Memory Safety is Key: The Shift in U.S. Cyber Standards
November 26, 2024
Shifting Accountability: Why Memory Safety is the New Requirement for Critical Software – and How TrustInSoft Analyzer Helps
Key Takeaways:
- New CISA guidelines emphasize memory safety, urging all vendors supplying critical infrastructure to eliminate memory safety risks by 2026.
- Accountability for software security is shifting from end-users to vendors, driving more secure development practices.
- TrustInSoft Analyzer, a sound static analyzer, empowers C/C++ developers to find and resolve memory vulnerabilities efficiently.
An Unprecedented Push for Memory Safety: What It Means for Software Vendors
The recent CISA guidance on product security bad practices outlines high-risk actions software developers must avoid. A key emphasis is on preventing memory safety vulnerabilities in software for critical infrastructure. As outlined in the “Secure by Design” initiative, CISA’s report, “Product Security Bad Practices,” identifies memory-unsafe programming languages (notably C and C++) as a major security risk when creating software supporting critical infrastructure. By January 1, 2026, the expectation is for vendors to either transition to memory-safe languages or have an actionable memory safety roadmap. This strong stance underscores the need for tools like TrustInSoft Analyzer to enable precise code analysis and reduce the risk of vulnerabilities.
The timeline of recent U.S. government publications highlights a strong and progressive focus on cybersecurity, especially around secure software development and memory safety. Here’s an overview:
1. 2021-2023: Initial directives and guides emphasize improving cybersecurity across federal agencies and promoting safe software development practices.
- Executive Order EO 14028 (20210512): Outlined steps to enhance national cybersecurity.
- M-22-09 (20220126): Mandated federal agencies to adopt application security testing.
- NSA Guidance on Memory Safety (20221110): Addressed software memory-safety concerns, signaling the importance of secure memory management.
2. 2023 Developments:
- National Cybersecurity Strategy (20230303): Transferred the liability for insecure software from end-users to vendors, aligning with a growing push for vendor accountability.
- Secure by Design Update (20231025): Reinforced CISA’s commitment to secure development principles.
3. 2024 Forward-Looking Actions:
- ONCD Statements of Support (20240226): Advocated for software measurability and memory safety.
- CISA Report on Memory Safety in Open Source (20240626): Focused on exploring memory safety in critical open-source projects.
This timeline reflects increasing momentum to shift security accountability onto software vendors, improve secure development practices, and address vulnerabilities in both proprietary and open-source software through enhanced guidance and standards.
The European Union has recently adopted the Cyber Resilience Act (CRA). This requires manufacturers of products and software that contain a digital component placed on the EU market have fewer vulnerabilities by fulfilling a framework of cybersecurity requirements by 2027. A similar trend is happening in the US and in the EU regarding to the need to improve secure development practices.
Memory Safety: More Than Just a Recommendation
For vendors supporting critical infrastructure sectors, these new recommendations are more than optional guidance; they represent a shift in liability expressed in the National Cybersecurity Strategy (2023) and security expectations. Now, software vendors are under significant pressure to ensure that their products are secure by design, especially when written in memory-unsafe languages like C or C++. TrustInSoft Analyzer, a C/C++ code analysis tool built on formal verification, is particularly well-suited to meet this demand. It offers C/C++ developers an exhaustive static analysis, ensuring they catch vulnerabilities early and precisely.
The guidance from CISA requires:
- Publishing a Memory Safety Roadmap: Outlining plans to address vulnerabilities in high-risk components such as cryptographic modules and network interfaces.
- Shifting Security Left: Emphasizing early detection, testing, and resolution of vulnerabilities within the development lifecycle.
- Accountability for Open Source: Vendors must maintain a software bill of materials (SBOM), responsibly manage dependencies, and contribute back to the open-source ecosystem. Neglecting these steps introduces risks and potential liabilities as dependencies evolve.
TrustInSoft Analyzer: Addressing Memory Safety Challenges in C/C++
Given the emphasis on eliminating memory safety issues, TrustInSoft Analyzer is a powerful addition to any software developer’s toolkit, particularly for those working in memory-unsafe languages. The Analyzer’s capability for sound and exhaustive static analysis and formal verification enables developers to identify vulnerabilities, verify compliance with secure coding practices, and build confidence in code quality before deployment. Here’s how it helps software teams comply with CISA’s recommendations:
- Exhaustive Detection of Memory Vulnerabilities: TrustInSoft Analyzer leverages sound, mathematical methods to detect memory issues, such as buffer overflows, uninitialized variables, and type overflows. This level of rigor aligns with CISA’s call to eliminate the dangers of memory-unsafe code in critical infrastructure software. As Edsger W. Dijksra wrote, “Program testing can be used to show the presence of bugs, but never to show their absence!”. Traditional testing methods can miss problems because they only check some of the possible scenarios. A sound static analyzer, like TrustInSoft Analyzer, takes a different approach. It checks all possible scenarios in your code, ensuring no critical memory issues are overlooked. It’s like having a magnifying glass that sees every detail, so you can fix issues early and with confidence. It is de facto a reliable asset for detecting and addressing memory-related issues early.
- Formal Verification for Security-Sensitive Code: For sectors such as healthcare, energy, and defense, software is required to meet stringent safety and security standards. TrustInSoft Analyzer supports formal verification methods, which allow developers to create proof statements of code behavior that are highly effective for code in critical areas like cryptographic functions. This capability gives developers the precision needed to validate the safety of their software and achieve regulatory compliance.
- Enhanced Toolchain Integration: TrustInSoft Analyzer integrates into Agile and V-model workflows, streamlining the development process. With a focus on early, automated verification, it empowers developers to identify potential flaws at each development stage. This reduces rework costs and strengthens code resilience, ensuring that memory vulnerabilities are addressed proactively.
Building a Culture of Memory Safety
Besides using sound static analysis, CISA encourages developers to cultivate secure coding practices and prioritize high-risk areas within their codebases. Given that 40% of organizations do not yet use key supply chain security technologies, adopting TrustInSoft Analyzer in critical software development workflows supports an organization-wide culture of security and accountability.
Additionally, the NIST Secure Software Development Framework (SSDF) now recommends tools like static analyzers, dynamic testing, and penetration testing as part of a secure development lifecycle. TrustInSoft Analyzer is well-suited to support this framework, especially in detecting the kinds of undefined behaviors that lead to security vulnerabilities in C and C++.
Time to Embrace Secure by Design Practices
This shift toward secure, memory-safe software represents a significant opportunity for software developers. TrustInSoft Analyzer offers the robustness and precision required to eliminate risky practices and deliver secure software to critical infrastructure sectors. As vendors prioritize memory safety and responsible open-source management, TrustInSoft Analyzer should be an essential part of every C/C++ developer’s toolkit.
Invest in TrustInSoft Analyzer today to align your software with emerging security standards, reduce memory vulnerabilities, and establish a solid foundation for secure software development in C and C++. In addition to deploying TrustInSoft Analyzer for in-house analysis, you can also leverage TrustInSoft's Formal Verification Services (FVS) to outsource the formal verification of open-source code integrated into your products. This on-demand service provides expert formal verification for zero critical bugs, ensuring the security of your open-source stack without exposing proprietary intellectual property. Let TrustInSoft Analyzer and FVS help you meet today’s cybersecurity standards and safeguard your critical software.