What is Rust?

The 100-foot view

A free and open-source systems programming language

A language empowering everyone to build reliable and efficient software.

Hello, World

fn main() {
    println!("Hello, world!");
}

You can build...

Network Services
Command-line Apps
Web Apps
Desktop Apps
Bootloaders

Device Drivers
Hypervisors
Embedded Systems
Libraries/plugins for applications in other languages

Front-end or Back-end?

It's applicable at every point in the stack!

The Three Words

Safety
Performance
Productivity

It's increasingly popular!

Stack Overflow Survey 2023:

Rust is on its eighth year as the most ~~loved~~ admired language with 85% of developers saying they want to continue using it.

Cross-platform

Windows, macOS, Linux
iOS, Android, Web, QNX, Bare-metal, etc

Portable

Source code is portable across multiple architectures:
- x86, RISC-V and Arm
- Power, MIPS, SPARC, ...

Rust can import C-compatible libraries

Want to use zlib, OpenSSL, SomeSpecialDriverLib? Sure!

Rust can export C-compatible libraries

Python extension modules? Ok!
Android native libraries? No problem.
Replace the file parser in your Very Large C++ Application? Can-do.

Where did Rust come from?

A Little Bit of History

Rust began around 2008
An experimental project by Graydon Hoare
Adopted by Mozilla
Presented to the general public as version 0.4 in 2012

Focus

Rust lost many features from 2012 to 2014
- garbage collector
- evented runtime
- complex error handling
- etc
Rust oriented itself towards being a usable systems programming language

Development

Always together with a larger project (e.g. Servo)
Early adoption of regular releases
RFC process
Editions

Public Release

First 1.0 release in 2015
- https://blog.rust-lang.org/2015/05/15/Rust-1.0.html
- "This release is the official beginning of our commitment to stability"
New release every six weeks since

Who's in charge now?

The Rust Project

https://www.rust-lang.org/governance

The Leadership Council
Compiler Team
Dev Tools Team
Infrastructure Team

Language Team
Library Team
Moderation Team
Launching Pad Team

Working Groups

Async WG
Command-line Interface WG
Embedded devices WG
Game Development WG

Rust by Example WG
Secure Code WG
Security Response WG
WebAssembly (WASM) WG

The Rust Foundation

... is an independent non-profit organization dedicated to stewarding the Rust programming language, nurturing the Rust ecosystem, and supporting the set of maintainers governing and developing the project.

It has a powerful list of members

https://foundation.rust-lang.org/members/

Who decides on new features?

Discuss in chat/forums
Open a Request For Change (RFC)
Relevant team takes a vote
Tracking ticket is created
Pull Request(s) to implement the change
Stabilisation

Summary

Rust is a collaborative open-source project that prides itself on inclusion
There is no "owner", nor "BDFL"
It has strong financial backing
It remains a work-in-progress

Is this a community I can engage with?

A strong Code of Conduct

The Rust Project, and pretty much the whole Community, follow a Code of Conduct:

We are committed to providing a friendly, safe and welcoming environment for all, regardless of level of experience, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, ethnicity, age, religion, nationality, or other similar characteristic.

A strong Code of Conduct

Likewise any spamming, trolling, flaming, baiting or other attention-stealing behavior is not welcome.

Builds on efforts in other communities

Why?

Because a community is only as strong as its members

Going beyond technical points, Rust has a vibrant, welcoming community - (Stack Overflow Blog)

Why?

If you allow both wolves and sheep into your space, you won't get any sheep
The Rust Community seems to have a higher than average representation from the LGBTQI+ community

So beginners are welcome?

Absolutely!
Relatively speaking, we're all still beginners
You even see open tickets on the rust-lang Github marked as E-easy: Good first issue.

This extends to the compiler's interface...

Any Rust error message which is unclear or ambiguous...
... is considered a bug and will be fixed ...
... if you open a ticket (or post @ the right people)

Compiler Error Driven Development works!

error[E0502]: cannot borrow `name` as mutable because it is also borrowed as immutable
 --> a.rs:4:5
  |
3 |     let nickname = &name[..3];
  |                     ---- immutable borrow occurs here
4 |     name.clear();
  |     ^^^^^^^^^^^^ mutable borrow occurs here
5 |     println!("Hello there, {}!", nickname);
  |                                  -------- immutable borrow later used here

For more information about this error, try `rustc --explain E0502`.

What does Rust run on?

Host vs Target

The machine you develop on
The machine the program runs on

Rust is a cross-compiler

It uses LLVM to generate machine code
Every Rust install is a cross-compiler
- No rummaging for extra installers for your specific target

Hosts

Windows (x86, Arm)
macOS (x86, Arm)
Linux (x86, Arm, RISC-V, MIPS, Power, S390x, SPARC...)
FreeBSD, NetBSD, Illumos, ...

Targets

All of the above, plus...
Android
iOS/watchOS/tvOS
Bare-metal Embedded
QNX, VxWorks, AIX
WebAssembly
UEFI
Nintendo Switch, Sony Playstation...
Add your own!

What does Rust cost?

Rust is Open Source

Under the MIT or Apache-2.0 licences
You can compile rustc and cargo yourself
https://github.com/rust-lang/rust

Binaries are provided free of charge

Available using the rustup tool
AWS sponsor the project
Nothing to sign, no USB dongle required

Support is available

There are lots of places you can go for help
- Forums, Discord, Reddit
- Professional consulting firms
- Rust Toolchain vendors

No-one is an expert overnight

Budget for some training
Budget for some time for the team to gain experience
Budget for some support when the team have questions

You might need a bigger computer...

Today, compiling the Rust compiler on a 4-core CPU, that is typically found in a standard laptop, takes up to 15 minutes with another 5-10 minutes for tests. However, a 96-core cloud virtual machine can complete the same build in less than 5 minutes with tests completing in 35 seconds.

Compile time checks vs run-time checks

Rust does a lot of work up front
The faster your checks run, the more productive you are!
A Raspberry Pi 4 technically works, but it takes a while...

Can I build safety-critical systems?

Some terminology

a system is certified as being sufficiently safe/correct
that system is often built using qualified tools
quality is the result of an ongoing process

What is a safety-critical system?

Generally built following a standard, like ISO 26262:

ISO 26262 is intended to be applied to safety-related systems that include one or more electrical and/or electronic (E/E) systems and that are installed in series production passenger cars with a maximum gross vehicle mass up to 3500 kg.

What is a safety-critical system?

Generally built following a standard, like ISO 26262:

This document describes a framework for functional safety to assist the development of safety-related E/E systems. This framework is intended to be used to integrate functional safety activities into a company-specific development framework.

And for other applications:

DO-178C Software Considerations in Airborne Systems and Equipment Certification
IEC 61508 Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems
IEC 62278 Railway applications - Specification and demonstration of reliability, availability, maintainability and safety
IEC 62034 Medical device software – Software life cycle processes
There are many others...

Can I use Rust?

Well you can use C
And C is kinda risky...
But processes have been developed to manage that risk
And C toolchains have been qualified so you can rely on them doing what they say they are going to do
- If you hold them the right way

Language Specifications

C has ISO/IEC 9899:2018 (C17)
C++ has ISO/IEC 14882:2020(E) (C++20)
Rust doesn't have a standard
- The open-source compiler is the standard
- The first ISO C standard (C90) came 17 years after C was invented, largely because there were a lot of different competing compilers

Ferrocene

Ferrocene is the open-source qualified Rust compiler toolchain for safety- and mission-critical. Qualified for automotive and industrial development.

ISO26262 (ASIL D) and IEC 61508 (SIL 4) available for x86 and ARM platforms.

Ferrocene

To produce Ferrocene, we first wrote the Ferrocene Language Specification
- See https://spec.ferrocene.dev
Ferrocene is based on the open-source Rust compiler
- Additional testing and run-time checks in the toolchain
- Lots of documentation!
Ferrocene itself is open-source software
- https://github.com/ferrocene/ferrocene
Pricing and support options at https://ferrocene.dev
Other companies have similar offerings (ask them!)