Secure Systems Engineering, Fall 2024

Lab 2

• Out on: Wed Sep 4
• Due on: Tue Sep 10, 10p EDT
• Collaboration: none
• Grading: completion, out of 13 points
  • 5 points for the minigrep code
  • 1 point per question response

Please read this description in its entirety before starting the lab!

Introduction

This lab will be a hands-on experience in writing Rust, a programming language for secure systems engineering. To quote the Rust book:

The Rust programming language helps you write faster, more reliable software. High-level ergonomics and low-level control are often at odds in programming language design; Rust challenges that conflict. Through balancing powerful technical capacity and a great developer experience, Rust gives you the option to control low-level details (such as memory usage) without all the hassle traditionally associated with such control.

This lab requires the use of some more advanced Rust concepts, which you will read about beforehand. Take your time, and try to make sure you understand everything – you still have until Tuesday to submit.

Learning objectives

In this lab, you will:

• Understand basic Rust syntax, such as variables, types, and operators
• Get comfortable with using cargo and the Rust toolchain to manage a project
• Use Rust collection types like vectors and strings
• Apply test-driven development to write code
• Employ advanced Rust features, such as traits and lifetimes

Helpful resources

• The Rust Programming Language book

Lab setup

If you have not set up Rust, you’ll need to install it first.

Open a terminal and enter the following command:

$ curl --proto '=https' --tlsv1.2 https://sh.rustup.rs -sSf | sh

The command downloads and runs the rustup script, which installs Rust:

Rust is installed now. Great!

I highly recommend installing VSCode and its Rust extension while learning Rust. Take a minute to do so before you begin – part of Rust’s value is in its robust tooling and developer support. There also is support for other IDEs and text editors. For example, if you are a l33t h4x0r and want to use Vim, you can still take advantage of the tooling.

Note. If you were unable to bring your laptop to class today, or cannot set up Rust right now, you can also complete this lab using the Rust Playground (though the experience might be degraded on a tablet or smartphone).

Part 1: Reading

Read the following chapters in the Rust book:

7. Managing Growing Projects with Packages, Crates, and Modules
8. Common Collections
9. Error Handling
10. Generic Types, Traits, and Lifetimes
11. Writing Automated Tests

These chapters are more advanced Rust concepts than those we discussed in lecture. If you need a refresher, use Chapters 3-6 in the Rust book as a reference.

As you do your reading, try out each code snippet in your own local copy of Rust. I encourage you make sure to type each line into your editor, rather than copy-and-pasting. It may seem silly, but typing the code well help you get the muscle memory of writing Rust faster. I will be available if you want to ask any questions.

Part 2: An I/O project

Go through Chapter 12, “Building a Command Line Program” in the Rust book. Follow each step, line-by-line, all the way until you have a complete minigrep program. Once again, I encourage you make sure to type each line into your editor.

Part 3: Reflection

After you’ve completed the project, add comments to the top of src/main.rs answering the following questions:

1. Identify three Rust syntax structures used in the design of minigrep. How are these syntax structures similar to programming languages you have seen in the past? How are they different?
2. Describe the process of reading and iterating over file contents in Rust. How is this different from other languages you might be familiar with?
3. Explain the benefits of using external libraries for the tasks in this project. Would you have implemented this functionality yourself, or was it better to use an existing library?
4. Explain the drawbacks of using external libraries for the tasks in this project. Try to think like a security engineer – what could go wrong?
5. Discuss the challenges you faced while implementing the minigrep functionality. How did you overcome them?
6. Reflect on the importance of code testing and documentation in a project like minigrep. How did you test your code? Why was it helpful?
7. Describe any specific skills or tools you learned or used that you can apply to future projects.
8. What aspects of Rust did you find easy to grasp, and what parts required more effort or additional resources?

What to turn in

Upload the following to Blackboard before the due date above:

• The gzipped code archive of your minigrep project directory
  • Before you gzip the directory, make sure to run cargo clean
    • This removes any junk files, like those in target/
  • The archive should contain all of the files that remain in the directory, including all files in src/ as well asCargo.toml.
  • The top of src/main.rs should contain comments responding to the questions above. These may take up several lines.