The main goal of this course is to teach basic Rust programming and to highlight security features such as its particular type system that ensures memory safety.
Description du cours
Rust is an up-and-coming programming language that reached in a few years a targeted but fair adoption in the software industry heavyweights, such as Microsoft, Google or Amazon. The main use of Rust is as a replacement for C and C++ in so-called « systems programming. » The main incentive to switch to Rust is the promise of memory safety which solves 70% of discovered security bugs in both Microsoft products and the Google-lead Chromium project. To achieve this, Rust is fairly different from most existing languages in particular from C and C++.
In this course, students learn how to code simple programmes in Rust. Students also learn how Rust answers the main security concerns in systems programming. This course gradually introduces Rust features such as:
- Basic programming
- Type system: ownership, borrowing and lifetimes
- Abstraction: traits and generic parameters
- Functional programming: closures and iterators
- Concurrency and parallelism
- Unsafe code and FFI
Rust language, programming language, systems programming, type system, memory safety.
- The Rust Programming Language, by Steve Klabnik and Carol Nichols, 2018
- Programming Rules to Develop Secure Applications With Rust, by Agence nationale de la sécurité des systèmes d’information (ANSSI), 2020
- Types and Programming Languages, by Benjamin C. Pierce, 2002
Biographie des enseignants
Mickaël Delahaye is a senior software security expert at DGA as well as an external research collaborator at INRIA. Mickaël Delahaye’s research focuses on securing programming through the use of formal methods in particular at the frontier between multiple programming languages. At DGA Mickaël Delahaye heads a laboratory dedicated to checking source code for security issues with a particular focus on issues raising from the programming language itself. Mickaël Delahaye also contributed to ANSSI secure coding practices for Rust.
Alexander Schau holds a PhD in Computer Sciences. He is specialised in Static Analysis and Hidden Channel Attacks at DGA.
Pierrick Philippe is a young cybersecurity graduate and is specialised in RUST language at DGA.