• It Is Time to Standardize Prin...

Treffer: It Is Time to Standardize Principles and Practices for Software Memory Safety.

Title:
It Is Time to Standardize Principles and Practices for Software Memory Safety.
Authors:
Watson, Robert N.M.1 (AUTHOR) robert.watson@cl.cam.ac.uk, Baldwin, John2 (AUTHOR) john@araratriver.co, Chisnall, David1 (AUTHOR) David.Chisnall@cl.cam.ac.uk, Chen, Tony3 (AUTHOR) tonychen@microsoft.com, Clarke, Jessica4 (AUTHOR) jessica.clarke@cl.cam.ac.uk, Davis, Brooks5 (AUTHOR) brooks.davis@sri.com, Filardo, Nathaniel1 (AUTHOR) nwf20@cam.ac.uk, Gutstein, Brett1 (AUTHOR) brett@gutste.in, Jenkinson, Graeme6 (AUTHOR) graeme@capabilitieslimited.co.uk, Laurie, Ben7 (AUTHOR) benl@google.com, Mazzinghi, Alfredo4 (AUTHOR) am2419@cam.ac.uk, Moore, Simon4 (AUTHOR) Simon.Moore@cl.cam.ac.uk, Neumann, Peter G.5 (AUTHOR) neumann@csl.sri.com, Okhravi, Hamed8 (AUTHOR) hamed.okhravi@ll.mit.edu, Richardson, Alex7 (AUTHOR) alexrichardson@google.com, Rebert, Alex7 (AUTHOR) arebert@google.com, Sewell, Peter4 (AUTHOR) Peter.Sewell@cl.cam.ac.uk, Tratt, Laurence9 (AUTHOR) laurie@tratt.net, Vijayaraghavan, Murali7 (AUTHOR) muralivi@google.com, Vincent, Hugo10 (AUTHOR) hugo.vincent@arm.com
Source:
Communications of the ACM. Feb2025, Vol. 68 Issue 2, p40-45. 6p.
Subject Terms:
*COMPUTER software, *COMPUTER storage devices, *COMPUTER security software, *STANDARDIZATION, *BEST practices, SAFETY
Database:
Business Source Premier

Weitere Informationen

The article addresses the subject of standardization of software memory safety, which is a critical step toward its widespread adoption across government, industry, and academia. The authors suggest that this effort necessitates a technology-neutral framework defining memory safety principles, best practices, and technical mappings to guide diverse use cases, including emerging secure IoT and cloud infrastructures. Goals include establishing tiered safety assurance levels, addressing the integration of memory-safe technologies with legacy systems, and enabling compositional reasoning about safety in heterogeneous environments. Collaboration among stakeholders—including educators, regulatory bodies, and industry leaders—is essential to create actionable guidelines that promote gradual transitions and interoperability while addressing industry concerns about cost and disruption. By defining clear standards, memory safety can evolve into a universally adopted practice, improving the security and reliability of critical systems worldwide.