Rust Trends
15 - Tesla Model 3 hacked in under two minutes, is it time for Rust to step in?.
Posted on

Security, Twitter and more …

We are excited to announce that we will now be publishing our bi-weekly newsletter on Wednesdays instead of Sundays. We hope this change will better accommodate your busy schedules and provide ample time to read and digest our valuable insights.

In this edition, we are focusing on the important topic of security and safety, which is becoming increasingly critical in today’s digital and connected world.

In addition to this, we will also be bringing you the latest news and updates from the world of Rust programming, so be sure to read on and stay up to date with the latest developments.

Let’s dive into today’s topics and discover the latest and greatest in the world of Rust programming!

Could Rust be the ideal language for Secure Systems?

Tesla 3 Dashboard

As a systems programming language, Rust has been gaining popularity in recent years due to its unique ownership and borrowing system that prevents common classes of programming errors such as buffer overflows and data races. This has led to Rust being identified by the National Institute of Standards and Technology (NIST) as a safer coding tool.

In March 2023, NIST added Rust to its list of Safer Languages on the grounds of its ownership model, which “guarantees both memory safety and thread safety, at compile-time, without requiring a garbage collector.” NIST points out that Rust “allows users to write high-performance code while eliminating many bug classes,” and while Rust does have an “unsafe” mode, the institute explains that risk is mitigated through the narrow scope of actions allowed.

The recent hacking of the Tesla Model 3 at the Pwn2Own contest, in under 2 minutes, highlights the importance of secure coding practices, particularly in safety-critical applications such as those in the automotive industry. This contest was organized by the Zero Day Initiative.

Rust’s safety features make it an ideal language for developing secure systems, but there is one major hurdle to overcome before it can be widely adopted in these applications: ISO 26262 compliance.

ISO 26262 is an international standard for functional safety in the automotive industry that sets requirements for the development of safety-critical systems. Rust is not currently ISO 26262 compliant, but Ferrous Systems aims to develop a safety-critical subset of the language that meets the standard’s requirements. If successful, this could make Rust a more attractive option for developing secure systems in the automotive industry and other safety-critical applications.

In conclusion, Rust’s unique features make it a safer coding tool than traditional programming languages, and its potential for use in safety-critical applications is significant. With ongoing efforts to bring Rust up to standard, it could become the ideal language for developing secure systems in the future. The recent recognition of Rust’s safety features by NIST, combined with the need for secure coding practices highlighted by the Tesla Model 3 hack, reinforces the importance of prioritizing security in software development.

Rust in Space and Beyond

Test Satellite
Another area for safety-critical application is space. Tweede Golf, a member of the Rust Foundation, gave a presentation on Rust to the Royal Netherlands Aerospace Centre.

Additionally, since the SpaceX launch of 3 January 2023, French company Gama has had a test satellite in orbit that runs largely on Rust software.

Build System made in Rust

Meta, the social media company behind Facebook, has announced the release of their new open-source build system called Buck2. Buck2 is designed to improve the build experience for developers and make it faster and more efficient.

In Meta’s internal tests, Buck2 completed builds two times faster than its predecessor, Buck1, written in Java. Buck2 is written in Rust, and its design is based on principles that include a complete separation of core and language-specific rules, increased parallelism, integration with remote execution and virtual file systems, and a redesigned console output.

The open-source release of Buck2 is almost identical to the internal version, with the only differences being the toolchains and remote execution, which have open-source alternatives supplied. Buck2 also supports virtual file systems, making it faster and more efficient.

In real-world usage, Buck2 is significantly faster than Buck1, making it an excellent choice for developers looking to speed up their builds. Thousands of developers at Meta are already using Buck2, performing millions of builds per day, with hopes that the wider industry will see benefits as well.

Buck2

Snippets

  • Twitter open-sourced its stack, these are the parts that use Rust. Part of the-algorithm repo is Navi (High-Performance Machine Learning Serving Server)
  • RustNL 2023 conference, 10 May 2023
  • Recently an online conference was held, Ukrainian Rust Conference 2023, for more info look at their Github repo, and do not forget to check out the cheatsheets.

Do not hesitate to explore new possibilities in Rust. Pushing yourself out of your comfort zone can be a great way to learn and grow as a programmer.

Thanks for reading!
Bob Peters

Feel free to connect with me on LinkedIn


Sign up for our Newsletter

© Copyright 2022-2023 Rust Trends.
All Rights Reserved | Powered by Rust and Zola