Summary
After more than two decades of grappling with memory safety issues in C and C++, the software engineering community has reached a consensus. It’s not enough to rely on bug-finding tools.
The preferred approach is to use “safe” programming languages that can reject unsafe programs at compile time, thereby preventing the emergence of memory safety issues.
The TRACTOR program aims to automate the translation of legacy C code to Rust. The goal is to achieve the same quality and style that a skilled Rust developer would produce, thereby eliminating the entire class of memory safety security vulnerabilities present in C programs.
This program involves novel combinations of software analysis, such as static analysis and dynamic analysis, and machine learning techniques like large language models.
Test and evaluation of the research program is being performed by a team at MIT Lincoln Laboratory. All benchmarks, milestone projects, and tools are published at https://www.ll.mit.edu/tractor
Opportunity
DARPA-SN-24-89
Special Notice