{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,31]],"date-time":"2026-01-31T01:57:32Z","timestamp":1769824652261,"version":"3.49.0"},"reference-count":18,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2025,1,22]],"date-time":"2025-01-22T00:00:00Z","timestamp":1737504000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["Commun. ACM"],"published-print":{"date-parts":[[2025,2]]},"abstract":"<jats:p>Twenty-one authors, spanning academia and industry, with expertise in memory-safety research, deployment, and policy, argue that standardization is an essential next step to achieving universal strong memory safety.<\/jats:p>","DOI":"10.1145\/3708553","type":"journal-article","created":{"date-parts":[[2025,1,20]],"date-time":"2025-01-20T16:01:42Z","timestamp":1737388902000},"page":"40-45","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["It Is Time to Standardize Principles and Practices for Software Memory Safety"],"prefix":"10.1145","volume":"68","author":[{"given":"Robert N.M.","family":"Watson","sequence":"first","affiliation":[{"name":"University of Cambridge, Cambridge, United Kingdom"}]},{"given":"John","family":"Baldwin","sequence":"additional","affiliation":[{"name":"Ararat River Consulting, Ashland, VA, USA"}]},{"given":"David","family":"Chisnall","sequence":"additional","affiliation":[{"name":"University of Cambridge, Cambridge, United Kingdom"}]},{"given":"Tony","family":"Chen","sequence":"additional","affiliation":[{"name":"Microsoft, Seattle, WA, USA"}]},{"given":"Jessica","family":"Clarke","sequence":"additional","affiliation":[{"name":"Cambridge University, Cambridge, United Kingdom"}]},{"given":"Brooks","family":"Davis","sequence":"additional","affiliation":[{"name":"SRI International, Menlo Park, CA, USA"}]},{"given":"Nathaniel","family":"Filardo","sequence":"additional","affiliation":[{"name":"University of Cambridge, Cambridge, United Kingdom"}]},{"given":"Brett","family":"Gutstein","sequence":"additional","affiliation":[{"name":"University of Cambridge, Cambridge, United Kingdom"}]},{"given":"Graeme","family":"Jenkinson","sequence":"additional","affiliation":[{"name":"Capabilities Limited, Cambridge, United Kingdom"}]},{"given":"Ben","family":"Laurie","sequence":"additional","affiliation":[{"name":"Google, Mountain View, CA, USA"}]},{"given":"Alfredo","family":"Mazzinghi","sequence":"additional","affiliation":[{"name":"Cambridge University, Cambridge, United Kingdom"}]},{"given":"Simon","family":"Moore","sequence":"additional","affiliation":[{"name":"Cambridge University, Cambridge, United Kingdom"}]},{"given":"Peter G.","family":"Neumann","sequence":"additional","affiliation":[{"name":"SRI International, Menlo Park, CA, USA"}]},{"given":"Hamed","family":"Okhravi","sequence":"additional","affiliation":[{"name":"MIT, Lincoln Laboratory, Cambridge, MA, USA"}]},{"given":"Alex","family":"Richardson","sequence":"additional","affiliation":[{"name":"Google, Mountain View, CA, USA"}]},{"given":"Alex","family":"Rebert","sequence":"additional","affiliation":[{"name":"Google, Mountain View, CA, USA"}]},{"given":"Peter","family":"Sewell","sequence":"additional","affiliation":[{"name":"Cambridge University, Cambridge, United Kingdom"}]},{"given":"Laurence","family":"Tratt","sequence":"additional","affiliation":[{"name":"King College London, London, United Kingdom"}]},{"given":"Murali","family":"Vijayaraghavan","sequence":"additional","affiliation":[{"name":"Google, Mountain View, CA, USA"}]},{"given":"Hugo","family":"Vincent","sequence":"additional","affiliation":[{"name":"Arm Limited, Cambridge, USA"}]},{"given":"Konrad","family":"Witaszczyk","sequence":"additional","affiliation":[{"name":"University of Cambridge, Cambridge, USA"}]}],"member":"320","published-online":{"date-parts":[[2025,1,22]]},"reference":[{"key":"e_1_3_1_2_2","unstructured":"CISA NSA FBI ASD\u2019s ACSC CCCS NCSC-UK NCSC-NZ and CERT-NZ. The Case for Memory Safe Roadmaps Why Both C-Suite Executives and Technical Experts Need to Take Memory Safe Coding Seriously (Dec. 2023); https:\/\/bit.ly\/49JbnVG"},{"key":"e_1_3_1_3_2","unstructured":"CISA. Widespread IT Outage Due to CrowdStrike Update. (2024); https:\/\/bit.ly\/41wUxXM"},{"key":"e_1_3_1_4_2","unstructured":"Department for Business. Energy & Industrial Strategy Confronting Cyber Threats to Businesses and Personal Data. (Oct. 2019); https:\/\/bit.ly\/4fbICC0"},{"key":"e_1_3_1_5_2","volume-title":"Memory Safety","author":"Google","year":"2020","unstructured":"Google. Memory Safety. The Chromium Projects\u2019 documentation. (2020); https:\/\/bit.ly\/4gyCl4n"},{"key":"e_1_3_1_6_2","unstructured":"Greenberg A. Ransomware payments hit a record $1.1 billion in 2023. Wired Magazine (Feb. 2024); https:\/\/bit.ly\/3ZRxbeb."},{"key":"e_1_3_1_7_2","unstructured":"LLVM Project. C++ Safe Buffers (2024); https:\/\/bit.ly\/4ixrREh"},{"key":"e_1_3_1_8_2","volume-title":"Memory Corruption Attacks: The Almost Complete History","author":"Meer H.","year":"2010","unstructured":"Meer, H. Memory Corruption Attacks: The Almost Complete History, BlackHat (2010)."},{"key":"e_1_3_1_9_2","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2022.24078"},{"key":"e_1_3_1_10_2","unstructured":"Nadella S. Prioritizing Security Above All Else (May 2024); https:\/\/bit.ly\/49E9Pfl"},{"key":"e_1_3_1_11_2","unstructured":"Digital N.H.S. WannaCry Ransomware Using SMB Vulnerability. (2017); https:\/\/bit.ly\/3Dg1xye"},{"key":"e_1_3_1_12_2","unstructured":"NSA. Software Memory Safety. Cybersecurity Information Sheet (Apr. 2023); https:\/\/bit.ly\/41tf67C"},{"key":"e_1_3_1_13_2","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2024.3409849"},{"key":"e_1_3_1_14_2","unstructured":"Rebert A. and Kern C. Secure by Design: Google\u2019s Perspective on Memory Safety (2024); https:\/\/bit.ly\/3ZBxVTv"},{"key":"e_1_3_1_15_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2013.13"},{"key":"e_1_3_1_16_2","unstructured":"The White House. Back to the Building Blocks: A Path Toward Measurable Security. (Feb. 2024); https:\/\/bit.ly\/4fkwU8d"},{"key":"e_1_3_1_17_2","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2024.3396701"},{"key":"e_1_3_1_18_2","unstructured":"Watson R. et al. It\u2019s Time to Standardize Principles and Practices for Software Memory Safety (2024); https:\/\/bit.ly\/3DaH3XQ"},{"key":"e_1_3_1_19_2","volume-title":"Windows11: The Journey to Security by Default","author":"Weston D.","year":"2023","unstructured":"Weston, D. Windows11: The Journey to Security by Default. BlueHat, IL (2023)."}],"container-title":["Communications of the ACM"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3708553","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3708553","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:17:46Z","timestamp":1750295866000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3708553"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,1,22]]},"references-count":18,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2025,2]]}},"alternative-id":["10.1145\/3708553"],"URL":"https:\/\/doi.org\/10.1145\/3708553","relation":{},"ISSN":["0001-0782","1557-7317"],"issn-type":[{"value":"0001-0782","type":"print"},{"value":"1557-7317","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,1,22]]},"assertion":[{"value":"2025-01-22","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}