Migration to Memory Safe Code

CRAM: C++ to Rust Assisted Migration

Near-automatic migration of C++ source into idiomatic, human-maintainable Rust code.

C++ to Rust Assisted Migration (CRAM) semi-automatically migrates well-designed, general-purpose C++ code into the Rust programming language. The motivation is to benefit from Rust’s safe programming abstractions, especially its memory access interface, enforced via an ownership model. The end-goal is to reduce program crashes, hangs, and security vulnerabilities caused by low-level memory management performed by the programmer, a common risk associated with legacy languages. The migrated source code will be human-readable and ready for further development in Rust.

Our philosophy is that Rust’s programming abstractions merely enforce what a safety-conscious C++ programmer should be doing anyway, even if the C++ language does not require it. Our migration therefore first refactors the given C++ program to a new C++ program, attempting to enforce many of the Rust programming abstractions at the C++ level. This prepares and facilitates, possibly even enables, the actual translation into Rust. Our migration then continues by identifying computational patterns in the C++ program and translating them into Rust code templates, supported by a library for code pattern translation.


C++ is not memory safe. Software bugs cost the economy billions of dollars annually. A large fraction are memory errors, which are among the most difficult to repair. Memory safe roadmaps are being recognized as a best practice [CISA].

Today, adopting a new language requires either manual code translation or full-scale reimplementation of legacy code bases.

These approaches are slow, costly, and error-prone, especially if the target language is unfamiliar.


Rust is a modern, efficient, and safe language, wiping out many memory-related programming errors.

CRAM migrates general-purpose C++ code to equivalent, human-maintainable, idiomatic Rust.


  • Largely frees human engineer from the chores of code translation or reimplementation
  • Enables future development of modern, safe, and community-supported code
  • Offers hardened and improved C++ as a refactoring by-product

System and Workflow

Refactored C++: available as a stand-alone capability, but also for migration transparency.
User monitoring: migration performed in rounds; user able to inspect changes side-by-side.
Automation: 100% for well-designed code built on top of the C++ STL; interactive for non-idiomatic C++.

CRAM in Practice C

Performance Study on Valhalla Routing Library

  • About 37,000 lines of code migrated automatically
  • Sample geometry application, compared to original C++
  • CRAM C++ refactoring gave a 2.7x speedup
    • Automated migration to Rust gave a further 2.3x speedup (similar final performance to hand-crafted Rust code)
    • Automated migration to Rust gave a further 2.3x speedup (similar final performance to hand-crafted Rust code)

CRAM for you

Open-source version of CRAM, docker image of the binary, demo video and related material freely available.

GrammaTech can:

  • extend applicability of CRAM to cover specific customer needs, such as low-level, C-style code fragments, code specialized for a non-mainstream (e.g., proprietary) compiler
  • provide a version of CRAM specializing in C++ refactoring (no Rust migration), with refactoring goals specified by customer

Distribution Statement ‘A’ (Approved for Public Release, Distribution Unlimited)

This material is based upon work supported by the Defense Advanced Research Projects Agency (DARPA) under Contract No.HR0011-22-C-0025. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the Defense Advanced Research Projects Agency (DARPA). 

Other Cyber Security Solutions

Check out all of GrammaTech’s Cyber Security Solutions and stay informed.

view all posts
  • Migration to Memory Safe Code

    Near-automatic migration of C++ source into idiomatic, human-maintainable Rust code.

  • Proteus

    Proteus automatically finds and fixes vulnerabilities in software binaries. It uses exploitability analysis to prioritize software weaknesses for remediation.

Contact Us

Get a personally guided tour of our solution offerings. 

Contact US