DARPA Wants to Automatically Transpile C Code Into Rust - Using AI

The Defense Department's DARPA has initiated a project to develop machine-learning tools for automating the conversion of legacy C code into Rust, aiming to improve memory safety in software. Memory safety bugs, such as buffer overflows, are major sources of vulnerabilities in large codebases. DARPA's initiative leverages AI models to enhance programming language translation, striving for more secure software. Dan Wallach, DARPA program manager, highlights the current capability of AI chatbots in translating C to Rust but notes the need for significant improvement in translation accuracy for critical program constructs. The software engineering community acknowledges the persistent memory safety issues in C and C++, with a consensus on the necessity of more secure languages like Rust. The Office of the National Cyber Director has also emphasized the need for better security measures beyond bug-finding tools. Peter Morales, CEO of Code Metal, supports the project's potential impact on cybersecurity, noting the significant attention to memory safety. Wallach describes Rust as enforcing strict rules that ultimately provide freedom and security for programmers. Morales also acknowledges the challenge of addressing numerous edge cases in the translation process. Certain projects, like the Linux kernel, are excluded due to technical incompatibilities with Rust.