projects
awesome-safety-critical
projects | awesome-safety-critical | |
---|---|---|
2 | 13 | |
225 | 1,532 | |
2.7% | - | |
4.2 | 4.7 | |
7 months ago | 5 months ago | |
Python | ||
GNU General Public License v3.0 only | Creative Commons Zero v1.0 Universal |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
projects
- NSA urges orgs to use memory-safe programming languages
-
Static Analyzer Rudra Found over 200 Memory Safety Issues in Rust Crates
Here's a list of available tooling: https://github.com/rust-secure-code/projects
awesome-safety-critical
-
Industry forms consortium to drive adoption of Rust in safety-critical systems
> The consortium aims to develop guidelines, tools, libraries, and language subsets to meet industrial and legal requirements for safety-critical systems.
> Moreover, the initiative seeks to incorporate lessons learned from years of development in the open source ecosystem to make Rust a valuable component of safety toolkits across various industries and severity levels
Resources and opportunities for a safety critical Rust initiative:
- "The First Rust-Written Network PHY Driver Set to Land in Linux 6.8" https://news.ycombinator.com/item?id=38677600
- awesome-safety-critical > Software safety standards: https://awesome-safety-critical.readthedocs.io/en/latest/#so...
- rust smart pointers: https://news.ycombinator.com/item?id=33563857 ; LLVM signed pointers for pointer authentication: https://news.ycombinator.com/item?id=40307180
From https://news.ycombinator.com/item?id=33563857 :
> - Secure Rust Guidelines > Memory management, > Checklist > Memory management: https://anssi-fr.github.io/rust-guide/05_memory.html
Rust OS projects to safety critical with the forthcoming new guidelines: Redox, Cosmic, MotorOS, Maestro, Aerugo
- "MotorOS: a Rust-first operating system for x64 VMs" https://news.ycombinator.com/item?id=38907876: "Maestro: A Linux-compatible kernel in Rust" (2023) https://news.ycombinator.com/item?id=38852360#38857185 ; redox-os, cosmic-de , Motūrus OS; MotorOS
- https://news.ycombinator.com/item?id=38861799 : > COSMIC DE (Rust-based) supports rust-windowing/winit apps, which compile to a tag in WASM.
> winit: https://github.com/rust-windowing/winit
- "Aerugo – RTOS for aerospace uses written in Rust" https://news.ycombinator.com/item?id=39245897
- "The Rust Implementation of GNU Coreutils Is Becoming Remarkably Robust" https://news.ycombinator.com/item?id=34743393
From a previous Ctrl-F rust,; "Rust in the Linux kernel" (2021) https://news.ycombinator.com/item?id=35783214 :
- > Is this the source for the rust port of the Android binder kernel module?: https://android.googlesource.com/platform/frameworks/native/...
> This guide with unsafe rust that calls into the C, and then with next gen much safer rust right next to it would be a helpful resource too.
From https://news.ycombinator.com/item?id=34744433 ... From "Are software engineering “best practices” just developer preferences?" https://news.ycombinator.com/item?id=28709239 :
>>>>> Which universities teach formal methods?
/?hnlog "TLA" and "side channel"
-
Aerugo – RTOS for aerospace uses written in Rust
https://awesome-safety-critical.readthedocs.io/en/latest/#so...
-
Pacemaker should be running open source software
awesome-safety-critical: https://awesome-safety-critical.readthedocs.io/en/latest/
FDA > Medical Devices > Cybersecurity:
-
Misra C++:2023 Published
awesome-safety-critical > Coding Guidelines: https://awesome-safety-critical.readthedocs.io/en/latest/
Rust SAST and DAST tools would be great for all, too.
From https://news.ycombinator.com/item?id=35565960 :
> Additional lists of static analysis, dynamic analysis, SAST, DAST, and other source code analysis tools: https://news.ycombinator.com/item?id=24511280 https://analysis-tools.dev/tools?languages=c++
-
Ask HN: Which school produces the best programmers or software engineers?
https://awesome-safety-critical.readthedocs.io/en/latest/#co...
Predict; software quality, career success
By well-rounded do you mean the ACM Computer Science Curriculum; or a strong liberal arts program which emphasizes critical thinking and effective communication; or Emotional Intelligence, Servant Leadership, and Project Management?
InfoSec; Computer Security > Careers: https://en.wikipedia.org/wiki/Computer_security#Careers
The NIST NICE Framework describes Categories (7),
- Learning C as someone who already knows Rust
- NSA urges orgs to use memory-safe programming languages
-
The James Webb Space Telescope Runs JavaScript, Apparently
For a low level view, as how the code actually should look like, I found the JPL C coding guidelines very useful. It had an effect on me on how I wrote C after reading it.
Here's a github hosted version https://github.com/stanislaw/awesome-safety-critical/blob/ma...
-
Ask HN: Is it worth it to learn C to better understand Python?
https://news.ycombinator.com/item?id=28709239 :
> From "Ask HN: Is it worth it to learn C in 2020?" https://news.ycombinator.com/item?id=21878372 : (which discusses [bounded] memory management)
> There are a number of coding guidelines e.g. for safety-critical systems where bounded running time and resource consumption are essential. *These coding guidelines and standards are basically only available for C, C++, and Ada.*
> awesome-safety-critical > Software safety standards: https://awesome-safety-critical.readthedocs.io/en/latest/#so...
> awesome-safety-critical > Coding Guidelines: https://awesome-safety-critical.readthedocs.io/en/latest/#co...
-
Are Software Engineering “best practices” just developer preferences?
Critical systems: https://en.wikipedia.org/wiki/Critical_system
> There are four types of critical systems: safety critical, mission critical, business critical and security critical.
Safety-critical systems > "Software engineering for safety-critical systems" https://en.wikipedia.org/wiki/Safety-critical_system#Softwar...
awesome-safety-critical lists very many resources for safety critical systems: https://awesome-safety-critical.readthedocs.io/en/latest/
There are many certification programs for software and other STEM fields. One test to qualify applicants does not qualify as a sufficient set of controls for safety critical systems that must be resilient, fault-tolerant, and redundant.
What are some alternatives?
Rudra-PoC - Trophy case for Rudra bugs.
awesome-python - 📚 Awesome Python Resources (mostly PyCon).
totally-safe-transmute
safety-gymnasium - NeurIPS 2023: Safety-Gymnasium: A Unified Safe Reinforcement Learning Benchmark
diodb - Open-source vulnerability disclosure and bug bounty program database
analyze - NaiveSystems Analyze is a static analysis tool for code security and compliance.
Awesome-Linux-Software - 🐧 A list of awesome Linux softwares