Draft mem safety statement post

Author: Hugo

content/blog/Statement calling for memory safety incentives for EU cybersecurity policies.md

@@ -0,0 +1,101 @@
++++
+title = "Statement calling for memory safety incentives for EU cybersecurity policies"
+slug = "calling-for-memory-safety-incentives-in-eu-cybersecurity-policies"
+authors = ["Hugo van de Pol"]
+date = 2025-12-15
+
+[taxonomies]
+tags=["announcement"]
+
+[extra]
+image = "/blog/mem-safety-statement-share-image-w1600.jpg"
+
++++
+
+![Improving Europe's cybersecurity posture through memory safety](/blog/mem-safety-statement-share-image-w1600.jpg)
+
+**Today we publish the statement *"Improving Europe's cybersecurity posture through memory safety"*, calling on European and national policymakers to provide clear incentives and support for the large-scale adoption of memory-safe technology**
+
+<!-- more -->
+
+The statement is a joint effort by secure-by-design experts at leading organizations, including Siemens Mobility, Sovereign Tech Agency, OpenSSF, Google, the Linux Foundation, the Rust Foundation, and national cybersecurity committees. 
+
+It has been ensorsed by European companies who are at the forefront of technologie, such as Infineon Technologies AG, as well as industry and academic experts, including experts from Signify, Volvo Cars, Radboud University, and TU Delft.
+
+Executive summary: 
+
+> “The number of cybersecurity incidents that affect European citizens and businesses is rising at an alarming rate. 70% of the vulnerabilities in major digital systems built on decades-old technologies share the same root cause and can be prevented by using modern, memory-safe technology.
+<br/> <br/>
+This technology is mature, perfectly fits Europe’s forthcoming secure-by-design approach to cybersecurity, and is the most effective way to protect Europe’s cybersecurity, to reduce cybersecurity costs, and to foster innovation.
+<br/> <br/>
+However, its adoption rate is slow due to a lack of short-term economic incentives. We’ve now left the door wide open: attackers eagerly exploit vulnerabilities in our major digital systems.
+<br/> <br/>
+The supporting organisations call on European and national policymakers to act, out of obligation as well as untapped opportunity: to provide clear incentives and support for the large-scale adoption of memory-safe technology.”
+
+**Download the full statement [here](/docs/improving-europes-cybersecurity-posture-through-memory-safety.pdf).** 
+
+## The time is now
+
+Having established a lack of awareness from EU and national policy makers, [Tara Tarakiyee and myself, Hugo van de Pol](#about-the-authors) initiated and led joint discussions with security experts and industry stakeholders, and authored the statement as a result.
+
+This lack of awareness contrasts heavily to [the proactive involvement of the Cybersecurity and Infrastructure Security Agency (CISA)](https://www.cisa.gov/securebydesign), among others, in the USA from 2023 onwards. With the CRA on its way, and the examples of CISA et al at our disposal, now is the time for the EU to act.
+
+## Looking ahead
+We're looking forward to presenting our point of view to EU and national policy makers, and to continuing to raise awareness of the need for faster adoption of modern memory safe technologie in 2026. 
+
+---
+
+## Supporting organisations
+
+- [Internet Security Research Group](https://www.abetterinternet.org/)
+- [Tauri](https://v2.tauri.app/)
+- [Rust Foundation](https://rustfoundation.org/)
+- [Special Interest Group Cybersecurity of ICT Research Platform Netherlands (IPN) and ACCSS](https://ict-research.nl/groups/special-interest-groups/sigsec/)
+- [Tweede golf](https://tweedegolf.nl/en)
+- [Trifecta Tech Foundation](https://trifectatech.org/)
+- [Stackable](https://stackable.tech/en/)
+- [OpenPrinting](https://openprinting.github.io/)
+- [Systemscape](https://www.systemscape.com/)
+- [Ferrous Systems](https://ferrous-systems.com/)
+- [Infineon Technologies AG](https://www.infineon.com/)
+- [AboutCode Foundation](https://www.aboutcode.foundation/)
+- [BlueBird Power](https://www.bluebirdpower.com/)
+
+## Supporting individuals
+
+- Leon Bouwmeester, director of engineering at Hue Connected, Signify
+- Julius Gustavsson, Expert System Architect, Volvo Cars
+- Till Kamppeter, lead of OpenPrinting
+- Mario Goffredo D'Andrea
+- Matthias Endler, Corrode
+- Bernard van Gastel, Radboud University
+- Frederic Ameye
+- Irakli Tabagari
+- Prof. Achim D. Brucker, University of Exeter (Chair in Cybersecurity)
+- Mathias Payer, Associate Professor at EPFL Alexios Voulimeneas, Assistant Professor at TU Delft
+- Prof. dr. Jaap-Henk Hoepman
+
+<br />
+
+## Contributors
+
+Contributions to this statement were made by:
+- Josh Aas, Internet Security Research Group
+- Rebecca Rumbul, Rust Foundation
+- Thomas Rooijakkers, TNO
+- Jeffrey Vander Stoep, Google
+- Benjamin Schilling
+- Christian (fukami) Horchert, CrabNebula Ltd.
+- prof. dr. H.J. Bos, Vrije Universiteit Amsterdam
+- Erik Poll, Radboud University
+- Harry van Haaren, Openchip,
+- Marius Gläß, Bundesamt für Sicherheit in der Informationstechnik
+- Joao Rebelo, S2E Systems B.V.
+
+---
+
+## About the authors
+[Tara Tarakiyee](https://www.linkedin.com/in/tarakiyee/) is a Technologist at [Sovereign Tech Agency](https://www.sovereign.tech/), who works on designing supporting and mobilizing resources to encourage, sustain and maintain our open digital infrastructure.
+
+[Hugo van de Pol](https://www.linkedin.com/in/hugo-van-de-pol-90665215/) is Director at [Tweede golf](https://tweedegolf.nl/en) and Board member at [Trifecta Tech Foundation](https://trifectatech.org/), who has been advocating the use of memory-safe technologies like Rust for years. 
+

content/news.md

@@ -5,6 +5,7 @@ template = "news.html"
 
 [extra]
 blogposts = [
+    "Statement calling for memory safety incentives for EU cybersecurity policies",
     "Emulating avx-512 intrinsics in Miri",
     "Support the call for memory safety incentives in EU cybersecurity policies",
     "Frequently Asked Questions about sudo-rs",