Microsoft has previewed Rust-based applications on Azure Sphere, its platform for cloud-connected devices.
Azure Sphere is formed of an MCU (microcontroller unit) for the devices, specifically MediaTek’s MT3620, running a custom build of Linux, together with a cloud-hosted service that automatically delivers patches and software updates to the connected devices.
Applications run in containers on the Azure Sphere OS, and there is an option to run real-time applications on bare metal or on a real-time OS.
Memory is tightly constrained, for example with 256K RAM for high-level applications, and until now the only supported language has been C, chosen for its familiarity and small footprint. Microsoft considered C++ too expensive in terms of memory, and that languages depending on just-in-time compilation (like Java or C#) would not run well on such limited hardware.
Microsoft principal technical program manger Joseph Lloyd said that “as part of a private preview, we are now enabling Rust-based applications.” He added: “the promise of Rust is the elimination or significant reduction of entire classes of software flaws,” mentioning things like forgetting to initialize a variable. “For embedded systems this is a lifeline,” he wrote.
The company’s interest in Rust is not new. Microsoft software like Windows and Office is largely written in C++, but in 2019 the MSRC (Security Response Center) team wrote that “Rust represents the best alternative to C and C++ currently available.” According to that post, “roughly 70% of the security issues that the MSRC assigns a CVE to are memory safety issues. This means that if that software had been written in Rust, 70% of these security issues would most likely have been eliminated.”
The attraction though is not just safety. Other factors include a greater likelihood of correctness, as a side-effect of safety guarantees, and more reliable concurrency. Rust’s “rich type system” assists writing expressive code.
Rust adoption is a gradual process, and Microsoft along with other companies cites use of unsafe code in Rust, interoperability with existing C++ code, tooling challenges, and skills shortage, among factors that impede migration.
The appearance of Rust support in Azure Sphere, however, shows that progress is being made, though for the time being interested developers will have to email Microsoft for access to the preview.