Rust in Embedded Systems: Driving Changes in Automotive and Industrial Applications

 

Rust will become the primary language for the development of new industrial and automotive applications – where safety is critical. Let's check out why we believe this and how our customers will benefit from this change. 

According to a research "Memory-safety challenge considered solved? An in-depth study with all Rust CVEs" by Cornell University, 60–70% of security vulnerabilities in embedded systems and electronic devices are related to memory issues. The Rust programming language effectively fixes them, making it a game changer in secure software development. We will prove this with specific examples in this article and back it up with case studies from global industrial leaders such as Volvo, Infineon, and Arculus. 

Rust promises to become a long-term trend, however, there are still far fewer Rust development specialists than C/C++ engineers. Promwad sees this as an excellent opportunity for us and our clients: we are already diving deep into the topic and training our engineers so that you can take full advantage of Rust development in your engineering projects.  

We prepared this article with the expert support of our unit leaders focused on embedded services, automotive design, and industrial automation. Read on to understand the future of Rust, or contact us straight away to discuss how it can be used in your custom projects. 

Before we delve into the basics of Rust, its features and related business advantages, we'd like to start with a brief extract of five reasons why we at Promwad have chosen this language for implementing client projects.  

Why Promwad chose Rust

Rust aligns with our commitment to creating robust, efficient, and future-proof solutions. And here is why:  

 

1. Strong ecosystem

Rust's inclusion in the Linux kernel alongside C signifies its mature ecosystem and high level of trust within the developer community. This integration demonstrates that Rust is strong enough to handle critical, low-level system tasks traditionally dominated by C and C++. By choosing Rust, we use a modern and proven language in one of the most critical software environments. 

 

2. Support for Android

The availability of Rust for Android development ensures that we can create secure and efficient applications for the Android platform. This compatibility is crucial as it allows us to develop cross-platform applications with consistent performance and security guarantees. 

 

3. Extensive microcontroller line

Rust supports a wide range of microcontroller manufacturers, including Nordic, NXP, TI, and Infineon – the first chip vendor to support Rust officially. This support allows us to develop versatile embedded systems across various hardware platforms, and our solutions can be deployed in diverse environments. 

 

4. Reliability in сritical systems

Rust's adoption in critical applications, such as space technology, underscores its reliability and stability. The RROS (Rust Runtime Operating System) project, which powers the Tianyi-33 satellite, highlights Rust’s capability to meet the stringent requirements of space missions where stability and performance are obligatory. This example of Rust in space grows our confidence in using Rust. 

 

5. Promising future

Rust is rapidly becoming the language of the future, embraced by major industry players for its robustness and performance. This adoption is exemplified by its integration into projects and products by tech giants such as Microsoft, who use Rust in Windows 11 and Microsoft 365.  

Additionally, Rust's inclusion in the development of NGINX, a widely used web server and reverse proxy server, shows its capability to handle high-performance applications. Its adoption by the GCC (GNU Compiler Collection) group is significant for Promwad, as we use GCC group compilers extensively.  

What is Rust and why is it on the rise?

Rust is a modern, multi-paradigm programming language created by Mozilla Research in 2010. As a fast and robust system language, it can be used in many applications, including embedded devices and web development.    

The ownership system in Rust development is a critical component that ensures memory safety without a garbage collector. This system efficiently manages memory during compile time, avoiding issues like data races and memory leaks. Rust additionally uses zero-cost abstractions that allow the employment of high-level programming structures while maintaining efficiency.  

how dpdk works

Rust's capabilities can translate into real business benefits 

 

The C and C++ languages influenced Rust's syntax, enabling developers to learn quickly and autonomously. It also provides compact code and uses functional programming ideas, pattern matching, and algebraic data types. Rust includes a Cargo package manager, simplifying dependency management and project creation.   

This language is not a classical language of object-oriented programming. Still, it combines low-level management and high-level abstractions, making it the perfect choice for system programming, game development, online services, and many other applications.  

Rust's popularity and adoption in embedded systems have been evidenced by various sources highlighting its relevance and growth. Also, in a new national cybersecurity strategy, the White House refers to Rust as the most secure common programming language.  

As for the popularity of this language among software engineers, as estimated by the Tiobe Index Rust was ranked 17th in March 2024. While it is not in the top ten languages, Rust's consistent ranking and stability suggest a steady increase in interest and usage: 

how dpdk works

Timeline. Tiobe Index for Rust. May 2024. Source: tiobe.com

how dpdk works

The number of Rust users is trending upward. Source: 2023 Annual Survey Results with with 9,710 respondents at blog.rust-lang.com

 

Additionally, Rust is a favorite programming language among professionals, as evidenced by the Stack Overflow Survey research.

The State of the Developer Nation Survey reports a significant increase in the number of programmers using Rust professionally, rising from 600,000 in 2020 to 3.5 million. The language has been adopted by innovative industries such as embedded systems, WebAssembly, blockchain, and cloud computing, showcasing its relevance across diverse sectors. 

Rust in automotive applications 

Vadim Shilov

 

Aliaksei Safonau,

Head of Automotive Unit at Promwad 

The Rust programming language is becoming increasingly sought after, specifically in the automotive industry, as it addresses key challenges developers and manufacturers face. Rust is used for software-defined vehicles (SDV), battery management systems (BMS), electric motors, blocks for chassis, ECU diagnostics, CAN communication and other areas. 

Here are the reasons why Rust is becoming the choice of our engineers for our clients' projects: 

 

1. Increased safety and reliability 

The main advantage of Rust design in automotive applications is its stringent safety features, which are made to minimise common programming errors that can lead to system failures or critical safety issues.  

 A minor software defect can lead to a serious safety hazard in automotive systems. The Society of Automotive Engineers (SAE) reports that Rust programming is a perfect choice for automotive and aerospace software systems due to its safety and security features.  

Vadim Shilov

"I think Rust has huge potential to allow us to produce higher quality code up front at a lower cost, which in turn would reduce our warranty costs, so it’s a win-win for the bottom line", says Johannes Foufas, Lead Architect Software at Volvo Cars, one of the major players in the automotive industry. 

2. Real-time performance 

Real-time performance is critical for automotive systems where delays and lags can lead to dramatic downfalls. For example, standards such as ISO 26262 and AUTOSAR define acceptable critical function delay thresholds and response times. Failure to comply with these standards can lead to accidents and potential system failures. These delays can impact everything from braking systems to collision avoidance mechanisms, where even a millisecond delay increases the risk of dangerous situations.  

Rust provides powerful performance capabilities similar to those of the C and C++ languages but with an added layer of security. The language is designed to provide fine-grained control over system resources, allowing developers to write low-level code that is both efficient and predictable, which is critical to meeting the real-time constraints of automotive systems.  

Rust in automotive applications compiles into low-level code without additional runtime overhead.    

how dpdk works

Promwad engineers use NXP's S32K family of microcontrollers for automotive projects on Rust. Source: nxp.com 

 

3. Interoperability

Integration with existing automotive architectures is another area where Rust excels. It provides excellent compatibility with other programming languages, which is important for automotive systems that often need to incorporate legacy code written in different languages.    

Rust in automotive applications can easily interface with C/C++ code, allowing developers to gradually incorporate the new language into existing systems without completely rewriting them. This capability facilitates using Rust's safety features in critical parts of the system while maintaining compatibility with the vast ecosystems of existing automotive software.  

Here are some real examples where the benefits of Rust can play a crucial role in the successful implementation and deployment of automotive projects: 

  

Use case: Rust for autonomous vehicle algorithms  

Cars have sophisticated infotainment systems that offer connectivity, navigation, and entertainment options. Rust has been used to develop components of these systems, especially those requiring high reliability and security, in particular personal data processing software or network functions.  

how dpdk works

Use case: Rust for battery management systems (BMS) for electric vehicles 

Battery management systems monitor and manage the electrical charge in vehicles. Rust's zero-cost abstractions and efficient performance make it suitable for developing software that optimises battery usage and extends life. This ensures the software is free from common bugs that can lead to inaccurate readings or potential failures.    

Rust in embedded systems

We live in a world where embedded systems are everywhere, from simple household appliances to industrial machinery. These systems perform real-time control tasks and operations, ensuring reliable and efficient operation. So, they require rigorous design protocols, testing, and validation to meet strict performance criteria. That's why embedded systems with Rust have a great future here because of its focus on security and performance.  

Rust's ownership model along with its borrowing and lifetime checking mechanisms ensure memory safety, preventing null pointer dereferencing and buffer overflows, typical problems of embedded programming.  

 

Use case with Infineon

Infineon Technologies AG, a Germany's largest semiconductor manufacturer and our official partner took the first step in creating a Rust ecosystem in embedded sector by launching a dedicated Rust compiler for its AURIX automotive MCUs. 

Rust developers can also write programs that perform multiple tasks simultaneously without data races. This is achieved through compile-time checks to ensure that two threads cannot access the same modifiable data at the same time. Another important advantage is that Rust has minimal execution time, especially in the context of embedded systems where resources are limited.   

Vadim Shilov

"Rust transformed our development processes: we have improved our applications' reliability and performance, reduced bugs and security vulnerabilities in manufacturing. The experience with Rust development has been both challenging and rewarding for us and our clients", said Pavel Moroshek, head of Embedded Services Unit at Promwad.

Traditionally, C and C++ have dominated embedded systems programming. While they offer great control over the system's low-level details, they also create risks associated with manual memory and pointer management. Rust provides a similar level of control but with strict security guarantees imposed at compile time.  

C and C++ support parallelism but require careful management of threads and synchronisation mechanisms to avoid errors. Rust's built-in parallelism features prevent many common problems in these languages. This language comes with Cargo, a package manager, and a build system that simplifies dependency management and compilation. C and C++, in contrast, often require manual customisation of make-files or external build systems.  

Rust in industrial automation

Vadim Shilov

 

Roman Shulenkov,

Head of Industrial Automation Unit at Promwad 

Software for industrial automation and robotics requires programming languages that provide safety, reliability, scalability, and cost-effectiveness. And Rust can provide all of this, let's break it down in more detail: 

 

1.Stability  

The Rust ownership model ensures that every value has a unique owner and that there can be no dangling pointers. These features are critical for industrial automation, where systems must run continuously and reliably for long periods without failures.  

This model, combined with Rust's strict type checking, means that many bugs that in other languages would only show up at runtime are detected early in development.  

how dpdk works

Cargo geiger is a tool that identifies insecure code. Source: github.com

 

2. Maintainability and scalability

Rust provides modularity and abstraction capabilities:  

  • The Cargo package manager and build system, as well as the language's module system, facilitate the creation of well-organised and reusable code. This allows developers to build complex systems from small, manageable pieces that are easier to understand, test, and maintain.   
  • Rust's trait system and associated types provide zero-cost abstractions that do not impact runtime performance. These capabilities make it easier to scale industrial automation systems as their complexity grows. Developers can extend functionality without significantly increasing code or maintenance complexity, enabling efficient system development with minimal technical debt.  

 

3. Development time and costs reducing

One of Rust's most important features for industrial automation is error checking at compile time. The Rust compiler provides reference safety and concurrency guarantees. This checking system helps detect bugs early in development, well before the deployment phase. By catching errors at compile time, Rust reduces the need for extensive debugging and testing steps.    

Reliable diagnostics at compile time means that systems are less likely to require runtime bug fixes after deployment, significantly reducing maintenance effort and costs. This aspect of Rust contributes to lower overall project costs, making it an economically attractive option for industrial automation projects.  

how dpdk works

Rust for robotics enables the developing of highly efficient, real-time control systems essential for precise operations

 

For example, Rust is used by EVA ICS in its industrial automation platform, the previous version of which was written in Python. EVA ICS v4 was released in September 2023, marking the debut of the world's first industrial automation platform written entirely in Rust. 

Arculus, a company that specialises in fleet software solutions, is gradually implementing Rust into its technology stack for robot control. Arculus engineers integrate Rust to enable dynamic routing, accurate task execution and integration with other systems, all of which are critical to maintaining optimal performance and safety in automated industrial environments.  

 

4. Protection 

Industrial automation systems often operate in real-time and control crucial processes that can impact safety. Rust’s strict memory safety guarantees, enforced through its ownership model and borrowing rules, prevent null pointer dereferences, buffer overflows, and data races. These errors can lead to system crashes, unpredictable behavior, or even catastrophic failures in an industrial setting. 

With Rust, problems at compile-time are eliminated and software running on automation systems is robust and reliable, which is crucial for maintaining continuous operations and ensuring equipment safety. That’s the reason why, for example, Rust can be used to develop virtual PLCs. 

Frequently, in industrial automation, many processes are executed simultaneously and must interact safely and efficiently. The Rust concurrency model is particularly useful for this purpose. C and C++ can struggle with concurrency issues, leading to race conditions and deadlocks. Rust’s design inherently prevents these problems, allowing developers to write concurrent programs that are both efficient and safe. 

Rust in industrial automation is conveniently used to develop software that meets the requirements of IEC 61508. For example, Ferrocene is an ISO 26262 and IEC 61508 certified Rust compiler. Rust code developed with Ferrocene can be used in mission-critical applications.  

Thus, it is correct to say that Rust does not directly support IEC 61508, but it can be used to develop software that meets the requirements of the standard by using qualified compilers and tools and following best practices for writing safe and reliable code. 

 

Industrial automation projects can benefit greatly from Rust's advantages, as shown in the following use cases:     

Use case. Smart manufacturing system 

A manufacturer integrated Rust to develop a smart manufacturing system as part of a project to modernise factory operations. This system coordinates automated equipment and robotics in the factory, ensuring high reliability and safety through Rust's memory safety features.

Use case. Automated quality control system   

An automotive parts supplier used Rust to develop an automated quality control system. This system uses image processing to inspect parts in real-time as they come off the assembly line. Rust's abstractions allow the system to process large amounts of data quickly and accurately, reducing waste and improving product quality.  

Rust’s learning curve

Despite Rust getting stronger in various industries, our experience already highlights a problem that can arise when working with this language. 

Rust has a robust system of ownership, lifetime, and borrowing rules that are the foundation for memory safety without a garbage collector. However, this has also made the language more difficult to learn, especially for those used to working in C or C++.  

The Rust compiler is known for its rigour and often produces a barrage of errors that can scare newcomers. These errors help prevent runtime crashes but also require a deep understanding of Rust's core principles to resolve them.   

how dpdk works

A third of professional software developer respondents said they became as productive using Rust as other languages in two months or less. 2022 Rust fact vs. fiction: 5 Insights from Google's Rust journey on opensource.googleblog.com 

 

In addition, Rust's approach to concurrency introduces complexities to the ownership and type system. New developers must deal with the management of immutable and mutable references. This aspect of Rust can be particularly challenging for embedded developers, who often work with real-time systems where the parallelism model directly impacts performance. 

Community and support

Rust's development is largely community-driven, supported by an active and growing base of developers committed to improving the language and expanding its ecosystem. This community plays a pivotal role in Rust's adoption of embedded systems, providing a wealth of resources, libraries, and tools that facilitate development.  

Many Rust users call themselves "Rustaceans" and use the crab Ferris the Rustacean as a symbol of a community. Source: rustacean.net 

 

One of the most significant community contributions is the creation of embedded-hal, a hardware abstraction layer for embedded systems that abstracts the hardware specifics of different microcontrollers. This project, among other things, enables developers to write reusable code that can work across various platforms, significantly lowering the barrier to entry for new Rust developers in the embedded space.  

Furthermore, the Rust Embedded Working Group actively works to enhance Rust's capabilities for embedded systems. They guide the development of new features, improve tooling, and maintain documentation that specifically addresses the needs of embedded developers. Their efforts ensure that Rust remains at the cutting edge of embedded systems development, continuously adapting to meet the industry's evolving demands.  

The future of Rust

As industries increasingly demand robust, safe, and efficient technology solutions, Rust is emerging as a key player in embedded systems.  

The shift towards more complex electronic systems and autonomous technologies in the automotive sector calls for programming solutions that offer safety and real-time performance. Rust's zero-cost abstractions and guaranteed memory safety make it a perfect choice for developing automotive software that controls everything from infotainment systems to critical driving functions.  

Rust's link to ISO 26262 is crucial for its use in automotive software. This language offers essential safety features but lacks a compliant toolkit. As tools certified for safety, Rust's adoption in safety-critical automotive systems is expected to rise, dependent on ISO-compliant toolchains and certified processes. 

how dpdk works

Scheme: ISO 26262 assesses automotive electrical safety with Automotive Safety Integrity Levels (ASIL)

 

As vehicle systems become more interconnected and reliant on software, Rust's ability to prevent data races and ensure thread safety without a runtime overhead is becoming more valuable.  

Similarly, in industrial automation, reliability and uptime are paramount. Systems that control manufacturing processes, robotics, and other industrial equipment require high precision and error-free operation levels. Rust's strict type system and ownership model reduce the risk of bugs leading to system failures or unsafe conditions. Moreover, Rust's efficiency in handling low-level system interactions makes it well-suited for real-time industrial applications where performance is critical too.  

The trend towards IoT integration also benefits from Rust's capabilities. Its security features are crucial for devices that must be protected from cyber threats while maintaining continuous operation.  

*** 

Thanks to its safety features, performance, and memory management, Rust has demonstrated many advantages in automotive software development and industrial automation.

The language offers a compelling alternative to traditional programming languages like C and C++, particularly in environments where safety and efficiency are paramount. Its ability to integrate with existing systems and support real-time applications positions Rust programming as a future-proof solution for complex electronic systems and autonomous technologies. 

For our clients eager to leverage Rust's capabilities in their projects, Promwad is ready to provide expert guidance and development services. Whether transitioning from other programming languages or starting a new project, our experience deploying Rust in various industrial applications ensures we can help reach your goals.  

Contact us today to explore how Rust can transform your development processes and prepare your systems for the future! 

 

Our Case Studies