Rust applications previewed on Azure Sphere – a ‘lifeline’ for embedded systems, says Microsoft

By Tim Anderson
-
Rust applications previewed on Azure Sphere – a ‘lifeline’ for embedded systems, says Microsoft

Microsoft has previewed Rust-based applications on Azure Sphere, its platform for cloud-connected devices.

Azure Sphere is formed of an MCU (microcontroller unit) for the devices, specifically MediaTek’s MT3620, running a custom build of Linux, together with a cloud-hosted service that automatically delivers patches and software updates to the connected devices.

Applications run in containers on the Azure Sphere OS, and there is an option to run real-time applications on bare metal or on a real-time OS.

Memory is tightly constrained, for example with 256K RAM for high-level applications, and until now the only supported language has been C, chosen for its familiarity and small footprint. Microsoft considered C++ too expensive in terms of memory, and that languages depending on just-in-time compilation (like Java or C#) would not run well on such limited hardware.

Microsoft principal technical program manger Joseph Lloyd said that “as part of a private preview, we are now enabling Rust-based applications.”  He added: “the promise of Rust is the elimination or significant reduction of entire classes of software flaws,” mentioning things like forgetting to initialize a variable. “For embedded systems this is a lifeline,” he wrote.

The company’s interest in Rust is not new. Microsoft software like Windows and Office is largely written in C++, but in 2019 the MSRC (Security Response Center) team wrote that “Rust represents the best alternative to C and C++ currently available.” According to that post, “roughly 70% of the security issues that the MSRC assigns a CVE to are memory safety issues. This means that if that software had been written in Rust, 70% of these security issues would most likely have been eliminated.”

The attraction though is not just safety. Other factors include a greater likelihood of correctness, as a side-effect of safety guarantees, and more reliable concurrency. Rust’s “rich type system” assists writing expressive code.

Rust adoption is a gradual process, and Microsoft along with other companies cites use of unsafe code in Rust, interoperability with existing C++ code, tooling challenges, and skills shortage, among factors that impede migration.

The appearance of Rust support in Azure Sphere, however, shows that progress is being made, though for the time being interested developers will have to email Microsoft for access to the preview.

AWS combines "building block" blueprints with CodeCatalyst for rapid project creation including DevO...
Atlassian takes another step toward full DevOps automation
Podman 5.0 released with native Mac hypervisor support, new features and breaking changes
GitHub autofix progresses to public beta: insecure code corrected with AI, but only for enterprise
Fermyon promises over 5000 WebAssembly applications on one Kubernetes node via new platform
Secret leakage in public GitHub repositories increasing, claims new report
Test launch of TEA open source reward project clouded by repository spam attack 
From Docker to Dagger: Solomon Hykes on modernisation of the DevOps pipeline
Kubecost 2.0 released as reports show persistent Kubernetes over-provisioning
Docker introduces Build Cloud for accelerated local development
Enterprises struggle with Agile methodology, reports long-standing survey of practitioners
Spotlight on GitHub self-hosted runners again as researcher demonstrates attack on PyTorch code