English
Related papers

Related papers: Is Rust Used Safely by Software Developers?

200 papers

Most programs compiled to WebAssembly (Wasm) today are written in unsafe languages like C and C++. Unfortunately, memory-unsafe C code remains unsafe when compiled to Wasm -- and attackers can exploit buffer overflows and use-after-frees in…

Some approaches to increasing program reliability involve a disciplined use of programming languages so as to minimise the hazards introduced by error-prone features. This is realised by writing code that is constrained to a subset of the a…

Programming Languages · Computer Science 2007-11-06 Guillem Marpons-Ucero , Julio Mariño , Ángel Herranz , Lars-Åke Fredlund , Manuel Carro , Juan José Moreno-Navarro

Microcontroller systems are integral to our daily lives, powering mission-critical applications such as vehicles, medical devices, and industrial control systems. Therefore, it is essential to investigate and outline the challenges…

Cryptography and Security · Computer Science 2025-11-03 Zheyuan Ma , Gaoxiang Liu , Alex Eastman , Kai Kaufman , Md Armanuzzaman , Xi Tan , Katherine Jesse , Robert Walls , Ziming Zhao

Over 70% of security vulnerabilities in critical software systems today result from memory safety violations. To address this challenge, fuzzing and static analysis are widely used automated methods to discover such vulnerabilities. Fuzzing…

Cryptography and Security · Computer Science 2026-03-31 Keno Hassler , Philipp Görz , Stephan Lipp

This work introduces a new approach to building crash-safe file systems for persistent memory. We exploit the fact that Rust's typestate pattern allows compile-time enforcement of a specific order of operations. We introduce a novel…

Operating Systems · Computer Science 2024-06-17 Hayley LeBlanc , Nathan Taylor , James Bornholt , Vijay Chidambaram

Weird machines---the computational models accessible by exploiting security vulnerabilities---arise from the difference between the model a programmer has in her head of how her program should run and the implementation that actually…

Cryptography and Security · Computer Science 2019-11-04 Jennifer Paykin , Eric Mertens , Mark Tullsen , Luke Maurer , Benoît Razet , Alexander Bakst , Scott Moore

Write-ahead logs (WALs) are a fundamental fault-tolerance technique found in many areas of computer science. WALs must be reliable while maintaining high performance, because all operations will be written to the WAL to ensure their…

Operating Systems · Computer Science 2025-07-18 Vitor K. F. Pellegatti , Gustavo M. D. Vieira

The C and C++ programming languages are notoriously insecure yet remain indispensable. Developers therefore resort to a multi-pronged approach to find security issues before adversaries. These include manual, static, and dynamic program…

Cryptography and Security · Computer Science 2018-06-13 Dokyung Song , Julian Lettner , Prabhu Rajasekaran , Yeoul Na , Stijn Volckaert , Per Larsen , Michael Franz

Effective software safety standards will contribute to confidence, or assurance, in the safety of the systems in which the software is used. It is infeasible to demonstrate a correlation between standards and accidents, but there is an…

Software Engineering · Computer Science 2014-04-29 John A. McDermid

Rust is a general-purpose programming language that is both type- and memory-safe. Rust does not use a garbage collector, but rather achieves these properties through a sophisticated, but complex, type system. Doing so makes Rust very…

Software Engineering · Computer Science 2022-02-16 Michael Coblenz , Michelle Mazurek , Michael Hicks

In December 2023, security agencies from five countries in North America, Europe, and the south Pacific produced a document encouraging senior executives in all software producing organizations to take responsibility for and oversight of…

Programming Languages · Computer Science 2024-07-19 Lee Barney , Adolfo Neto

Permission systems which restrict access to system resources are a well-established technology in operating systems, especially for smartphones. However, as such systems are implemented in the operating system they can at most manage access…

Programming Languages · Computer Science 2025-06-16 Lukas Gehring , Sebastian Rehms , Florian Tschorsch

We present a new type of attack in which source code is maliciously encoded so that it appears different to a compiler and to the human eye. This attack exploits subtleties in text-encoding standards such as Unicode to produce source code…

Cryptography and Security · Computer Science 2023-03-09 Nicholas Boucher , Ross Anderson

Reinforcement Learning (RL) is being increasingly used to learn and adapt application behavior in many domains, including large-scale and safety critical systems, as for example, autonomous driving. With the advent of plug-n-play RL…

Software Engineering · Computer Science 2023-08-04 Nicolás Cardozo , Ivana Dusparic , Christian Cabrera

This paper explores the extent to which regular expressions (regexes) are portable across programming languages. Many languages offer similar regex syntaxes, and it would be natural to assume that regexes can be ported across language…

Software Engineering · Computer Science 2021-05-11 James C. Davis , Louis G. Michael , Christy A. Coghlan , Francisco Servant , Dongyoon Lee

Pointers are a powerful, but dangerous feature provided by the C and C++ programming languages, and incorrect use of pointers is a common source of bugs and security vulnerabilities. Making secure software is crucial, as vulnerabilities…

Formal Languages and Automata Theory · Computer Science 2024-11-01 Vlad-Alexandru Teodorescu , Dorel Lucanu

New programming languages (e.g., Swift, Go, Rust, etc.) are being introduced to provide a better opportunity for the developers to make software development robust and easy. At the early stage, a programming language is likely to have…

Software Engineering · Computer Science 2021-05-06 Partha Chakraborty , Rifat Shahriyar , Anindya Iqbal , Gias Uddin

We witness an increasing usage of AI-assistants even for routine (classroom) programming tasks. However, the code generated on basis of a so called "prompt" by the programmer does not always meet accepted security standards. On the one…

Software Engineering · Computer Science 2024-08-15 Stefan Goetz , Andreas Schaad

Artificial Intelligence (AI)-driven code generation tools are increasingly used throughout the software development lifecycle to accelerate coding tasks. However, the security of AI-generated code using Large Language Models (LLMs) remains…

Cryptography and Security · Computer Science 2026-03-10 Mohammed Kharma , Soohyeon Choi , Mohammed AlKhanafseh , David Mohaisen

Large Language Models (LLMs) are increasingly used for automated software development, making their ability to preserve secure coding practices critical. In practice, however, many security requirements are implicit or underspecified,…

Cryptography and Security · Computer Science 2026-05-12 Yue Li , Xiao Li , Hao Wu , Yue Zhang , Yechao Zhang , Yating Liu , Fengyuan Xu , Sheng Zhong