You are here

CRAM: C++ to Rust Assisted Migration PH2

Award Information
Agency: Department of Defense
Branch: Defense Advanced Research Projects Agency
Contract: HR001123C0079
Agency Tracking Number: D2-2738
Amount: $1,499,786.00
Phase: Phase II
Program: SBIR
Solicitation Topic Code: HR001121S0007-10
Solicitation Number: HR001121S0007.I
Solicitation Year: 2021
Award Year: 2023
Award Start Date (Proposal Award Date): 2023-02-28
Award End Date (Contract End Date): 2026-02-28
Small Business Information
531 Esty Street
Ithaca, NY 14850-3250
United States
DUNS: 603978321
HUBZone Owned: No
Woman Owned: No
Socially and Economically Disadvantaged: No
Principal Investigator
 Thomas Wahl
 (607) 273-7340
Business Contact
 Daniel Goodwin
Phone: (410) 952-9439
Research Institution

The C language has traditionally emphasized a program’s runtime performance, achieved by leaving low-level memory management to the programmer. Countless program crashes, hangs, and security vulnerabilities have been attributed to uninformed or malicious use of this freedom. C’s extension C++ provides better programming abstractions but insists on backward compatibility with C and thus suffers from similar risks, which are unacceptable in domains like systems programming or for defense applications. In contrast, languages considered to be (memory-)safe restrict direct memory access by programmers and include C#, Java, and Go. The Rust programming language offers safe programming features without resorting to expensive runtime management techniques like garbage collection and can therefore promise to deliver well-performing system-level and network applications. In order to extend the advantages of modern languages to legacy code, this proposal presents a strategy for migrating actively used C++ code to Rust that maximally benefits from the idiomatic and safety features of Rust, such as aggressively employing move semantics for assignments, and generics for reusable code patterns. We are seeking to produce human-maintainable programs in Rust, suitable for code under active development. Our strategy is to perform the migration in two stages. We begin with a refactoring step that attempts to harden the given C++ code, guided by Rust safe-programming rules. This step prepares the code for an easier migration to Rust, but also results in safer C++ code as a useful intermediate product. The refactoring is followed by a target code generation step, which attempts to recognize code segments with a particular intent, represents these in a language-agnostic concept representation, and retargets these concepts into Rust, using a library of Rust code templates. Acknowledging the hardness of the problem and the boldness of our proposed solution, our approach is semi-automatic, requesting user assistance to resolve ambiguities in inferring the intent of the code. The user interaction is supported by the integration of CRAM into an Integrated Development Environment, which displays the source code, the outcome of any refactorings, and the result of migrating code segments. For each operation performed on the source code, the user has the option of accepting or rejecting it, and of modifying its result. Despite human involvement, a problem of this magnitude demands an arsenal of assurance artifacts, such as tests and proofs, that aim to give evidence of the correctness of the migration, and the reliability of the target program. Our approach will deliver both migrated and automatically generated test cases, as well as proofs that establish the preservation of the program semantics by our refactoring and code generation steps.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government