Rust and the importance of memory safe systems programming languages

1 SUMMARY As technology has become more and more integrated in our lives, it is becoming more and more important to be able to trust in the security of the systems we use every day. Just like you would not trust a bank with no vault or want to store your mail in an unlocked room, it is of utmost importance to ensure that our technology is also as secure as possible. In this report, I will attempt to demonstrate the importance of memory safe systems programming languages by showing that memory safe languages are the best defense against the most critical security exploits. First, I will begin by introducing memory safety and showing how memory safety and security are intimately linked. Next, I will examine in detail some well-known examples of memory related exploits in order to better understand how to defend against such exploits. Then, I will examine the status quo of defenses against such exploits at the platform level, runtime level and language level. Finally, I will explore how Rust is a unique systems programming language because it guarantees both memory safety and full control. Through this research, I have determined that bringing memory safety to systems programming languages is the best defense against the most important security exploits. Although there is still merit to platform level and runtime level defenses, these will inevitably remain in a constant state of war between attacker and defender because they do not address the fundamental problem of being able to write insecure programs. Rust is an example of such a memory safe programming language that enforces safety and allows for full control and will therefore be instrumental in creating a new class of exploit resistant programs. I hope that this report will demonstrate that it is very di�cult to write vulnerability free programs in memory unsafe languages like C and C++ and encourage more of a move towards modernizing the systems programming landscape.