Embedded
Achieving memory safety without compromise
by Adam Foltzer (Senior Research Engineer at Galois, a cybersecurity R&D organization)
MARCH 13, 2018
Summary:
- C and C++ are primary in embedded systems
- C and C++ buffer overflows are prevalent in CVE
- C and C++ : compiler, lint, static analysis (false positives, false negatives)
- Memory-safe computer languages - Python, Java, C#, JavaScript
- Embedded memory-safe computer languages - Ivory, Rust
- Ivory by Galois, domain-specific, toolchain generates safe C
- Rust by Mozilla, general-purpose
- Memory-safety by static analysis with reduction of computational complexity
- Small UAV flight control software implemented in Ivory
- Autonomous systems cooperative control (?) implemented in Rust on Windows and embedded Linux by C++ to Rust conversion
- Rust:
- stack and heap operations are automatic (iow managed)
- run-time per compiler (iow no run-time library)
- no garbage collection
- stable as of May'15
- robust on embedded Linux
- maturing on bare metal and RTOS
- Tock RTOS
Conclusion: consider Ivory and Rust for safety-critical applications.