The advantages of programming in the Rust language for reliable and secure systems
The Rust programming language has emerged as a new solution, specifically designed to overcome the complexities associated with C and C++ programs. But what makes Rust such an effective solution, and why has it gained such popularity?
For the past few decades, systems programming has been dominated by C and C++. Both languages have a long history and have maintained compatibility with it. Under modern standards, these languages require a significant amount of manual effort and demand vigilance from the programmer to avoid numerous subtle dangers.
The Rust programming language represents a fresh approach, designed to address the challenges found in C and C++. Rust has been gaining adoption due to its improved ergonomics, reliability, and safety.
Performance at the forefront
Like C/C++, Rust is a compiled language known for its minimal overhead. Rust features an intelligent compiler and language constructs that eradicate the majority of memory handling bugs and common run-time issues.
Since most errors are checked at compile-time, the performance of Rust programs remains unaffected, ensuring they are on par with those written in C/C++. Furthermore, Rust provides numerous high-level abstractions without overhead.
Memory safety
Rust is a memory-safe language that prevents memory corruption and undefined behavior, significantly reducing the likelihood of software acting unpredictably. In contrast, it is very difficult to write practical C/C++ programs without encountering undefined behavior. It facilitates easier analysis and debugging by catching issues in the coding phase, rather than allowing silent memory corruption that leads to unexpected behavior later on.
“Undefined behavior” in a programming language means a situation where the execution outcome of a piece of code (“behavior”) cannot be determined from the code and the language specification. An example of such a situation would be reading data from a memory location that is not initialized and making a decision based on such a data. The Rust language is specified so that undefined behavior cannot occur, except in specific places that are explicitly marked “unsafe”.
Reducing vulnerabilities
Memory safety eliminates vulnerabilities that are often a frequent topic of concern due to critical security exploits discovered in widespread software. Google has reported that two-thirds of their security vulnerabilities are due to memory corruption issues.
As a result, large companies are beginning to rewrite their critical software components in memory-safe languages, including Rust, to minimize attack vectors. The risk posed by memory-unsafe languages is considered so significant that the US government has even recommended against the use of memory-unsafe languages, such as C/C++.
Usability and reliability: A programmer’s perspective
From a programmer’s perspective, memory safety might not be the primary selling point of Rust. The language is designed with usability in mind, laying a strong foundation for ergonomics, consistency, and software reliability. Rust projects are straightforward to set up, build, and maintain, with fewer technicalities to manage.
Moreover, Rust behaves in predictable ways, preventing many common issues by making them either impossible or clearly visible. This design philosophy is widely appreciated, as evidenced by Rust being voted the most loved language in Stack Overflow’s developer surveys for the past several years.
Boosting productivity
Ergonomics and reliability are not only more comfortable for developers but also enhance productivity. When less time is devoted to debugging and managing technical details, developers can focus more on the application logic of their projects. While productivity gains can be challenging to quantify systematically, their impact is undeniable.
A director of engineering at Google has estimated that Rust is twice as productive as C/C++. Furthermore, the CTO of Microsoft Azure has argued that with Rust available, no new software projects should be initiated in C/C++.
Rust in robotics
C/C++ is commonly utilized in embedded and real-time systems, as low overhead and low latency are required. However, many safety-critical applications, such as in robotics and autonomous vehicles, require high guarantees for software correctness. Rust fits particularly well in this context, which is why we at Atostek prefer to utilize Rust for robotic applications.
When might Rust not be the ideal choice?
Despite all the hype, Rust is still not the perfect solution for every programming challenge. If a large codebase is already written in C/C++, integrating Rust modules may not be justified due to the complexity and effort required for language interfacing.
Moreover, in scenarios where efficiency is not a primary concern, languages with garbage collection and emphasis on immutable data may offer an easier development experience since they abstract away manual memory management. This is particularly relevant for quick and dirty prototyping, where Rust, with its strict coding requirements for precision and reliability, may not be the fastest language to work with. Examples of such languages are Haskell and Microsoft’s F#.
Rust prioritizes safety and performance, which might be more challenging for Python programmers accustomed to a higher level of abstraction, while C++ programmers should find the transition to Rust’s complexities more natural, and even an easier tool to work with.
Conclusion
Rust is a language that promises to revolutionize the way we think about system-level programming. Its focus on performance, safety, and developer-friendly features make it an attractive option for new projects, especially in domains where reliability is paramount.
While the transition to Rust may pose challenges, particularly for teams deeply entrenched in C or C++, the potential gains in productivity, security, and software quality are compelling.
More about the topic
- The Register: Google says Android runs better when covered in Rust
- The Register: Microsoft is busy rewriting core Windows code in memory-safe Rust
- National Security Agency: Software Memory Safety
Read more about Atostek’s software engineering expertise!
Alpi Tolvanen
Software Designer
I started working at Atostek in 2022 and am currently engaged in robotics, utilizing Rust, C++, and Haskell. Before joining Atostek, I worked as a computational physics researcher at Tampere University. Additionally, I have been a Rust enthusiast in my free time since 2018.