Thomas Pornin

Thomas Pornin ,

Thomas Pornin is a cryptographer, author of the BearSSL library. He works as a consultant for NCC Group, as part of the Cryptography Services team.


Talk: T1: Secure Programming For Embedded Systems

Description of T1, a new programming language that targets embedded systems: low RAM, low ROM, memory-safe, portable, supports coroutines.

Among the myriad of programming languages which have been defined over the last five decades, some provide memory safety (e.g. Java, Rust) but are often inapplicable to low-end embedded systems with 32-bit microcontrollers and a few dozen kilobytes of RAM at best:

  • Both RAM and ROM (Flash) sizes are severely constrained; a bulky runtime systems cannot be accommodated, and even a "normal-sized" stack is not an option.

  • Small embedded systems do not have an operating system at all, and do not provide features on which many language runtimes rely on, e.g. a MMU to trap dereferencing of NULL pointers, or multithreading.

  • Many microcontrollers use custom or reduced CPU versions that existing code generators do not support, forcing the use of a vendor-provided C compiler.

This talk describes T1, a novel programming language that tries to address these issues. It is an evolution of T0, the Forth-like language which is already successfully used in BearSSL for managing the SSL/TLS handshake and for verifying X.509 certificate chains.