Security Lessons From a New Programming Language

Security Lessons From a New Programming Language
A security professional needed a secure language for IoT development. So he wrote his own, applying learned lessons about memory and resources in the process.

When a security researcher needs to create an application, there are many choices in terms of programming languages and frameworks. But when project requirements include SSL and an embedded Internet of Things (IoT) platform, the number of good options becomes limited. That's why Thomas Pornin decided to build his own language.

Pornin, who is technical director and member of the cryptography services practice at NCC Group, has been thinking about programming languages, their strengths, and their weaknesses for more than 30 years. He has worked on many different, complex tech deployments and has the experience of launching an open source project, BearSSL, an SSL stack that is smaller than most SSL implementations available to developers.

The language Pornin wanted to build had two significant requirements: First, its resulting applications had to fit onto a resource-constrained IoT device, and that those applications performed reasonably well. Next, the applications developed using the language would not be subject to certain built-in vulnerabilities seen in some applications. Those vulnerabilities tend to revolve around the way the processor allocates and uses memory, so Pornin focused on memory in his thinking about language security.

Getting the project started took time. "I took care to write a big specification, a 65-page document," Pornin says. "In it, I explained how it should work and why it should work that way."

From Spec to LanguageThe initial specification was the basis for T0, Pornin's first pass at the programming language. T0 was designed to create applications that would work on an embedded system — defined as one with severely lim ..