RUST in the embedded world
Currently, the programming language C or C++ clearly dominates in embedded software projects. But a new trend is emerging. Rust is becoming increasingly important as an alternative. Why is that? And does this mean that C/C++ will soon be obsolete? In this article, we take a down-to-earth look at the rise of Rust in the embedded sector.
One of the main arguments in favor of Rust is its significantly higher code security. The language detects many programming errors. In particular, memory errors such as null pointers or buffer overflows – even at compile time. This means that such errors are caught before the program even runs. (By way of explanation: compile time is the phase in which the source code is translated into binary instructions that can be executed by the processor). To put it simply, you can think of it like a highly qualified simultaneous interpreter who even notices grammatical errors and inaccuracies on the part of the speaker and automatically corrects them in its translation.
Many potential crashes or security vulnerabilities are prevented from the outset. The Rust compiler prevents insecure code from being created in the first place. The result is less troubleshooting and debugging work afterwards. The best thing is that this additional security is not at the expense of performance. Rust programs are translated directly into efficient machine code and generally run just as quickly and resource-efficiently as C/C++ programs. But with the reassuring feeling that critical memory problems have already been eliminated.
Especially in safety-critical areas such as medical technology, the automotive industry or aviation, software reliability is a top priority. In the worst case, errors in embedded software can endanger human lives or cause high consequential costs. The majority of serious software errors can be traced back to problems in memory management. Think of unnoticed memory leaks or overwrites that later lead to system crashes. This is precisely where Rust comes in and prevents such sources of error from the outset. For developers and companies, this means a lower risk of critical bugs only being discovered in the field.
In medical technology, for example, control software or firmware for devices must function absolutely reliably. If Rust’s strict checks ensure that buffer overflows or accesses to invalid memory areas do not even make it into the finished product, this is a huge plus in terms of security. It is therefore not surprising that Rust is attracting a lot of attention in these sectors. Even large tech companies and government agencies are showing interest in Rust as a way to increase software quality and security. After all, Rust offers a rare combination: high execution speed like C/C++ and built-in protection against the most common programming errors.
Rust is still in its infancy
As promising as Rust is, the language is still comparatively young (only published in 2015) and is still in its infancy in the embedded environment, so to speak. In practice, this means that C and C++ will continue to play the main role for the time being. There are several reasons for this. Firstly, the Rust community and its distribution is even smaller than the C/C++ community that has grown over decades. Experienced Rust developers are correspondingly harder to find. The still limited availability of Rust professionals can pose a risk for companies, especially when job profiles often require “several years of experience”, which is naturally rare for a new technology.
On the other hand, the ecosystem around Rust in the embedded sector is still being developed. Mature Rust toolchains and libraries are not yet available for all microcontrollers or processor platforms.
How do we at B&W deal with this trend?
We are keeping an eye on new technologies such as Rust, because we welcome anything that increases the quality and security of our developments. Rust’s approach of eliminating critical errors from the outset therefore fits in well with our understanding of high-quality software. At the same time, we rely on pragmatism and experience. Proven languages such as C and C++ currently remain the standard for good reasons: they are mature, widely supported and our developers have many years of expertise in them. So we don’t blindly chase after every trend, but carefully examine when and where Rust offers real added value. We gather experience with Rust in pilot projects and internal tests in order to verify the benefits in practice and identify potential teething problems. In this way, we ensure that we are ready to use Rust in a targeted manner where it makes sense and is mature – without jeopardizing reliability.
We take advantage of opportunities and weigh up risks carefully. This allows us to keep our finger on the pulse and at the same time deliver the reliability that is essential in embedded projects.
