The United States Government is warning about memory-unsafe programming languages like C and C++, which leave critical infrastructure vulnerable to exploits. Industry research backs up the government’s concerns, with Microsoft reporting that 70% of vulnerabilities could be prevented by memory-safe languages. Google’s research shows that 68% of exploits are related to memory corruption. Rust is the only language providing rigorous memory safety, but migrating from C++ to Rust is challenging due to differences in features and interop capability. Safe C++, an extension of C++, aims to provide the same safety guarantees as Rust while maintaining interoperability with existing code. It introduces new safety mechanisms to prevent common vulnerabilities like iterator invalidation. The memory safety problem is broken down into categories like lifetime safety, type safety (null variety), and type safety (union variety). These categories require new language technologies like borrow checking and optional types to address vulnerabilities and improve software quality. The goal is to eliminate undefined behavior and prevent safety-related exploits by providing a safe programming environment.
https://www.circle-lang.org/site/intro/