A practical guide to transitioning to MSLs
Abstract
For decades, memory safety vulnerabilities have been a stubborn and seemingly unavoidable risk of systems software development. But that long-held view is now shifting. Driven by the success of memory-safe languages, and reinforced by calls to action from government agencies, the industry is recognizing that taking on this risk is no longer necessary.
Vulnerabilities, once an inevitability of systems programming, should increasingly be seen as a deliberate choice. Fortunately, data demonstrates that making a better choice does not require daunting multi-year rewrites of existing codebases. We can dramatically improve security by incrementally shifting the development of just new code to memory safe languages. And if these vulnerabilities can be avoided with low impact on other development goals, then choosing to introduce new ones should increasingly be considered unacceptable, and our goal should be for vulnerabilities to become increasingly impossible to introduce.
As James Clear says, “You do not rise to the level of your goals, you fall to the level of your systems.” A goal without a system is merely a wish. Transitioning even new development within a codebase to a new language is a complex undertaking, but it is solvable. This article lays out an empirically effective system, covering not only why this shift is so powerful but also a practical, staged process you can use to make it happen.
Vulnerabilities, once an inevitability of systems programming, should increasingly be seen as a deliberate choice. Fortunately, data demonstrates that making a better choice does not require daunting multi-year rewrites of existing codebases. We can dramatically improve security by incrementally shifting the development of just new code to memory safe languages. And if these vulnerabilities can be avoided with low impact on other development goals, then choosing to introduce new ones should increasingly be considered unacceptable, and our goal should be for vulnerabilities to become increasingly impossible to introduce.
As James Clear says, “You do not rise to the level of your goals, you fall to the level of your systems.” A goal without a system is merely a wish. Transitioning even new development within a codebase to a new language is a complex undertaking, but it is solvable. This article lays out an empirically effective system, covering not only why this shift is so powerful but also a practical, staged process you can use to make it happen.
