C-based software development is plagued by memory-related bugs, such as buffer overflows, but now there is a C-language processing system that avoids, in principle, all these bugs: Fail-Safe C, developed by Yutaka Oiwa of the Research Center for Information Security, National Institute of Advanced Industrial Science and Technology (AIST) of Japan. Java is a famous example of a language that avoids memory bugs, but the new approach delivers the same level of safety in C. Release 1, for 86-family processors, was released in April 2008.
Development is
continuing to make it possible to use Fail-Safe C on other processors,
such as ARM and MIPS designs, and it is supported in part under the
Promotion Budget for Science & Technology of the Ministry of
Education, Culture, Sports, Science & Technology (MEXT), within
the Embedded System Security Technology Research Project. A
cross-compiler and other results are scheduled for public release in
about spring 2009.
One important feature of Fail-Safe C is that source code written in C can be used without rewriting: just recompile it to get an application free of memory bugs. It is highly compatible with the American National Standards Institute (ANSI) C standard, too. Application operability has been confirmed for the OpenSL encryption library, OpenSSH remote access, BIND 9 name server and others.
The source code is first translated into C source code with code added for the memory check, and then compiled on a standard C compiler (see Fig). For memory boundary bugs such as buffer overflow, checks are made possible by extending pointers or attaching data to memory blocks, for example. Garbage collection is used to prevent bugs like memory leaks caused by reserving and releasing memory regions.
The biggest problem is that the compiled binary code is slow. At present, it can only achieve a fifth to a third the speed of the original binary. The goal is to improve this to half the original speed through optimization and other tricks.
In addition, binary code execution requires standard and garbage collection libraries that work with Fail-Safe C. Release 1 comes with Linux standard libraries especially developed for Fail-Safe C by AIST's Oiwa and Lepidum Co Ltd of Japan. They are currently working on a thread library.
by Toshiyuki Omori
Nikkei Electronics |
Nikkei Monozukuri |
Nikkei Automotive Technology |
|---|---|---|
 |
 |
 |
| The magazine for electronics designers and managers. | Design You Won't Regret - How to Reduce the Risk of Accidents | The comprehensive automotive technology magazine. |
Copyright © 1995-2010 Nikkei Business Publications, Inc. All rights reserved.
All editorial content and graphics on this Web site may not be reproduced in whole or in part without the express permission of the copyright owner.
