[摘要] Microcontrollers - low-power, real-mode CPUS - drive digital electronics all over the world, making their safety and reliability critical. However, microcontrollers generally lack the memory protection common in desktop processors, so memory safety must come through other means. One such mechanism is Bedrock, a library for the Coq proof assistant that applies separation logic to a small c-like language, allowing programmers to prove memory-related properties about their code. I used Bedrock to build a security peripheral out of a Cortex-m3 microcontroller; my peripheral provides both AES encryption and append-only logging to a host system, and I showed the software it runs is memory-safe. Working with Bedrock was challenging but rewarding, and it provides a glimpse into a future where system programmers can prove code correct as a matter of course.