Google Calls for Measurable Memory-Safety Standards for Software (googleblog.com)
- Reference: 0176566933
- News link: https://developers.slashdot.org/story/25/02/28/0340214/google-calls-for-measurable-memory-safety-standards-for-software
- Source link: https://security.googleblog.com/2025/02/securing-tomorrows-software-need-for.html
So the blog post calls for a "common framework" for "defining specific, measurable criteria for achieving different levels of memory safety assurance." The hope is this gives policy makers "the technical foundation to craft effective policy initiatives and incentives promoting memory safety" leading to "a market in which vendors are incentivized to invest in memory safety." ("Customers will be empowered to recognize, demand, and reward safety.")
In January the same Google security researchers helped co-write an article noting there are now [2]strong memory-safety "research technologies" that are sufficiently mature : memory-safe languages (including "safer language subsets like [3]Safe Buffers for C++"), mathematically rigorous formal verification, software compartmentalization, and hardware and software protections. (With hardware protections including things like ARM's [4]Memory Tagging Extension and the ( [5]Capability Hardware Enhanced RISC Instructions , or "CHERI", architecture.) Google's security researchers are now calling for "a blueprint for a memory-safe future" — though Importantly, the idea is "defining the desired outcomes rather than locking ourselves into specific technologies."
Their blog post this week again urges a practical/actionable framework that's commonly understood, but one that supports different approaches (and allowing tailoring to specific needs) while enabling objective assessment:
> At Google, we're not just advocating for standardization and a memory-safe future, we're actively working to build it. We are collaborating with industry and academic partners to develop potential standards, and our joint authorship of the recent [6]CACM call-to-action marks an important first step in this process... This commitment is also reflected in our internal efforts. We are prioritizing memory-safe languages, and have already seen significant reductions in vulnerabilities by adopting languages like Rust in combination with existing, wide-spread usage of Java, Kotlin, and Go where performance constraints permit. We recognize that a complete transition to those languages will take time. That's why we're also investing in techniques to improve the safety of our existing C++ codebase by design, such as [7]deploying hardened libc++ .
>
> This effort isn't about picking winners or dictating solutions. It's about creating a level playing field, empowering informed decision-making, and driving a virtuous cycle of security improvement... The journey towards memory safety requires a collective commitment to standardization. We need to build a future where memory safety is not an afterthought but a foundational principle, a future where the next generation inherits a digital world that is secure by design.
The security researchers' post calls for "a collective commitment" to eliminate memory-safety bugs, "anchored on secure-by-design practices..." One of the blog post's subheadings? "Let's build a memory-safe future together."
And they're urging changes "not just for ourselves but for the generations that follow."
[1] https://security.googleblog.com/2025/02/securing-tomorrows-software-need-for.html
[2] https://cacm.acm.org/opinion/it-is-time-to-standardize-principles-and-practices-for-software-memory-safety/
[3] https://clang.llvm.org/docs/SafeBuffers.html
[4] https://community.arm.com/arm-community-blogs/b/architectures-and-processors-blog/posts/enhancing-memory-safety
[5] https://en.wikipedia.org/wiki/Capability_Hardware_Enhanced_RISC_Instructions
[6] https://cacm.acm.org/opinion/it-is-time-to-standardize-principles-and-practices-for-software-memory-safety/
[7] https://security.googleblog.com/2024/11/retrofitting-spatial-safety-to-hundreds.html
Count me in (Score:2)
As a C++ developer with a large vast codebase, count me in.
Id really prefer if they worked on a nice valgrind replacement that could use multiple cores during heavy tracing too.
Re: Count me in (Score:2)
I don't understand why a company like Google doesn't just make their own Library of memory safe constructs and tell everyone to use that.
Comprehensive Rust (Score:2)
> I don't understand why a company like Google doesn't just make their own Library of memory safe constructs and tell everyone to use that.
You may have missed that Google did just that. Google employees wrote [1]"Comprehensive Rust" [github.io], a tutorial for a memory-safe language.
[1] https://google.github.io/comprehensive-rust/
That's not a plan, that's a goal (Score:2)
"That's not a plan, that's a goal"
Good idea...but... (Score:2)
Standards are good
Improving technology is good
Memory safety is good
But, when the discussion turns to "the technical foundation to craft effective policy initiatives and incentives promoting memory safety", I get skeptical
If bureaucrats craft complex rules that are so difficult and expensive to follow that only giant corporations can deal with them, it will kill small projects, either commercial or open source
A large part of the success of digital technology is the ability of small developers to freely inven
Re: (Score:2)
So it's a win-win for Google! Next week; a proposal from 4-6 of the largest 'cloud' and software vendors to formalize an oligopolists for safety consortium; but don't worry; it's still competitive because you can maintain certification by sharecropping on any one of them at the price they choose!
That is just bullshit (Score:2)
Memory-safety issues are a coder skill issue and a result from cheaper-than-possible testing and review processes.
Re: (Score:2)
Pocket showed me an article last night about how "Vibe coding" with AI will enable anyone to write software. Google is just trying to get the vibe right for AI to do the testing and review.
~Goog Vibrations~
Haha, right, that's the trust problem. (Score:2)
I'd certainly be in favor of fewer bugs and less frenetic patching; but it seems transparently absurd to claim that memory safety issues, or even bugs in general, are what erode people's trust in technology, outside of fairly niche security circles where everyone either pokes holes in things for fun or distrusts even more deeply the things that must be hiding holes because they aren't known yet.
Most of what erodes public trust(still probably less than it deserves to be eroded) is technology performing ex
Here are the guidelines. Use our AI to code it. $$ (Score:2)
Google is driven by revenue and information vacuuming, not goodness. This will probably be an attempt to drive developers into using Google AI coding tools. Then people will get to pay for the pleasure of meeting Google's requirements and train Google's AI coding tools.
"Trust" in Trashdot space filler posts? YGTBSM. (Score:2)
Why would bugs "erode trust" when users don't even know what the term means and coders understand they're just bugs to be dealt with?
How much do the so-called editors get paid to vomit such garbage onto Slashdot? It's not news for nerds nor news for normals either.
Great (Score:2)
> Memory safety bugs are "eroding trust in technology and costing billions,"
I approve their efforts to measure things objectively. However, memory bugs are not eroding trust in technology. The vast majority of people don't even know bugs exist. I would like to see their objective attempt to measure trust in technology.