The White House Office of the National Cyber Director is urging technical and research sectors to do their part in implementing secure-by-design and memory-safe principles in software development.
In a report released Monday, ONCD analyzed common vulnerabilities and exposures and found that the most common cause of software bugs since the 1980s are memory safety vulnerabilities.
Software and hardware creators have the ability to proactively prevent these flaws by designing memory-safe programming languages, according to the report. Its recommendations are based in part on request for information responses from the private sector and academic community.
ONCD also called on the research community to develop diagnostic approaches for software measurability and memory safety.
“This report was created for engineers by engineers because we know they can make the architecture and design decisions about the building blocks they consume – and this will have a tremendous effect on our ability to reduce the threat surface, protect the digital ecosystem and ultimately, the Nation,” said Anjana Rajan, assistant national cyber director for technology security.
