close
close

The Rust Foundation and its partners launch the security-critical Rust Consortium

Posted on by darion

The Rust Foundation and a group of partner companies formed the Rust Safety-Critical Consortium “to support the responsible use of the Rust programming language in safety-critical software.”

The Rust programming language is gaining popularity due to a combination of factors such as speed, security, memory safety, and more. As a result, it is increasingly used in safety-critical software such as transportation, energy, and life sciences, and is one of the NSA recommended languages.

The foundation is launching a consortium in partnership with AdaCore, Arm, Ferrous Systems, HighTec EDV-Systeme GmbH, Lynx Software Technologies, OxidOS, TECHFUND, TrustInSoft, Veecle and Woven by Toyota. The announcement stated that membership in the Consortium is open to Foundation members.

Work within the consortium will begin with the creation of a public statute and goals, and meeting minutes will be published on an ongoing basis. The Security Critical Rust Consortium will collaborate with Project Rust through the Rust Foundation Project Directors and Project Rust team members. The scope of the Consortium, which will be fully defined in the charter, may include the development of guidelines, linters, libraries, static analysis tools, formal methods and language subsets to meet industrial and regulatory requirements. Consortium products will be developed and licensed in a manner consistent with other Project Rust endeavors.

Many critical Rust employees have expressed their support and support:

“This is exciting! I’m really glad that the Rust Foundation and all those working on security-critical issues have come together on this issue,” said Graydon Hoare, creator of the Rust programming language.

“Safety is our top priority in vehicle software development. Traditionally, achieving the highest level of security has been a complex and lengthy endeavor, requiring the use of specialized tools and processes that go beyond programming languages. That’s why we’re excited to partner with leading experts in the security industry to integrate new tools like Rust into our safety-critical systems,” said JF Bastien, distinguished engineer at Woven by Toyota.

“Rust has already established itself as a secure programming language among open source developers, industry and government. Now is the time to build on this momentum and introduce Rust as a mainstream language in security-critical areas, providing the processes and specifications that will enable Rust to be certified in this space,” said Joel Marcey, chief technology officer at the Rust Foundation.

The Foundation says the formation of the Consortium will help bridge the gap in established processes and collective industry knowledge.

Rust offers particular advantages in terms of programming ergonomics, productivity and software quality; however, it lacks deep and grounded knowledge of security processes and collective industry knowledge of safety-critical systems.

By not bridging this gap, the developer must first rely on best practices and normative precautions that may limit innovation. Rust developers who stray off the beaten path may face investigation if an accident occurs. In such circumstances, anything that seems unusual will be investigated for guilt. These risks discourage widespread adoption of Rust by preventing developers from exploiting its full benefits, potentially incurring financial, reputational, and moral costs.

This announcement is good news for Rust developers, and the Consortium should help further increase the language’s popularity while fostering continued innovation among developers.