Memory Safety & Why it Matters

April 2024

At the end of February, a significant announcement emerged from the White House, advocating for the widespread use of "memory safe" programming languages. This endorsement, detailed in a press release available here, highlights the crucial role of memory safety in mitigating software vulnerabilities. By pinpointing memory unsafe languages as a primary source of these vulnerabilities, the statement underscores the necessity for increased public and private sector collaboration to elevate the prominence and implementation of memory safe practices. This initiative marks a significant stride towards bolstering memory safety, but it raises questions: What exactly is memory safety, and why is it so crucial for the future of software development??

What is memory safety??

Memory safety can be thought of as a set of guarantees and assurances made by a programming language that prevent a class of vulnerabilities. In other words, by choosing to develop an application in a memory safe language, software can be immunized against an entire type of vulnerability. Unfortunately, that does not guarantee that your software is entirely bug-free or prevent other classes of vulnerabilities, but research indicates that memory vulnerabilities are the root cause of up to 70% of CVEs (Common Vulnerabilities and Exposures).?

How does memory safety work??

There’s two primary ways that memory safety is implemented. Some languages, like Rust, heavily scrutinize code at build-time to ensure that checks are in place to prevent unsafe behavior. Other languages, like Python, provide “garbage collectors” at run time to prevent erroneous memory conditions. Both of these approaches are hugely beneficial to developers because the final product is robust by default.?

Why do we use unsafe languages??

To fully grasp the new prioritization of memory safe languages, it’s important to understand why developers use unsafe languages. Historically, unsafe languages have been the best way to maximize software performance on bare metal systems. In particular, some hardware cannot run the requisite garbage collecting services that some memory safe languages require. This can be either due to resource limitations or compatibility issues. These issues, combined with the maturity if unsafe languages in other development respects, make unsafe languages viable for software developers and end users in some contexts.??

Industrial control systems that operate critical infrastructure are often among the resource constrained hardware that has leveraged unsafe code to allow developers to squeeze system resources for performance. Paradoxically, this means that some of our most important systems are the most vulnerable to exploitation as a result of this. However, memory safe languages offer varying degrees of compatibility with unsafe, allowing new code to be built on top of unsafe code bases. This can potentially ensure that as developers continue to build repositories, new code can provide assurances that were not integrated in earlier versions.?

Why should companies care??

The software development landscape is rapidly evolving, with a marked increase in the demand for memory safety, driven by government advocacy and customer expectations. Consequently, software development companies must adapt their strategies, moving away from unsafe codebases and development environments towards embracing memory safe programming languages wherever feasible.?

Currently, customers are not likely to find vendors who supply software exclusively developed in memory safe languages that meets all their needs. The sheer volume and inherent value of existing unsafe code make it daunting for many projects to transition. Yet, as memory safe languages evolve and their interoperability with traditional code improves, the barriers to adopting these languages are decreasing. Enhanced interoperability means that integrating new, memory-safe features into legacy systems becomes more straightforward, mitigating the costs and complexities of upgrading large-scale projects.?

However, it's crucial to recognize that not all projects can seamlessly switch to memory safe languages due to compatibility issues or the specific resource demands of certain platforms. Despite these challenges, the steady push from governmental bodies, the rising demand from consumers, and the overarching necessity for enhanced security protocols make the shift toward memory safety an imperative for businesses. In the foreseeable future, companies may have to attest to degree of adoption of memory safe languages as part of security, compliance, or insurance requirements.?

Conclusion?

Memory safety represents not just a technological shift but a cultural one in the world of software development. As the White House's push for memory safe programming languages underscores, there's a growing recognition of the role that software infrastructure plays in national and global security. The pivot towards memory safety is more than just an attempt to curb the frequency and severity of cyber-attacks; it's a proactive measure to build a more resilient digital future. As developers and companies navigate this shift, they're not only responding to immediate security concerns but also contributing to a foundation that will support safer, more reliable software systems for years to come. This move towards memory safe languages, therefore, isn't just about preventing the next big data breach; it's about ensuring that our digital infrastructure can support the increasingly complex, interconnected world we live in. By prioritizing memory safety, we're investing in a future where technology can continue to advance without being undermined by fundamental security flaws.?

?

Steve S.?

Datalytica?