Cybersecurity & Tech

Investing in Rust

Shane Miller
Friday, July 19, 2024, 8:00 AM
U.S. public policy can help facilitate market adoption of a relatively new, efficient, and safe programming language called Rust.
Man Holding a Cutout with the Logo of Rust Programming Language. November 28, 2018. (https://www.pexels.com/photo/close-up-of-man-holding-a-cutout-with-the-logo-of-rust-programming-language-11035384/, CC0)

Published by The Lawfare Institute
in Cooperation With
Brookings

 

In this paper for Lawfare’s Security by Design Paper Series, Shane Miller writes that research consistently attributes more than 50 percent of security vulnerabilities to errors that are prevented by using memory-safe programming languages. Despite those benefits, adoption of memory-safe languages is stalled in some domains, because memory-unsafe languages like C and C++ have locked in the market. Unlike older memory-safe languages such as Java or Python, the relatively new Rust language optimizes efficiency with memory safety. Unfortunately, Rust’s innovative design and implementation are incompatible with existing engineering skills and systems, creating market friction for adoption. This paper recommends U.S. public policy to mitigate that friction and foster the adoption of memory-safe languages.

You can read the paper here or below


Shane Miller is a Distinguished Advisor to the Rust Foundation, where she was the founding chair of the board of directors. Miller is also a senior fellow at the Atlantic Council Cyber Statecraft Initiative under the Digital Forensic Research Lab and an advisory board member for the State of Open Con. She is the former founding leader of four different organizations at Amazon Web Services (AWS), including Rust open source.

Subscribe to Lawfare