摘要: |
Rust是为了解决系统编程领域的安全性问题, 而设计的一门面向系统编程的兼具类型安全、内存安全和并发安全的新型程序设计语言, 强调安全性和高性能, 已经在操作系统内核、Web浏览器、网络协议栈、数据库和区块链等底层软件系统的构建中得到了越来越广泛的应用。现有研究表明, 尽管Rust的设计目标是保证安全性, 但其自身仍然存在许多安全问题。作为一门系统编程语言, Rust的安全性直接影响到基于Rust开发的软件系统的安全性。随着Rust的广泛应用, 对Rust语言安全的研究显得尤为重要。Rust语言安全研究正在成为研究热点, 并且在近几年已经取得了较大研究进展。本综述基于该研究领域已经公开发表的46篇研究论文,对该领域的相关研究进行了系统整理、分析和总结: 首先, 研究分析了Rust的核心安全特性, 包括函数式编程范式、强多态类型系统、基于所有权模型的自动内存管理、对非安全代码的显式标记和隔离; 其次, 提出了Rust语言安全研究领域的分类学, 将已有研究分为安全实证研究、漏洞检测研究、安全增强研究和形式化验证研究四个热点方向, 并分别对这四个方向上的相关研究进行了综述、深入分析和总结, 同时分析了四个研究方向的内在联系; 最后, 指出了该研究领域的待解决的科学问题, 并对未来可能的研究方向进行了展望, 提出了四个潜在的研究方向, 以期为相关领域的研究者提供有价值的参考。 |
关键词: Rust语言 内存安全 并发安全 漏洞检测与修复 |
DOI:10.19363/J.cnki.cn10-1380/tn.2023.11.06 |
投稿时间:2022-03-29修订日期:2022-06-15 |
基金项目:本课题得到中国科学技术大学研究生教育创新计划项目(No. 2020YCJC41, No. 2021YCJC34)资助。 |
|
A Survey of Rust Language Security Research |
HU Shuang,HUA Baojian,OUYANG Wanrong,FAN Qiliang |
School of Software Engineering, University of Science and Technology of China, Hefei 230027, China |
Abstract: |
Rust is an emerging type-safe, memory-safe, and concurrency-safe programming language for system programming to address security issues in the system programming domain. The design of Rust emphasizes both security and high performance, thus has been increasingly used in the construction of software infrastructures such as operating system kernels, Web browsers, network protocol stacks, databases, and blockchains. However, existing research efforts have demonstrated that despite its design goal of ensuring security, Rust still suffers from many safety issues. As a system programming language, the security of Rust directly affects the security of software systems developed with Rust. Furthermore, with the widespread adoption of Rust, the study of Rust language security is becoming a hot research topic with significant research progress. In this survey, we systematically analyze and summarize the latest research progress in this field, based on a systematic analysis of 46 published research papers: first, we analyze the main security-related features of Rust, including functional programming paradigm, strong polymorphic type system, automatic ownership-based memory management model, and explicit isolation of unsafe code; second, we propose a taxonomy to classify current research efforts into four categories: empirical security study, vulnerability detection, safety enhancement, and formal verification, by reviewing and analyzing, and summarizing the relevant research not only in each of these four directions, but also in their interactions; finally, we point out open problems in this research area, and highlight the remaining challenges of Rust language security research, and propose four potential research directions. This survey serves as both a valuable reference and a starting point for future research in this field. |
Key words: Rust memory safety concurrency safety vulnerability detection and rectification |