Rust for Embedded Systems: Analysis and Insights
Introduction
The paper, "Rust for Embedded Systems: Current State, Challenges and Open Problems," authored by Ayushi Sharma, Shashank Sharma, Santiago Torres-Arias, and Aravind Machiry, provides a comprehensive and systematic paper of using Rust for embedded systems development. The primary objective is to understand the current state, challenges, and potential solutions for adopting Rust in the field of embedded systems. Given Rust's emphasis on memory safety, it presents an attractive alternative to traditional languages like C/C++, which are prone to memory-related vulnerabilities. The paper is structured around three core research questions (RQs): software support for Rust-based embedded systems, interoperability with existing codebases, and the developers' perspectives on using Rust for embedded development.
Software Support (RQ1)
Libraries and Tooling
The paper reveals that while Rust has made significant strides in providing necessary libraries for embedded systems, the support is predominantly concentrated on ARM Cortex-M family MCUs. Notably, there are compartments such as Architecture Support, Peripheral Access, HAL Implementation, Board Support Packages, Driver Crates, and RTOS Crates. However, existing efforts to enhance support for other MCU families like AVR are still ongoing.
Quantitatively, the investigation into 2,836 embedded crates showed a stark contrast in the prevalence of unsafe code between embedded and non-embedded crates, with the former containing a significantly higher percentage of unsafe blocks. This finding underlines the need for robust safety analysis tools.
Static Analysis Tools
The effectiveness of various Static Application Security Testing (SAST) tools such as Lockbud, Rudra, and SafeDrop was evaluated. Despite their utility, these tools exhibited robustness issues when handling embedded Rust code. Particularly, tools like Rudra failed to support recent Rust editions or workspaces, which affected their broader applicability. The paper highlighted how existing SAST tools often lack the necessary semantics for efficient triage of the warnings they produce, pointing to a gap in practical usability.
C to Rust Conversion
The paper evaluated the performance of the C to Rust (C2Rust) tool across different RTOS codebases. Notably, the tool failed on 93.8% of the tested embedded codebases, attributed to the prevalent use of non-standard C features and special compiler flags. Moreover, the generated Rust code often had syntax errors, rendering it inapplicable for embedded systems without significant manual intervention.
Interoperability (RQ2)
Rust to C and C to Rust
Interoperability between Rust and C is pivotal, considering the extensive existing codebases in C. While tools such as Bindgen and Cbindgen facilitate this interoperability, challenges persist, particularly when dealing with Rust’s advanced type system. For instance, Rust functions using Vec or complex trait types (generic or async callbacks) pose difficulties when invoked from C.
Empirical Experience
The paper experimented with various real-world scenarios demonstrating interoperability challenges. Whether implementing a Rust-based application on top of a C RTOS or vice versa, developers often faced significant difficulties, particularly with type incompatibilities and debugging. However, porting self-contained components from C to Rust was relatively straightforward, albeit still requiring significant effort.
Developer Perspectives (RQ3)
A large-scale survey involving 225 developers provided valuable insights into the community’s experience and perspective on using Rust for embedded systems. The majority of developers acknowledged the benefits of Rust in terms of safety and reliability but noted the steep learning curve and challenges with certification and organizational constraints. The survey revealed that documentation and community support, though helpful, need improvement, particularly with more examples and better organization.
Interestingly, only a small percentage of developers had systematically evaluated performance, and their experiences varied. This inconsistency underscores the necessity for a standardized performance evaluation of Rust in embedded contexts.
Implications and Future Research Directions
The paper's findings illuminate critical areas needing attention to facilitate Rust's adoption in embedded systems:
- Enhanced MCU Support: More comprehensive support for diverse MCU families, such as AVR, is imperative.
- Improved Tooling for Portability: Addressing the gaps in tools like C2Rust to handle non-standard C features and evolving Rust editions.
- Systematic Performance Evaluation: Establishing standardized benchmarks and methodologies for evaluating Rust's performance in embedded applications.
- Documentation and Community Support: Augmenting documentation with practical examples and better structure to ease the learning curve for developers.
Future work should focus on these areas, potentially developing automated techniques to convert existing libraries to no_std compatible versions and exploring methodologies for easier certification processes. Such advancements will likely bridge the gap between Rust’s theoretical benefits and its practical adoption in embedded systems.
Conclusion
This paper provides a critical, data-driven analysis of the current state of Rust in embedded systems, highlighting areas of success and significant challenges. The findings serve as a valuable guide for both researchers and practitioners aiming to leverage Rust for safer and more efficient embedded systems. With the proposed improvements and continued community efforts, Rust has the potential to become a mainstay in the embedded systems landscape.