High Assurance Rust
Frequently Asked Questions (FAQ)
Engage with this Book!
Sponsor Call for Proposals (CFP)
Download
Changelog
License
Novice: Systems Security
Introduction
Software Assurance
Rust Zero-Crash Course
Understanding Memory Safety and Exploitation
1. Software Perspective: CPU to Process
2. Assurance Perspective: Stack Safety
3. Attacker's Perspective: Breaking Safety (1/2)
4. Attacker's Perspective: Unifying Theory (2/2)
5. Debugging DIY Secret Obfuscation
6. Stack Exploitation
7. Software Perspective: Heap (1/2)
8. Software Perspective: Heap (2/2)
9. Heap Exploitation
10. Rust's Memory Safety Guarantees (1/2)
11. Rust's Memory Safety Guarantees (2/2)
12. Language-agnostic Mitigations
13. Case Study: Real-world Rust CVEs
14. Challenge: Vulnerability Research
Advanced Beginner: Core Project
Binary Search Tree (BST) Basics
1. Core BST Operations in Python
2. Problems Translating to Rust
3. The Importance of Balance
4. TODO
5. Challenge: TODO
Building an Arena Allocator
1. Let's Talk Allocators
2. A Stack-Only Arena
3. Index-based Data Structures
4. TODO
5. Challenge: TODO
A Self-balancing BST
1. Interface-relevant Traits
2. Scapegoat Trees
3. Insert
4. Remove
5. Find
6. Challenge: TODO
Digital Twin Testing
1. Basic QEMU Internals
2. How Semi-hosting Works
3. CLI REPL Harness
4. Limitations
5. TODO
6. Challenge: TODO
Building Maps and Sets
1. TODO
2. Challenge: TODO
Implementing Iterators
1. TODO
2. Challenge: TODO
Competent: Validation and Deployment
Static Verification
1. An Introduction to 1st Order Logic
2. Proving Absence of Panics
3. Deductively Verifying our Arena Allocator
4. Model Checking for unsafe Code
5. TODO
6. Challenge: Prove a Sorting Algorithm
Dynamic Testing
1. Introduction to Coverage-Guided Fuzzing
2. Building a Differential Fuzzing Harness
3. Using Miri to Detect Undefined Behavior
4. Benchmarking and Optimization
5. TODO
6. Challenge: Bug-hunting with Fuzzers
Operational Deployment
1. Understanding unsafe (1/3)
2. Understanding unsafe (2/3)
3. Understanding unsafe (3/3)
4. CFFI 101
5. C99 Interoperability
6. Python3 Interoperability
7. Runtime Balance Reconfiguration
8. TODO
9. Challenge: TODO
Maximizing Assurance
1. Rust Security Research
2. Rust's Limitations
3. Best Practices Beyond Rust
4. TODO
5. Challenge: TODO
Conclusion
Review
1. Key Concepts
2. Key Blue-Team Skills
3. Key Red-Team Skills
Appendix
1. Setup: Using our Docker Container
2. Inventory: Tools of the Trade
3. Inventory: Recommended Reading
4. Inventory: Additional Resources
5. Fundamentals: Stream Ciphers
6. Fundamentals: Type Systems
7. Fundamentals: Component-Based Design
8. Fundamentals: Memory Hierarchy
9. Fundamentals: Dynamic Linking
10. Theory: Inter-procedural CFGs
11. Misc: Size Optimization
12. Misc: The Typestate Pattern
13. Misc: C++ Interoperability
14. Misc: Compile-time Metaprogramming

Hands-on Learning

Both software developers and security engineers are practitioners first, theoreticians second. Understanding underlying concepts and situational context is critical, certainly. But at the end of the day you write and run code. And someone else may try to exploit that code while it's running.

The aforementioned Dreyfus Model encapsulates both formal instruction and hands-on practice¹. It may be cliche, but practice makes perfect. Or makes expert, rather. There's a limit to how much you can learn skimming a book for concepts.

You need to write, run, and debug code to progress through the Dreyfus stages. This means following along with examples presented in the chapters, and, more importantly, using this book as a starting point for real-world projects of your own choosing.

Our goal here is to teach concepts and transferable skills, to get you to the level where real-world experience is a realistic potential. For the language-learning aspect, that's the point at which you'd feel comfortable:

Contributing to existing open-source projects written in Rust.
Publishing a Rust library of your own design.
Incorporating Rust into a new initiative in your workplace.
Etc.

Chapter-End Challenges

Each chapter ends with an optional challenge. These challenges are open-ended problems that require both designing a moderate-to-high complexity feature and actually coding it up.

You'll need to explore the solution space independently, applying the chapter's concepts in a new context, finding resources beyond this book, and developing your own strategies.

No challenge solutions are provided, it's up to you to work through the suggested problems! Or personal variations that motivate you.

¹

The Five-Stage Model of Adult Skill Acquisition. Stuart E.Dreyfus (2004).