English
Related papers

Related papers: Is Rust Used Safely by Software Developers?

200 papers

With the explosion in popularity of the Rust programming language, a wealth of tools have recently been developed to analyze, verify, and test Rust programs. Alas, the Rust ecosystem remains relatively young, meaning that every one of these…

Programming Languages · Computer Science 2025-06-03 Son Ho , Guillaume Boisseau , Lucas Franceschino , Yoann Prak , Aymeric Fromherz , Jonathan Protzenko

We give a rigorous characterization of what it means for a programming language to be memory safe, capturing the intuition that memory safety supports local reasoning about state. We formalize this principle in two ways. First, we show how…

Programming Languages · Computer Science 2018-04-10 Arthur Azevedo de Amorim , Catalin Hritcu , Benjamin C. Pierce

Passwords are still a mainstay of various security systems, as well as the cause of many usability issues. For end-users, many of these issues have been studied extensively, highlighting problems and informing design decisions for better…

Cryptography and Security · Computer Science 2017-08-31 Alena Naiakshina , Anastasia Danilova , Christian Tiefenau , Marco Herzog , Sergej Dechand , Matthew Smith

It is now commonplace for organizations to pay developers to work on specific open source software (OSS) projects to pursue their business goals. Such paid developers work alongside voluntary contributors, but given the different…

Software Engineering · Computer Science 2024-01-26 Yuxia Zhang , Mian Qin , Klaas-Jan Stol , Minghui Zhou , Hui Liu

Sometimes debates on programming languages are more religious than scientific. Questions about which language is more succinct or efficient, or makes developers more productive are discussed with fervor, and their answers are too often…

Software Engineering · Computer Science 2015-06-04 Sebastian Nanz , Carlo A. Furia

Early identification of security issues in software development is vital to minimize their unanticipated impacts. Code review is a widely used manual analysis method that aims to uncover security issues along with other coding issues in…

Software Engineering · Computer Science 2024-07-18 Wachiraphan Charoenwet , Patanamon Thongtanunam , Van-Thuan Pham , Christoph Treude

Fuzzing is a popular bug detection technique achieved by testing software executables with random inputs. This technique can also be extended to libraries by constructing executables that call library APIs, known as fuzz drivers. Automated…

Software Engineering · Computer Science 2023-12-20 Yehong Zhang , Jun Wu , Hui Xu

Parallel programming often requires developers to handle complex computational tasks that can yield many errors in its development cycle. Rust is a performant low-level language that promises memory safety guarantees with its compiler,…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-02-24 Eduardo M. Martins , Leonardo G. Faé , Renato B. Hoffmann , Lucas S. Bianchessi , Dalvan Griebler

When implementing secure software, developers must ensure certain requirements, such as the erasure of secret data after its use and execution in real time. Such requirements are not explicitly captured by the C language and could…

Cryptography and Security · Computer Science 2019-07-08 A. P. Shivarpatna Venkatesh , A. Bhat Handadi , M. Mory

Open Source Software (OSS) security and resilience are worldwide phenomena hampering economic and technological innovation. OSS vulnerabilities can cause unauthorized access, data breaches, network disruptions, and privacy violations,…

Software Engineering · Computer Science 2024-01-17 Nafis Tanveer Islam , Gonzalo De La Torre Parra , Dylan Manual , Murtuza Jadliwala , Peyman Najafirad

Nowadays, advanced security mechanisms exist to protect data, systems, and networks. Most of these mechanisms are effective, and security experts can handle them to achieve a sufficient level of security for any given system. However, most…

Cryptography and Security · Computer Science 2015-06-25 Hans-Joachim Hof

Safe Rust guarantees memory safety through strict compile-time constraints: ownership can be transferred, borrowing can temporarily guarantee either shared read-only or exclusive write access, and ownership and borrowing are scoped by…

Software Engineering · Computer Science 2026-04-06 Kaiwen Zhang , Guanjun Liu

The constant-time property is considered the security standard for cryptographic code. Code following the constant-time discipline is free from secret-dependent branches and memory accesses, and thus avoids leaking secrets through cache and…

Cryptography and Security · Computer Science 2023-11-13 Matthew Kolosick , Basavesh Ammanaghatta Shivakumar , Sunjay Cauligi , Marco Patrignani , Marco Vassena , Ranjit Jhala , Deian Stefan

Software vulnerabilities pose significant security challenges and potential risks to society, necessitating extensive efforts in automated vulnerability detection. There are two popular lines of work to address automated vulnerability…

Software Engineering · Computer Science 2024-07-24 Xin Zhou , Duc-Manh Tran , Thanh Le-Cong , Ting Zhang , Ivana Clairine Irsan , Joshua Sumarlin , Bach Le , David Lo

The C and C++ programming languages are widely used for the implementation of software in critical systems. They are complex languages with subtle features and peculiarities that might baffle even the more expert programmers. Hence, the…

Programming Languages · Computer Science 2022-12-29 Roberto Bagnara , Abramo Bagnara , Patricia M. Hill

Graphics Processing Units (GPU) offer tremendous computational power by following a throughput oriented computing paradigm where many thousand computational units operate in parallel. Programming this massively parallel hardware is…

Programming Languages · Computer Science 2023-05-08 Bastian Köpcke , Sergei Gorlatch , Michel Steuwer

Static analysis remains one of the most popular approaches for detecting and correcting poor or vulnerable program code. It involves the examination of code listings, test results, or other documentation to identify errors, violations of…

Artificial Intelligence · Computer Science 2021-08-27 Fitzroy D. Nembhard , Marco M. Carvalho

The Move language provides abstractions for programming with digital assets via a mix of value semantics and reference semantics. Ensuring memory safety in programs with references that access a shared, mutable global ledger is difficult,…

Programming Languages · Computer Science 2022-05-12 Sam Blackshear , John Mitchell , Todd Nowacki , Shaz Qadeer

Large language models (LLMs) have shown impressive capability to understand and develop code. However, their capability to rigorously reason about and prove code correctness remains in question. This paper offers a comprehensive study of…

Operating Systems · Computer Science 2026-04-16 Chenyuan Yang , Natalie Neamtu , Chris Hawblitzel , Jacob R. Lorch , Shan Lu

Despite the rapid progress of large language models (LLMs) in code generation, existing evaluations focus on functional correctness or syntactic validity, overlooking how LLMs make critical design choices such as which library or…

Software Engineering · Computer Science 2026-04-09 Lukas Twist , Jie M. Zhang , Mark Harman , Don Syme , Joost Noppen , Helen Yannakoudakis , Detlef Nauck