Rust and the Prevention of Zero-Day Vulnerabilities

Memory-related vulnerabilities continue to plague the security and reliability of software, especially operating systems and embedded software. A buffer overflow – one of the oldest kinds of software defects – can present an attack surface that is extremely useful to the technically-minded bad actor.

The traditional programming languages for embedded development have included C, C++, and assembly language. These languages have a rich history and are well known and respected. It can’t be understated how impactful that these languages have been on humanity. A 75-year old programmer who studied mathematics in a foreign country and a fresh college graduate fluent in computer engineering are capable of working together and understanding each other’s contributions.

Nevertheless, our world is evolving into one which is more generally tech savvy. The present is one that actively seeks out software vulnerabilities to exploit. These vulnerabilities can be used for somewhat benign reasons (such as rooting an Android phone), while at other times their knowledge is used with significant nefarious or malicious intent. As embedded software professionals, we must agree that our professional standards must advance to ensure that our products will continue to be accepted by end users. People need to trust that their technology is safe. Devices and the software that runs on them should neither be empowered to work against the device owner, nor permitted to violate an end user’s privacy.

To great personal fanfare, the Rust programming language has been integrated into the Linux kernel. Rust is a modern programming language that can run in a VM-less environment. It can also be compiled into efficient machine code. The Rust programming language was designed to prevent very common memory-related defects, such as buffer overflows. This mitigates a huge class of common zero-day security and stability issues from arising.

Inclusion into the Linux Kernel project is extremely significant. The project’s maintainers are conservative in adopting any change because Linux is the most common base for computer operating systems. For example, there are billions of Android phones in use, and Android makes use of the Linux kernel. For the maintainers of that prominent project to deem Rust worthwhile of inclusion should be seen as a very prominent signal. It is a vote of confidence from an extremely competent group of professionals.

I am cautiously optimistic regarding Rust. There is a large learning curve for embedded software developers. Rust code is most similar to other functional programming paradigms. This does not come naturally to most of us in the computer, electrical, hardware, or embedded software engineering fields. It goes without saying that embedded systems’ development requires a diverse group of skills from many different technical and engineering backgrounds. Training and proficiency across all required disciplines is no small task for any organization. Regardless of desire, technical competency, or strength of will, it will take time to realize the benefits of newer programming languages.

As computing professionals, let’s collectively brush up on our functional programming skills. Make some hobby programs in Scala, Haskell, and Scheme. Let’s agree to pilot internal projects and get Rust cross-compiled environments running on our targets. Band together to help solve some of the more critical problems that underlay modern embedded system implementations!