Abstract
The Ship of Theseus is a thought experiment that asks the question “if a ship has had all its components replaced one by one, would it remain the same ship?”. If we did the same to a Simulator, replacing its software components one by one with a memory safe implementation, would it remain the same simulator? We assert the answer is yes, but with the attribute of being more cyberworthy.
Cyber threats are increasing due to a deterioration in the global security environment and increasing sophistication of cyber criminals. At the same time, the need to interconnect simulations to enable collective training or training services is growing. This leads to an increased need for cyberworthiness of simulators. Impacts to the availability or integrity of these simulators can reduce the availability or competency of trained professionals, risking disruptions to important elements of the economy.
Simulators contain complex software that carries risk in the form of potential software vulnerabilities. Memory safety vulnerabilities, a category of software vulnerability, are common and a prevalent type of software vulnerability that threat actors routinely exploit. Memory safety vulnerabilities pose such a risk that a joint statement was made by the Five Eyes National Security Agencies calling for the transition to Memory Safe Languages (MSLs) in Software Systems.
This paper explores the utility and benefit of MSLs in the context of Simulation and provides an approach to iteratively replace small legacy software components of a Simulator written in C/C++ using Rust. This approach leverages Rust’s ability to generate C-bindings to integrate with the legacy system. A proof-of-concept of this approach is presented with the lessons learnt and general advice on how to transition legacy simulation software components to an MSL, eliminating this class of software vulnerability through the memory safety guarantees provided by Rust.