The move aligns with the growing consensus in the software engineering community that reliance on bug-finding tools is insufficient. Tech giants like Google and Microsoft have been advocating for the use of memory safe programming languages, and this has influenced the public sector, including the White House and the US Cybersecurity and Infrastructure Security Agency (CISA), to encourage the use of languages like Rust, C#, Go, Java, Python, and Swift. Despite pushback from those involved with C and C++, DARPA believes the verdict on these languages has been made.
Key takeaways:
- The US Defense Advanced Research Projects Agency (DARPA) is developing TRACTOR, a project aimed at using machine-learning tools to automate the conversion of legacy C code into Rust for memory safety.
- Memory safety bugs, such as buffer overflows, account for the majority of major vulnerabilities in large codebases, and the use of AI models could help make software more secure.
- Despite pushback from those involved with C and C++, DARPA believes that the software engineering community has reached a consensus on the need for memory safe programming languages, with Rust being a primary choice.
- DARPA will hold an event for those planning to submit proposals for the TRACTOR project on August 26, 2024, and those interested must register by August 19.