Cybersecurity Speaker Series: Building Safe and Secure Systems in Rust: Challenges, Lessons Learned, and Open Questions
Speaker: Dr. Mingshen Sun, Senior Security Researcher, X-Lab, Baidu USADate: October 12, 2018Location: ISEC 655Time: 11:00am – 12:00pmTitle: Building Safe and Secure Systems in Rust: Challenges, Lessons Learned, and Open QuestionsAbstractRust is designed to be a system programming language, which is fast and guarantees memory safety. However, building safe and secure systems is not just to simply rewrite existing code using Rust. Still, there are many challenges, such as immature ecosystem of Rust, usages of unsafe Rust, safety of foreign function interfaces (FFI), and designing systems under a hybrid memory scenario. In Baidu X-Lab, we build several open-source systems in Rust: Rust SGX SDK, MesaLock Linux, MesaLink, etc. In this talk, we will introduce some challenges in building safe and secure systems in Rust. To further explain, we will talk about lessons learned by looking at real-world cases. Finally, we will discuss some open questions, initial ideas, and potential solutions.About the SpeakerMingshen Sun is a senior security researcher of Baidu X-Lab at Baidu USA. He received his PhD from The Chinese University of Hong Kong. During the studies, he worked as research intern in Qihoo 360 and research assistant in National University of Singapore. His interests lie in system security, mobile security, car hacking, and building systems in memory-safe programming languages. He maintains and actively contributes to several open source projects such as the MesaLock Linux project (a memory-safe Linux distribution), MesaBox (a collection of core system utilities written in Rust), MesaPy (a fast and safe Python implementation based on PyPy), and YogCrypt (a fast, general purpose crypto library in Rust).
Friday, October 12, 2018 at 11:00am