recentlyIn a speech, referring to Microsoft’s work to solve the corresponding memory problems, Matthew Parkinson, a Microsoft researcher in the UK, mentioned the new programming language based on rust that Microsoft is developing,This project is called “Verona” within Microsoft“。
Previously, Microsoft said it was exploring rust as a security alternative to C and C + +, and also showed the experience of rewriting windows components with rust. According to Microsoft, rust is a programming language that fundamentally considers security. They will try to rewrite various products with rust because in the past decade, More than 70% of Microsoft’s security patches provide memory related errors, and rust is the “good medicine” to solve this problem.
In his speech, Matthew first shared Microsoft’s work on memgc (memory garbage collector). Memgc refers to the memory garbage collector on IE and edge browsers. It solves the vulnerability in a feature of standard browsers – Document Object Model (DOM), which expresses the content of HTML documents in a tree structure.
Then he led to another question: how to build the safest product? Not just discard what you already have, but consider what you can build in a more secure system. He introduced that Microsoft is using rust to rewrite some components and proposed: “if we want to isolate and streamline the legacy code so that the attacker’s code can not escape, how to design the language?”
Matthew proposed Verona, a new programming language based on rust being developed by Microsoft. He said this was the first time to discuss the project,Microsoft claims that this language is used for “safe infrastructure programming”, and the Verona project will open source “soon”.
Matthew introduced that Verona was maintained by c# project manager MADS torgensen and Juliana Franco, research software engineer of Microsoft Cambridge Research Institute.
The challenge facing Microsoft is to deal with a wide range of applications, ranging from c# desktop applications to C or c# exchange, asp.net, azure and device drivers, to underlying windows components such as memory management and boot loader, as well as the hardware abstraction layer of windows kernel.
“It is really difficult to perform memory management. If there is any concurrent mutation, the temporary memory security will be very difficult.” Matthew introduced Verona’s design idea: “Verona’s ownership model is based on object groups, not on a single object ownership model like rust. In C + +, pointers can be obtained, and it is object-based. But this is different from my thinking about data and syntax. I think that data structure is a collection of objects, and the collection of objects is a life cycle. Therefore, by taking ownership at the ownership level of the object, we can get closer to the level of abstraction people are using, which enables us to build data structures without going beyond the scope of security. “
Video of Matthew Parkinson’s speech《Digital Security by Design: Security and Legacy at Microsoft 》