Software Security in Rust
Rust is growing in popularity. Its unique security model promises memory safety and concurrency safety, while providing the performance of C/C++. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), David Svoboda and Joe Sible, both engineers in the SEI’s CERT Division, talk with principal researcher Suzanne Miller about the Rust programming language and its security-related features. Svoboda and Sible discuss Rust’s compile-time safety guarantees, the kinds of vulnerabilities that Rust fixes and those that it does not, situations in which users would not want to use Rust, and where interested users can go to get more information about the Rust programming language.
About the Speaker
Joe Sible is an associate software engineer in the Cybersecurity Foundations Directorate of the CERT Division at the SEI. He specializes in coding and Linux system administration. He has worked with DoD customers to ensure that secure coding rules are being followed and to implement DevSecOps practices. He also maintains …Read more
David Svoboda is a software security engineer at the CERT Division of the Software Engineering Institute. He co-authored or contributed to four books, including The SEI CERT C Coding Standard and The CERT Oracle Secure Coding Standard for Java. He also maintains the SEI CERT Coding Standards wiki and has …Read more