Rust Bytes: HighTec Launches ISO 26262 Qualified Rust Compiler for Automotive Software Development
Hello Rustacean! Welcome to another edition of the Rust Bytes newsletter. In this issue, we'll shine a spotlight on an amazing Rust project, present our spot-the-bug challenge, and share some incredible links of the week.
Welcome to Issue 18!
The Main Thing
HighTec Launches ISO 26262 ASIL D Qualified Rust Compiler for Automotive Software
HighTec has released a new Rust development platform targeting Infineon AURIX microcontrollers. This closed-source platform boasts ISO 26262 ASIL D qualification, making it a potentially significant development for automotive software development.
Here's a breakdown of key points we think we should consider and discuss.
Potential Benefits
Safety and Security - The ASIL D certification signifies the platform's adherence to rigorous safety standards. This could be a major advantage for automotive applications where safety is paramount.
Memory Safety - Rust's robust memory safety features can help reduce the risk of buffer overflows and other memory-related vulnerabilities that plague C/C++ code commonly used in automotive systems.
Efficiency - While we may debate the performance aspects, Rust can potentially lead to more concise and efficient code compared to C/C++.
Integration with Existing Code - The platform's ability to work alongside existing C/C++ code eases the transition for developers already invested in these languages.
Startup Ecosystem - The new AURIX Rust Startup Ecosystem provides resources like peripheral access crates and precompiled runtimes, potentially simplifying development for newcomers.
Discussion Points
Open Source vs. Closed Source - The closed-source nature of the platform might be a turn-off for some developers who value transparency and community contributions. This model also raises concerns about long-term support and potential vendor lock-in.
Adoption and Existing Tools - How will this platform integrate with existing Rust tooling like Cargo and rustup? Will developers need separate workflows for this platform?
Community and Upstream Contributions - While HighTec is a member of the Rust Foundation, will there be opportunities to contribute improvements back to the core Rust language or compiler?
Real-World Adoption Timeline - While the technology is available, the automotive industry is known for its slow adoption of new technologies. How long will it take before we see this platform used in production vehicles?
Alternatives - Ferrocene (ISO 26262 (ASIL D) and IEC 61508 (SIL 4) qualified) is another option for safety-critical Rust development. How does the HighTec platform compare in terms of features, ease of use, and certification?
Additional Considerations
Long-term Costs - While the initial evaluation package might be free, the long-term licensing costs associated with the closed-source platform need to be factored in.
Hardware Availability - Developing for a specific microcontroller architecture might limit the platform's applicability to other embedded systems.
Documentation - The Infineon documentation is under NDA (at the time of writing). Could this limited access hinder wider adoption and independent review?
Spot the Bug
Identify why the code fails to compile and suggest a way to fix it.
Share your solution in the comments below for a chance to be featured in our next newsletter!
Project Spotlight
Rerun
Rerun is an open-source visualisation toolbox designed for developers working with multimodal data streams. It allows you to visualise various data types like images, tensors, point clouds, and text in real-time as they are generated.
Key Features
Live Visualisation - Stream data from your application to the Rerun Viewer for immediate visual feedback.
Multimodal Support - Handle diverse data types within a single visualisation framework.
Easy Integration - Integrate Rerun into your C++, Python, or Rust projects using available SDKs.
Rerun is open-source on GitHub.
Awesome links of the week
A critical vulnerability (CVE-2024-24576) was discovered last week in the Rust standard library on Windows when using untrusted arguments with batch files. The good news is, a fix has already been released in version 1.77.2 to mitigate the risk.
The Rust team introduced changes to Rust's WebAssembly System Interface (WASI) targets, with the addition of WASI 0.2 as a new target. Link.
Niko Matsakis wrote about ownership in the context of managing a large open-source project, Rust. You can read this delightful piece here.
Ratatui received funding to supercharge its development and sustainability. Here's to Orhun Parmaksız and the team, wishing them the utmost success in shaping the project's future! 🚀
Thorsten Ball and Antonio Scandurra, members of the Zed team wrote about asynchronous Rust's role in Zed, emphasizing its use for high-performance native applications. Link.
Guillaume Gomez wrote an article on building your own Rust linter. Link.
Jacob Beningo wrote a piece discussing Rust's current role in embedded systems development and addressing the question of whether you should learn Rust. Link.
Jonathan Corbet discussed Rust’s memory model in the kernel highlighting its challenges in integrating Rust into a C-dominated system like the kernel. Link.
Tenny Zhuang wrote on the use of const currying in Rust to enhance function performance by partially applying function arguments. Link.
Anshul Sanghi authored a thorough and insightful guide on multi-scale processing of Astronomical Images. Link.
[Bonus]
Jonathan Blow gave a thrilling talk titled "Rust Will Lose”.
Spot The Bug: Solution
The Bug: Compiler error!
The bug lies in the `perform_operation` function and how it interacts with the `MathOperation` trait.
Solution:
The function takes a reference (&) to the MathOperation trait. This creates a reference to the trait definition itself, not a reference to a specific type that implements the trait. The compiler requires us to use the `dyn` keyword to explicitly declare a dynamically sized trait object.
Why `dyn` is Necessary:
Specifying `dyn` is necessary because trait objects are dynamically sized. They can hold a reference to any type that implements the MathOperation trait. The actual type is only determined at runtime. Without dyn, the compiler cannot determine the size of the data in the trait object, making it impossible to call methods through it.
```
trait MathOperation {
fn operate(&self, x: i32, y: i32) -> i32;
}
struct Addition;
impl MathOperation for Addition {
fn operate(&self, x: i32, y: i32) -> i32 {
x + y
}
}
fn main() {
let add_op = Addition;
let result = perform_operation(&add_op, 10, 5);
println!("Addition result: {}", result);
}
fn perform_operation(op: &dyn MathOperation, x: i32, y: i32) -> i32 {
op.operate(x, y)
}
```
Before You Go
To support the newsletter:
❤️ Recommend the newsletter to your friends: it really helps!
💸 Sponsor the newsletter.
🤳 Check us out on our socials: X, Rustaceans Publication.
📨 Contact us through rustaceanseditors@gmail.com feedback is welcome.
That's all for now, Rustaceans! Until next week, have a productive week ahead.