment...
Top
gchapman
gchapman's picture
Level: 10k+ Postman
Joined: Tue. Jan 9, 2007
Posts: 13155 View posts
Location: Clay County, Texas, u.S.A.
Posted by gchapman: Thu. Mar 15, 2018 - 05:17 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Hopefully this thread will fare better than

Lets talk about RUST [language]
https://www.avrfreaks.net/forum/lets-talk-about-rust-language

I'm a neophyte at riding herd wink

 

More on AVR LLVM Rust :

 LLVM Logo

LLVM 5 documentation

LLVM 5.0.0 Release Notes

Changes to the AVR Target

http://releases.llvm.org/5.0.1/docs/ReleaseNotes.html#changes-to-the-avr-target

This release consists mainly of bugfixes and implementations of features required for compiling basic Rust programs.

...

  • Support zero-sized types in argument lists; this is impossible in C, but possible in Rust

LLVM 6 was released 08-Mar-2018 though couldn't find any AVR changes; am assuming there are defect corrections :

http://releases.llvm.org/6.0.0/docs/ReleaseNotes.html via http://releases.llvm.org/

 

Rust logo

The Rust Programming Language

https://www.rust-lang.org/en-US/

@avr-rust

GitHub

The AVR-Rust project

https://github.com/avr-rust

 

"Dare to be naïve." - Buckminster Fuller

Top
jfiresto
jfiresto's picture
Level: Resident
Joined: Mon. Oct 7, 2002
Posts: 690 View posts
Location: Germany
Posted by jfiresto: Thu. Mar 15, 2018 - 05:22 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I always thought The Story of Mel was a fine example of memory unsafe programming. I sent a copy to a grizzled veteran of machines from that era and he said it was authentic.

- John

Top
gchapman
gchapman's picture
Level: 10k+ Postman
Joined: Tue. Jan 9, 2007
Posts: 13155 View posts
Location: Clay County, Texas, u.S.A.
Posted by gchapman: Tue. Mar 27, 2018 - 05:31 AM (Reply to #8)
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Rust Internals

Rust Internals

announcements 

Announcing the Embedded Devices Working Group

by japaric

2018-Feb-27

https://internals.rust-lang.org/t/announcing-the-embedded-devices-working-group/6839/1

...

On the team we have people to look over the ARM Cortex-M, AVR, MSP430 and RISCV ecosystems; ...

...

via https://barrgroup.com/resources/firmware-update/v1803 (last section)

 

"Dare to be naïve." - Buckminster Fuller

Top
jgalak
jgalak's picture
Level: Wannabe
Joined: Tue. Jan 9, 2018
Posts: 69 View posts
Posted by jgalak: Wed. Mar 28, 2018 - 06:26 AM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 1

This thread remind me of a song by Bob Kanefsky:

 

http://www.prometheus-music.com/...

Top
Bronze Marktheusch
theusch's picture
Level: 10k+ Postman
Joined: Mon. Feb 19, 2001
Posts: 39996 View posts
Location: Wisconsin USA
Posted by theusch: Wed. Mar 28, 2018 - 12:51 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 1

jgalak wrote:

This thread remind me of a song by Bob Kanefsky:

 

http://www.prometheus-music.com/...

Lyrics can be found https://www.gnu.org/fun/jokes/et...

You can put lipstick on a pig, but it is still a pig.

I've never met a pig I didn't like, as long as you have some salt and pepper.

Top
gchapman
gchapman's picture
Level: 10k+ Postman
Joined: Tue. Jan 9, 2007
Posts: 13155 View posts
Location: Clay County, Texas, u.S.A.
Posted by gchapman: Fri. Dec 21, 2018 - 11:38 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Using Rust Language on Teensy 3.2 (PJRC)

 

"Dare to be naïve." - Buckminster Fuller

Top
gchapman
gchapman's picture
Level: 10k+ Postman
Joined: Tue. Jan 9, 2007
Posts: 13155 View posts
Location: Clay County, Texas, u.S.A.
Posted by gchapman: Thu. Aug 13, 2020 - 07:17 PM (Reply to #10)
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

The Future of Safe Programming | | Circuit Cellar

by Quentin Ochem

Lead of Technical Account Management and Business Development at AdaCore

10/24/2019

How Programming Languages Evolve to Reduce Risks

[1/4 page]

Beyond the Infamous C

[1. ambiguities in C ameliorated by static analysis, 2. lack of contracts with the work-around of links to requirements and the design]

...

For the first issue, an extremely promising example is the Rust language [2] which seems to be getting lot of traction with an imaginative approach to pointer safety. 

[C2x]

...

Initiatives also exist on the second aspect.

[assertions, contracts in C++]

...

 

Ada & SPARK: The New Wave?

[third paragraph]

Using the SPARK subset of Ada together with the corresponding tool support can guarantee that all errors of a certain category have been found, with a very low rate of false alarms.

...

[last paragraph]

It’s therefore no surprise that the Ada and SPARK, which were still a few years ago mostly used within the aerospace domain, are now being adopted by a new wave of users, in industries such as medical devices [7] [8], automotive [9], security [10] and semiconductors [11].

 

The Daunting Legacy

[re-use of C and C++]

... Rust and Ada/SPARK also provide specific support for interfacing with C. 

...

 

[2] The Rust Programming Language...

[5] SPARK

 

...

via AdaCore in the Press - AdaCore

 

"Dare to be naïve." - Buckminster Fuller

Top
avrcandies
avrcandies's picture
Level: Raving Lunatic
Joined: Wed. Jun 30, 2004
Posts: 6224 View posts
Location: Cincinnati Oh
Posted by avrcandies: Fri. Aug 14, 2020 - 12:38 AM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Back in the Golden Era of computers 

Would be interesting to see how the "when" has changed.  If you looked up the golden era of computers you find:

 

  • The golden era of computers was between 1991 and 2001. After 2001, limits...
  • The golden era of computer science innovation began way back in 1970 when Intel came o....
  • I think the 70's and 80's were the golden era of computers. Now everything is dull and boring, canned and strict
  • Sep 16, 2016 - 30 years ago, for those who don't know, was the golden era of computers, where
  • And it got the Mill thinking back to its golden era of computers, where keyboard keys were made out of rubber, owning an Amstrad meant 
  • Back in the good old days - the "Golden Era" of computers - aweful meant awesome. 
  • On the other hand, having lived through a golden era of computers ranging from the ZX Spectrum to todays PC gaming rigs with triple graphic
  • May 15, 2007 - Actually nowadays in the golden era of computers it's easy to listen to a lot of new music every day
  • magazine from the golden era of computers - when Sinclair and Commodore were in common use
  • Ferrite memories were particularly popular between 1950 and 1970, when the golden era of computers was about to begin
  • Something like the "Golden Era" of computers, the 1960s brought to market the first microprocessors. The list begins with the DEC PDP-1

When in the dark remember-the future looks brighter than ever.   I look forward to being able to predict the future!

Top
DocJC
DocJC's picture
Level: 10k+ Postman
Joined: Tue. Dec 11, 2007
Posts: 13284 View posts
Location: Cleveland, OH
Posted by DocJC: Fri. Aug 14, 2020 - 02:05 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

I still recall using a PDP-8, (or was it an 11?), in high school.

It was for a "club", as there were not any formal classes in programming or using the computer.

I learned to integrate the area under a curve, print out Pi to as many decimal places as one wished, and print out some privative "computer art", (think of printing Snoopy using " * " characters on an ASR-33 teletype.

We also played "music" by listening to the computer's EMI on a cheap "transistor" radio.

 

Those memories were brought back by the mention of the PDP-1 in the above list.

I wasn't familiar with that computer, and never used one, but it's history, Wiki PDP-1, is interesting.

 

JC

Top
gchapman
gchapman's picture
Level: 10k+ Postman
Joined: Tue. Jan 9, 2007
Posts: 13155 View posts
Location: Clay County, Texas, u.S.A.
Posted by gchapman: Sat. Sep 19, 2020 - 02:04 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

re Rust

Safe Systems Programming Languages Archives - Microsoft Security Response Center

 

"Dare to be naïve." - Buckminster Fuller

Top
gchapman
gchapman's picture
Level: 10k+ Postman
Joined: Tue. Jan 9, 2007
Posts: 13155 View posts
Location: Clay County, Texas, u.S.A.
Posted by gchapman: Sat. Sep 19, 2020 - 02:25 PM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

TypeScript: Typed JavaScript at Any Scale.

TypeScript extends JavaScript by adding types.

...

TypeScript code is transformed into JavaScript code via the TypeScript compiler or Babel. This JavaScript is clean, simple code which runs anywhere JavaScript runs: In a browser, on Node.JS or in your apps.

...

Node.js

low.js | Node.js for microcontrollers

 

edit :

TypeScript creator: How the programming language beat Microsoft's open-source fears | ZDNet

by September 15, 2020 -- 10:05 GMT (03:05 PDT) | Topic: Enterprise Software

After initial internal Microsoft resistance, open-source TypeScript is now a go-to language for building web apps.

...

 

WHY CREATE TYPESCRIPT?

...

Developers by then had started to build huge JavaScript apps for the browser and were struggling to write them in JavaScript, a language he [TypeScript co-creator Anders Hejlsberg] says lacked key features like modules, classes, and, importantly, a type system for creating order through rules in a program. 

...

 

WHAT IS TYPESCRIPT'S MAIN COMPETITOR? 

...

"But JavaScript is not really a competitor. It is our twin or alter ego," he says. 

...

 

"Dare to be naïve." - Buckminster Fuller

Last Edited: Sat. Sep 19, 2020 - 08:50 PM
Top
gchapman
gchapman's picture
Level: 10k+ Postman
Joined: Tue. Jan 9, 2007
Posts: 13155 View posts
Location: Clay County, Texas, u.S.A.
Posted by gchapman: Fri. Dec 4, 2020 - 05:08 PM (Reply to #18)
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

JavaScript at 25: The programming language that makes the world go round | ZDNet

by December 4, 2020 -- 13:20 GMT (05:20 PST) | Topic: Developer

JavaScript is now the world's most popular programming language even though it started off as a side-kick to Java.

[1/4 page]

Microsoft's TypeScript has grown in popularity on GitHub thanks to the existence of larger JavaScript-based projects, but it too could be unseated by emerging technologies coming through Web Assembly, a specification and language being handled through the World Wide Web Consortium (W3C).

Major web browsers now support WebAssembly or Wasm on a similar level to HTML, CSS, and JavaScript after the body approved the standard in December 2019

...

WebAssembly

Using GNAT-LLVM to target Ada to WebAssembly | The AdaCore Blog

 

"Dare to be naïve." - Buckminster Fuller

Top