White House Calls for Adoption of Memory-Safe Programming Languages to Prevent Cyberattacks

Software developers have long had many options when it comes to programming languages. There are many reasons why they choose one language over another, including the usability and compatibility of the language. Now the White House Office of the National Cyber Director (ONCD) wants developers to add another critical factor — memory safety.

The ONCD has released a new report arguing that technology companies should adopt memory-safe programming languages to prevent major cybersecurity vulnerabilities. The report, titled "Back to the Building Blocks: A Path Toward Secure and Measurable Software," asserts that memory safety issues have been the root cause of some of the worst cyber-attacks over the past 35 years.

Memory safety is a programming language feature that prevents certain types of bugs related to memory use and management, which can lead to security vulnerabilities and program instability. A memory-safe programming language integrates features that prevent a program from accessing memory it has not been allocated or has already freed.

"We, as a nation, have the ability — and the responsibility — to reduce the attack surface in cyberspace and prevent entire classes of security bugs from entering the digital ecosystem, but that means we need to tackle the hard problem of moving to memory-safe programming languages," National Cyber Director Harry Coker stated.

Related:Why Prompt Injection Is a Threat to Large Language Models

Memory Safety Key to Preventing Cyber-Attacks

According to the ONCD report, vulnerabilities like buffer overflows that lead to memory corruption have been behind major cyber events, including the Morris worm in 1988, the Slammer worm in 2003, the Heartbleed bug in 2014, and the Trident and Blastpass exploits in 2016 and 2023. By using memory-safe languages designed to avoid such vulnerabilities, the report argues that entire classes of bugs can be eliminated before they ever enter the digital ecosystem.

The report points to memory safety vulnerabilities as one of the most pervasive weaknesses affecting cybersecurity today. Memory safety issues arise when computer memory is accessed or manipulated in ways that are unintended, out-of-bounds, or unsafe.

Two major categories of memory safety vulnerabilities are identified:

The report argues that the most impactful way to reduce memory safety issues is "to secure one of the building blocks of cyberspace: the programming language." It calls for building new software with memory-safe languages from day one and migrating legacy codebases wherever feasible.

Related:How to Choose a 'Secondary' Programming Language

Languages such as C and C++ are called out for lacking memory safety traits and being widespread across critical systems. The report cites studies showing that 70% of bugs in such languages are memory safety-related, even with extensive auditing and testing. It highlights the potential to eliminate most of these vulnerabilities using languages with built-in memory protections.

Recommendations for Software Developers

A key recommendation in the report is for software developers to adopt memory-safe programming languages consistently. Many mature and production-ready options already exist, it notes, listing as examples Rust, Swift, Java, JavaScript, Python, and Go as established languages considered memory-safe. The report said Google's migration of certain Android OS modules to Rust has dramatically reduced memory safety bugs.

For legacy codebases where wholesale rewrites are impractical, the report suggests taking a hybrid approach to language migration. Critical functions or libraries can be prioritized based on risk factors like network connectivity and rearchitected in a memory-safe language first.

The report argues that this is an early architecture choice that delivers major security benefits with minimal tradeoffs.

"Building new products and migrating high-impact legacy code to memory-safe programming languages can significantly reduce the prevalence of memory safety vulnerabilities throughout the digital ecosystem," the report states.

Complementary Approaches: Memory-Safe Hardware and Formal Methods

While the report primarily focuses on programming languages as a primary building block, it also explores memory-safe hardware architecture and formal methods as complementary approaches to achieve similar outcomes. 

These alternatives are particularly relevant in scenarios where memory-safe languages may not be feasible.