Benefits and Drawbacks of Adopting a Secure Programming Language: Rust as a Case Study. Kelsey Fulton, Anna Chan, Dan Votipka, Michael Hicks, and Michelle Mazurek. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS), August 2021. To appear.

Programming languages such as Rust and Go were developed to combat common and potentially devastating memory-safety-related vulnerabilities. Adoption of new, more secure languages is often seen as fraught and complex. We use Rust as a case study to better understand the benefits and challenges associated with this adoption. To this end, we conducted semi-structured interviews with professional, primarily senior software developers who have worked to introduce or worked with Rust on their teams (n = 16) and deployed a survey to the Rust development community (n = 178). We asked participants about their personal experiences using Rust, as well as experiences using Rust at their companies. We find a range of positive features, including good tooling and documentation, benefits for the development lifecycle, and improvement of overall secure coding skills, as well as drawbacks including a steep learning curve, limited library support, and concerns about the ability to hire additional Rust developers in the future. Our results have implications for promoting the adoption of Rust specifically and secure programming languages and tools more generally.

.pdf ]

@inproceedings{fulton21rust,
  title = {Benefits and Drawbacks of Adopting a Secure Programming Language: {Rust} as a Case Study},
  author = {Kelsey Fulton and Anna Chan and Dan Votipka and Michael Hicks and Michelle Mazurek},
  booktitle = {Proceedings of the Symposium on Usable Privacy and Security (SOUPS)},
  month = aug,
  year = 2021,
  note = {To appear}
}

This file was generated by bibtex2html 1.99.