[Colloq] REMINDER: Cybersecurity and Privacy Institute Speaker Series: Mingshen Sun - Building Safe and Secure Systems in Rust: Challenges, Lessons Learned, and Open Questions - Oct 12

[Ponte, Christopher]

Speaker: Dr. Mingshen Sun, Senior Security Researcher, X-Lab, Baidu USA
Date: October 12, 2018
Location: ISEC 655
Time: 11:00am – 12:00pm
Title: Building Safe and Secure Systems in Rust: Challenges, Lessons Learned, and Open Questions

Abstract
Rust is designed to be a system programming language, which is fast and guarantees memory safety. However, building safe and secure systems is not just to simply rewrite existing code using Rust. Still, there are many challenges, such as immature ecosystem of Rust, usages of unsafe Rust, safety of foreign function interfaces (FFI), and designing systems under a hybrid memory scenario. In Baidu X-Lab, we build several open-source systems in Rust: Rust SGX SDK, MesaLock Linux, MesaLink, etc. In this talk, we will introduce some challenges in building safe and secure systems in Rust. To further explain, we will talk about lessons learned by looking at real-world cases. Finally, we will discuss some open questions, initial ideas, and potential solutions.

About the Speaker
Mingshen Sun is a senior security researcher of Baidu X-Lab at Baidu USA. He received his PhD from The Chinese University of Hong Kong. During the studies, he worked as research intern in Qihoo 360 and research assistant in National University of Singapore. His interests lie in system security, mobile security, car hacking, and building systems in memory-safe programming languages. He maintains and actively contributes to several open source projects such as the MesaLock Linux project (a memory-safe Linux distribution), MesaBox (a collection of core system utilities written in Rust), MesaPy (a fast and safe Python implementation based on PyPy), and YogCrypt (a fast, general purpose crypto library in Rust).