At NDSS 2026, @dwallach outlined DARPA's plan to solve memory safety bugs using AI.
-
At NDSS 2026, @dwallach outlined DARPA's plan to solve memory safety bugs using AI. But the real rabbit hole is what happens next: securing hardware against physical decay. My new post on scaling election security principles to the global Internet: https://josephhall.org/blog/wallach-mem-safety-sw-independence/ 1/6
-
But perfect code exposes a deeper crisis. What happens when flawless software runs on imperfect, degrading hardware? As chips shrink and age, we see a rise in Silent Data Corruptions (SDCs) where hyperscale silicon confidently returns the wrong math. 4/6
To survive hardware betrayal, DARPA's COOP program treats the processor as a black box. By monitoring physical exhaust like power fluctuations and EM emissions, COOP uses the analog signature of the chip as an undeniable oracle for digital correctness. 5/6
-
Now at DARPA, Dan is scaling software independence to the entire Internet. The TRACTOR program is tackling the legacy C/C++ bottleneck, using advanced AI to translate unsafe code into structurally verified, idiomatic Rust without crushing performance overhead. 3/6
But perfect code exposes a deeper crisis. What happens when flawless software runs on imperfect, degrading hardware? As chips shrink and age, we see a rise in Silent Data Corruptions (SDCs) where hyperscale silicon confidently returns the wrong math. 4/6
-
At NDSS 2026, @dwallach outlined DARPA's plan to solve memory safety bugs using AI. But the real rabbit hole is what happens next: securing hardware against physical decay. My new post on scaling election security principles to the global Internet: https://josephhall.org/blog/wallach-mem-safety-sw-independence/ 1/6
Watching Dan's keynote brought me back to our days at the NSF ACCURATE center. Our work in election verification relied on Rivest and Wack's "software independence": the principle that a system must be structurally verifiable because software itself cannot be trusted. 2/6
-
To survive hardware betrayal, DARPA's COOP program treats the processor as a black box. By monitoring physical exhaust like power fluctuations and EM emissions, COOP uses the analog signature of the chip as an undeniable oracle for digital correctness. 5/6
We are moving past the era of patching buffer overflows. By enforcing structural verification in software and physical verification in hardware, we are building infrastructure where trust is mathematically and physically guaranteed. More: https://josephhall.org/blog/wallach-mem-safety-sw-independence/ 6/6
-
Watching Dan's keynote brought me back to our days at the NSF ACCURATE center. Our work in election verification relied on Rivest and Wack's "software independence": the principle that a system must be structurally verifiable because software itself cannot be trusted. 2/6
Now at DARPA, Dan is scaling software independence to the entire Internet. The TRACTOR program is tackling the legacy C/C++ bottleneck, using advanced AI to translate unsafe code into structurally verified, idiomatic Rust without crushing performance overhead. 3/6
-
We are moving past the era of patching buffer overflows. By enforcing structural verification in software and physical verification in hardware, we are building infrastructure where trust is mathematically and physically guaranteed. More: https://josephhall.org/blog/wallach-mem-safety-sw-independence/ 6/6
@joebeone love this thread, although it does make me think about the other unfixed problem: even if the software and the hardware run flawlessly, they still only do what humans have programmed in; how do we solve for the common case of code that does what I said but not what I meant?
-
@joebeone love this thread, although it does make me think about the other unfixed problem: even if the software and the hardware run flawlessly, they still only do what humans have programmed in; how do we solve for the common case of code that does what I said but not what I meant?
@darkuncle that's a great point and I think we are very far from "fixing human" ::) (I'd be interested in your thoughts on the full piece if you have time)
