Microsoft recently created a stir after revealing it was taking some ideas from the popular Rust programming language to create a new language for ‘safe infrastructure programming’ under the banner Project Verona.
Matthew Parkinson, a Microsoft researcher from the Cambridge Computer Lab in the UK, detailed Project Verona for the first time in a talk late last year and promised that Microsoft would open-source the project soon.
Microsoft Research has now followed through and open-sourced Project Verona on GitHub, offering a few more details about the project and its ambitions for building safer systems through better memory management, compartmentalization, and “pervasive sandboxing”. Project Verona is also being aided by academics at Imperial College London.
As Parkinson explained, Project Verona aims to help secure code in unsafe languages like C and C# that still exists in a lot of Microsoft’s legacy code, which Microsoft can’t afford to waste but would like to protect better.
“We’re going to run some C and C++, stuff we don’t trust,” Parkinson said at the talk. “We’re going to put it in a box and we know there is this region of objects, we have to be very careful with it, but there’s a group of things going on there and we can built some pervasive sandboxing there. So there can be sandboxed libraries that we can embed in our sandboxed Verona program.”
The GitHub page for Project Verona outlines some of the high-level questions the group is working on that will be fleshed out in forthcoming peer-reviewed articles. The questions include:
- If we design a language without concurrent mutation, can we build scalable memory management?
- Can linear regions be used to remove the restrictions of per-object linearity without sacrificing memory management?
- Can language-level regions be used to support compartmentalizations?
Also, Rust isn’t the only language that’s inspiring Project Verona, which also borrows concepts from Cyclone, a “safe dialect of C” and Pony, which has key contributors from Microsoft Research.
The GitHub page, written by Parkinson, stresses that Project Verona is not a product and also has no bearing on Microsoft’s ongoing use of C++, C#, and Rust. Microsoft last year revealed it was experimenting with Rust instead of C and C++ to write low-level Windows components.
“Project Verona is a research project that is not affecting engineering choices in the company,” it states.
“The Project Verona team is connected to the people using all the major languages at the company, and want to learn from their experience, so we can research the problems that matter.”
Additionally, Microsoft considers Project Verona a “research programming language” and hopes that, by open-sourcing it, it can attract academic collaborators who want to explore the concept of concurrent ownership.
Parkinson has also provided a more detailed rundown of Project Verona’s goals, concepts and where it fits within systems programming.
“With Project Verona, we are carving out an area of system programming, ‘infrastructure programming’, that has important performance and predictability requirements, without needing raw access to the machine,” he writes.
“In Project Verona, we do not expect our research language to be suitable for implementing the Verona runtime itself. This is an explicit non-goal of the project.”
More on programming languages