// the find
tnballo/high-assurance-rust
A free book about developing secure and robust systems software.
A free online book teaching secure systems programming through Rust, covering memory safety, cryptography basics, fuzzing, and supply chain security. Aimed at experienced developers who want to understand why Rust's guarantees matter at the systems level, not just how to use the syntax. The working code examples throughout are real Rust projects, not toy snippets.
The book pairs theory with runnable code — each chapter has a hands-on project (RC4 implementation, stack data structure, differential fuzzer) that makes the concepts stick. The supply chain chapter (chp14) goes beyond the usual advice and actually implements a policy tool that checks for duplicate crypto dependencies, which is more useful than most treatments of this topic. Fifty-four diagrams for 186 pages is a high ratio; the memory layout and ownership diagrams are genuinely clarifying rather than decorative. The internal `har_analyze` linting tool shows the authors eat their own cooking — they wrote Rust to maintain the Rust book.
Several chapters are marked PLACEHOLDER and haven't shipped yet (chp4's safe_rust section, chp12's diff_fuzz chapter), so the book is still incomplete after three years. The 43-fork count on 1,400 stars suggests readers treat it as read-only rather than something they interact with, which tracks with CC BY-NC-ND licensing that blocks derivative works. Coverage stops before async Rust entirely, which is where most production systems code actually lives. The repo structure mixes generated HTML docs directly into the repo rather than building them in CI, which means the committed docs can drift from the source markdown.