Using Rust in Regulated Industries?

Anyone know if Rust can be used in (united states) regulated industries? Say health-care, energy, etc on embedded devices? GMP environments? I have some ideas for some projects - but, that'd be an obvious dead-end.

There is the sealed rust initiative that would make rust more suitable for this kind of use cases, but I don't know about the current state.

2 Likes

Am I correct in understanding that currently Rust has no language specification?

Correct. There is the language reference, but it is both incomplete and somewhat outdated. The last few weeks there have been several pr's to it though.

1 Like

Jeese - so it'll probably be 10 yrs or so before Rust can really make its way into industry. Thanks for explaining this.

That is a rather depressing conclusion. That "regulated industry" will continue with sloppy code written in unsafe languages, C, C++ etc, for decades to come. Because they have a standard that specifies their sloppiness where as the better alternative does not.

I always thought something went wrong when the mandate to use Ada was dropped. A language that was designed to be a lot safer than what was then available.

On the bright side, our clients, who are somewhat concerned about robustness and security were very open to the idea of us using Rust. Very small scale and not safety critical, but it's a start.

4 Likes

I agree it is depressing! I both understand why Rust hasn't made effort toward this, yet at the same time I don't.

Here's the deal. In industry, people jump through crazy hoops, burn midnight oil, etc to get memory safe fully validated code certified. It's expensive, painful, and time consuming. But, even 3rd tier efforts end up being profitable because... It's certified and the alternatives aren't!

Rust solves a lot of the problems with those kinds of efforts. Namely, memory safety as a guarantee. But also, high performance, light weight binaries(people complain, but Rust's binaries are pretty small), etc. So here's this perfect opportunity!

But it's open source. Who has the laborforce to do the really boring stuff? What impacts does it have on the language development itself? Etc...

If I were involved in Rust's directionality I would target this, but I'm also biased. I want to use Rust for a project at my new job, and now I'm realizing it's an impossibility.

1 Like

I was so enthused to see efforts toward embedded systems. But, what can you do with them beyond hobby efforts? Makes Rust feel academic - when it's obviously not.

It's probably not so bad.

I get the vibe that people involved in such systems are seriously looking at Rust, Intel, ARM and others in that space. Sorry I don't have links to such "vibes". Mostly things that popped up on Youtube.

But there is this: Rust in Safety Critical Systems Panel: Rust in Safety Critical Systems Panel - YouTube

I recall that back in the day one military system I worked on had the client, GCHQ, demand to review the code the compiler produced, never mind standards or trusting the compiler. That was for code in both ADA, which had a serious standard, and Intel's PL/M, which did not.

1 Like

That sounds a bit extreme. There is a huge world of embedded systems that are not subject to such stringent requirements. From the bazillion TV's, phones, other IoT devices downwards.

1 Like

Imagine a lawmaker decides IoT devices need a regulatory standard because "Big Tech." or "Security". Then what?

Hmm.., perhaps some regulation of such things is a good idea. Given the gross violations of privacy and the like we read about every day regarding IoT devices. Todays example is this: ADT Employee: I Spied on Naked Customers Through Security Cams

However, as far as I can tell, those problems are not caused by the programming languages they are written in and I don't see adopting Rust making the situation any better.

1 Like

I agree. People could standardize the protocols, etc and then guess what - no Rust...

I'm not the most optimistic about these types of things so sorry if I sound alarmist. But we have an industrial revolution occurring right now due to advances in control algorithms/robotics/medical embedded systems (and thereby code). Rust doesn't seem to be on the map for it.

For reference I am tech scouting right now, just learned Rust, and now I have to put it in the "for fun" bin.

It's not going to take 10 years

1 Like

I like the way that sounds - but how do you know that? For reference I don't know it will take 10 yrs but that's my kneejerk median for things like this.

Lawmakers habitually make horrible decisions when it comes to regulating tech. That is nothing new. Generally, and thankfully, most of the bad efforts go nowhere or have no real teeth as reality does not abide fools who issue pronouncements like "give us encryption which is perfectly secure, except when we want to peek". Others are worth fighting against.

Regulating IoT at the level you suggest is likely impossible, as production of then "illegal" devices would probably just shift somewhere with less insane laws. People would still want them and would find ways to get them.

1 Like

This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.