The Defense Advanced Research Project Agency is aiming to eliminate memory safety vulnerabilities completely with a new program.
The Department of Defense research division said Wednesday issues with disclosed software vulnerabilities can be solved with the help of the Translating All C to Rust, or TRACTOR, program.
TRACTOR is an answer to the call of the Office of the National Cyber Director for a more proactive approach to finally solving memory safety vulnerabilities and lowering the risk of attacks. The program will be hosting public competitions.
The program intends to find ways to automate the translation of the world’s legacy C code to the safer Rust programming language with the help of large language models and other advancements in machine learning.
Existing tools for finding bugs are not enough to tackle memory safety issues in C and C++. The problem with memory safe programming languages is that it is difficult to rewrite legacy code at a scale large enough to deal with the whole problem. With the help of LLMs, the possibility of memory safety vulnerabilities affecting a computer’s memory will be erased.
Dan Wallach, DARPA program manager for TRACTOR, described the process as simply going to any LLM website and telling the AI chatbot to translate C code to a safe idiomatic Rust code.
“The research challenge is to dramatically improve the automated translation from C to Rust, particularly for program constructs with the most relevance,” said Wallach.
Join the Potomac Officers Club in getting to know some of the nation’s leading defense researchers, experts and decision-makers at the 2025 Defense R&D Summit in January. Click here to register.