Secure software is reliable software

The C programming language is almost 50 years old and is showing its age. Memory corruption vulnerabilities continue to plague software written in C/C++. A different approach is needed for embedded and systems software.

Rust is a systems programming language that compiles directly to machine code and executes without a runtime. It offers memory safety without sacrificing performance and footprint.

Introducing Rust

Why Rust

  • Performance and efficiency of native code
  • Memory and thread-safety of high-level languages
  • Interoperable w/ C and other languages via the C ABI
  • Best-in-class support for writing asynchronous network applications
Diagram showing the approach to development using Rust

Our Approach to Bindings

  • Write a protocol library in idiomatic safe Rust. Native Rust applications may use this library directly.
  • Create a model of an ideal C API and object-oriented mapping to the library using an internal tool we call oo_bindgen. Use the model to generate bindings for multiple languages including C/C++, Java, and C#, and the Rust foreign-function interface (FFI).
  • Implement the Rust FFI stubs generated in step 2 to connect to the idiomatic Rust API in step 1 to the core library.
  • Compile the the Rust library and FFI interface into a single shared library consumable from any language that understands the C ABI.

Articles about Rust

Rust is one of our favorite topics. Check back for more articles about the language and its application in industrial control systems.

OpenDNP3: Retrospective

OpenDNP3: Retrospective

OpenDNP3 was released as open source over 10 years ago. This post describes where I believe the project has succeeded, where it hasn’t, and why Step Function I/O is using a different licensing model for our new libraries going forward. In many ways, OpenDNP3 has been a success. We are constantly learning of new companies that have successfully used the library to add DNP3 functionality to their product or service offering.

Read More
CVE-2020-10611 - RCE in a flawed DNP3 Implementation

CVE-2020-10611 - RCE in a flawed DNP3 Implementation

S4x20 hosted the Pwn2Own Miami hacking competition this year, and one of the more interesting and impactful results was a bug chain leading to remote code execution (RCE) in the Triangle Microworks (TMW) SCADA Data Gateway. The Zero Day Initiative who puts on these competitions recently released a detailed writeup (and video) of the bugs and the exploit. Achieving code execution on the Triangle MicroWorks SCADA Data Gateway - details (and video!

Read More
Binding Rust to other languages safely and productively

Binding Rust to other languages safely and productively

When we made the decision to write our next generation of libraries in Rust, we knew we needed a solid approach for binding them to other languages. It may be some time before we have customers purchasing our libraries to use them in a Rust-only codebase. The majority of our customers will want to use the libraries in C/C++, .NET, or Java. Writing the core implementation in Rust means more productivity, fewer errors, and certain safety guarantees compared to writing it in C++.

Read More