This podcast episode is all about the programming language Rust and its application in the IoT sector. Madeleine Mickeleit talks with Matthias Goetz, Lead Engineer, and Felix Herrmann, FPGA Engineer at ITK Engineering GmbH, a subsidiary of Bosch. Together, they discuss the unique features and advantages of Rust compared to other programming languages and explore specific use cases and best practices that can optimize development processes for IoT projects.
Episode 134 at a glance (and click):
- [12:00] Challenges, potentials and status quo – This is what the use case looks like in practice
- [24:48] Solutions, offerings and services – A look at the technologies used
Podcast episode summary
In episode 134, we’re getting technical. This podcast episode is particularly for all application developers out there – or people who work with development teams.
Rust is a modern programming language distinguished by innovative approaches such as the ownership model. These features ensure memory safety and efficient resource control, making it especially suitable for developing secure and reliable embedded software.
Compared to traditional languages like C and C++, Rust offers higher safety through its strict memory management and the absence of null pointers. The Rust compiler helps to avoid many typical errors during development.
IoT use cases: Rust is used for both embedded and application software. A specific example is the monitoring of vibrations in industrial motors for early anomaly detection. ITK Engineering explains how Rust can be implemented in IoT projects to speed up development processes and reduce the likelihood of errors. They emphasize the importance of integrating Rust into existing systems and using Rust’s extensive toolchain.
Business case and challenges: Rust offers solutions to common problems in software development, such as memory errors and complex testing processes. The language contributes to shorter development cycles and increases efficiency through faster feedback loops and fewer necessary additional tools.
Compliance with industry standards: Rust supports compliance with safety standards such as ISO 26262 and MISRA. Institutions like the CISA and NSA increasingly recommend the use of memory-safe languages like Rust.
Podcast interview
Hello Felix and hello Matthias. First of all, it’s great that you are here. Felix, let me start by asking, how are you and where am I reaching you right now?
Felix
Hi Madeleine, thank you for the invitation first of all. You’re reaching me at home in my home office here in beautiful Vienna.
In Vienna. Awesome. Well, then warm greetings to Vienna at this point. And Matthias, where are you currently?
Matthias
Thank you also for the invitation. I have rented a room in our meeting room in Speyer Cathedral at our main site in Rülzheim in the Southern Palatinate today so that we have a good atmosphere for discussions.
Fantastic, then warm greetings to the people there. Maybe before we start the podcast: I’m a bit nervous today. You’re always a bit nervous, but I think you will challenge me today because I studied classic mechanical engineering, but I’m not an IT person. In the past, I’ve worked a lot with pre-sales and technical functions. So Felix, you also have a background in mechanical engineering, right? I learned that from our preliminary discussions.
Felix
No, although we discovered that we share the same alma mater, I was at the electrical engineering faculty.
Right, you were in electrical engineering. So actually, both of you are from IT. Could you briefly introduce yourself, Felix? A few words about what you do, what you studied, and what you do now at ITK?
Felix
Gladly. I studied Electrical and Information Technology for both my bachelor’s and master’s degrees, focusing on FPGA technology, especially real-time architecture and embedded systems. At ITK, I am employed in the Real-Time Architectures environment and mainly develop C and C++ systems, close to hardware. Writing drivers, connecting firmware, writing firmware, that sort of thing.
Very nice. Very nice. We’ll hear a bit about what that entails in a moment. Matthias, what about you? What do you exactly do at ITK and what’s your history?
Matthias
I studied computer science and started at ITK over ten years ago. I’ve been in software development, previously more at the application software level, but in recent years closer to the embedded area. I’m also in the same department as Felix, in Real-Time Architectures.
Very nice. Very nice. For those who don’t know ITK yet, I would give a brief introduction in my own words. ITK Engineering is a subsidiary of Bosch. The company offers development services, consulting, and software development. You have a total of 1,300 employees and develop industry-wide and customer-specific solutions. Your teams are actually also deployed at the client’s site, meaning you’re on-site to co-develop the projects. We’ve already done a few episodes, like Episode 111. Listen in or subscribe to the podcast and listen to that episode again. It’s super exciting, also with a partner of yours, SEW Eurodrive. Did I say that right? Any additions?
Matthias
That covers it mostly. Just a short addition: The department we are in has about 200 employees. We are represented in Germany, Austria, and Spain. You hinted at it, we are mainly responsible for customer-specific, tailor-made solutions. We develop according to the whitebox process. That means, at the end of the projects, the customer retains the IP on the software. That is a unique selling point compared to others.
And in terms of customer segments, do you mainly have industrial clients? Can you elaborate a bit on who you typically work with?
Matthias
We are very much across industries. A large area is mobility. I’m currently in the industry sector. We have medical technology and many other areas. Our strength is the methodological competence, which can be well transferred from one industry to another.
Very nice. Now we’re going to talk about a very special programming language. Before we get into that, I just wanted to ask, who does it actually affect among your clients? With which teams do you collaborate at the client’s side? Is it typically software development?
Matthias
Software development, that means we deal a lot with software developers and architects. We also have systems and hardware development. I’m currently in a project that encompasses all these areas, and we are often in joint teams with the customer, where we work together on the product.
Cool. Let’s dive into the topic then. I’m eager to learn more about Rust. Maybe we should briefly define the topic. I didn’t know about it before, so I’m interested: Rust, what is it exactly?
Felix
Yes, Rust is a fairly new programming language. Version 1.0 hit the market about nine years ago and became publicly available. The first truly public version that one could work with came out in 2015. It is distinguished from traditional programming languages like C, C++, or Java, Python primarily by memory safety and very good resource control, with comparable performance to C, C++. It’s very versatile, which is a big advantage for all application areas. From embedded to networking, application, cloud computing, basically everything is possible with this language. With these innovative approaches, it could initiate a fundamental paradigm shift.
Is it true that the programming language was co-developed by Mozilla Research? I read beforehand that it’s an open-source approach. Is that correct?
Felix
The programming language actually comes from Mozilla. It was funded by Mozilla. It was a single developer who wanted to improve certain things about traditional programming languages, like null pointers, etc. He started developing a new programming language on his own that would improve these fundamental issues. At the end of the 2000s, he began. Mozilla recognized the potential and funded much of it.
Many programming languages today have a focus or are developed for a specific goal. General-purpose languages come to mind like C, C++, Java, Python, and so on. There are also ones in web development and many others. In mobile app development, there’s Swift and so on. What was Rust developed for? Did it have a specific goal? Can you say anything more about this?
Felix
Rust was essentially developed to eradicate the technical problems of other languages, like garbage collection and resource consumption. That was the idea. Each language has its advantages. Python, for example, is very resource-intensive. With C, you have to adhere to many coding guidelines like MISRA to program safely. You have to pay attention to a lot. C++ is now also 50 years old. He wanted to elevate all that to a new level.
Okay, I see. One more question about timing: Why are we talking about this right now, especially in the context of IoT? Many who listen may work with development teams or are themselves part of one. Why is this important now ?
Felix
It’s becoming increasingly important because our world is becoming more electrified and equipped with digital features. Everything is getting smarter and more software-defined. The demands on these increasingly complex systems are growing, concerning security and functional safety. More effort goes into testing and validating designs because the designs are becoming larger and more complex. This results in slower development cycles.
I love practical examples. If an engine manufacturer wants to attach a vibration sensor to their engine to offer their customers an additional service to retrieve data digitally, it needs to be programmed. There is a distinction between embedded software development and non-embedded software development. Rust can be used in various areas. In embedded software development, it often involves devices specifically used for controlling or operating hardware. For example, an industrial motor could be monitored to detect anomalies early. Rust could be used for this. Is that correct?
Felix
In principle, I would agree with you. Embedded is more diverse than just hardware-close, real-time, and coding drivers. It goes beyond that. Many parts of the firmware that concern the transport to higher applications, I would also count as part of it. Rust can basically be used for that.
Okay. The other would be non-embedded software development. Here, the software does not directly access the hardware but provides data in higher-level functional services, e.g., in the cloud. That would be the other area of non-embedded software development..
Felix
Exactly, cloud computing would be an example of that.
[12:00] Challenges, potentials and status quo – This is what the use case looks like in practice
You have already gained a lot of experience in various client projects and are actively involved in them. What are the typical challenges your clients face that Rust has been able to address?
Felix
As I briefly mentioned earlier, compared to C/C++, which affects my work area, C/C++ provides little assurance in terms of memory safety. One must manually handle many aspects and use various tools to make the software secure. Memory safety issues are responsible for most problems in software development. More tools are always needed, such as static code analysis, which makes the development environment increasingly complex. Every developer has to adapt to many tools, often depending on the project, sometimes from one manufacturer, sometimes from another. Especially for us, who work in various projects and are deployed at different clients from time to time, we frequently face the issue that when we enter a new project and the client has specific preferences for tooling and the entire toolchain, we have to completely familiarize ourselves and take care of maintenance so that all versions are compatible. This all is part of it. Rust also comes into play here, as it tackles this among other things from this programming language.
Okay, so when you talk about memory safety, do you have an example, perhaps from this engine manufacturer? What exactly is being stored? Is it database information?
Felix
It’s about array management or similar in your code, in the RAM. So any kind of data, but also every variable.
Okay, I see. And about the tools, you mentioned maintenance. Do you have an example of what those tools might be?
Felix
Yes, we use a range of tools, starting with Jenkins and Conan. Then there are different compilers that you can use for C, C++, usually GCC. For static code analysis, you can use CPP-Checker or SonarQube. Linters check the code to make sure it looks nice.
These are tools that simplify the work or integrate certain libraries. Okay, I understand. How can the use of Rust in client projects specifically contribute to improving or modernizing development processes, particularly in the IoT sector?
Matthias
Felix already hinted that Rust’s memory management, or memory-safe languages in general, represent a paradigm shift compared to C and C++. Many errors that are discovered in C, C++ only afterwards, perhaps through static code analysis or in real use, are avoided by the design of the language from the outset. This especially affects critical memory errors. A major advantage is that the language covers a large part of the MISRA rules, the most well-known programming standard in the automotive sector, already by design. This simplifies compliance with the standard. Since Rust has this memory model, which is checked by the compiler, many errors are discovered and avoided earlier, because the code cannot be built if errors are present. This leads to a faster feedback loop. It should also be noted that the quality of error messages from the Rust compiler is incomparable to those from C and C++.
And the compiler, just for my understanding, is essentially a software program that translates the source code or the programming language. Could you put it that way?
Matthias
Exactly.
Okay, understood. Are there any other advantages of Rust compared to older programming languages? You’ve already mentioned some, but are there other important advantages in projects?
Matthias
Another point to mention: Felix said earlier that you need many additional tools with C. Since much is integrated in Rust, it simplifies the toolchain and thus the setup and maintenance of the toolchain. That’s another advantage of using Rust.
Can you briefly explain what a toolchain is?
Matthias
A toolchain is the complete environment needed to develop software. This includes a compiler that you work with locally, a build server like Jenkins or GitLab CI/CD, test frameworks, linters, static code analysis tools, and software for integration tests. All these things.
So, a collection of software development tools. Okay. You’ve discussed the difference to C++. Many still work with it. Can you elaborate on the difference to C++ in practice?
Felix
Rust is definitely growing, especially in the States and in Germany, the number of Rust developers is increasing rapidly. For the past few years, Rust has been the most loved language on Stack Overflow. The big difference is the memory management. Rust introduces what’s called the ownership model, where every variable has an owner. Owners can be functions, methods, or loops, so various instances or scopes. When a variable goes out of scope, it is automatically dropped, and the memory is freed. There is no garbage collection in Rust. Access by other functions is regulated through borrowing. In principle, only the owner can write into the variable unless it is explicitly noted in the code that the variable is being borrowed and only then can it be modified. There can only be one writer at a time, but multiple readers.
Just for the record: Stack Overflow is a very well-known community and tool for developers, where you can ask questions, get answers, and learn from each other. For those who have never heard of it. Can we go back to the business case? How has the use of Rust in projects, e.g., for an engine manufacturer who wants to program vibration sensors, led to noticeable improvements? From a business case perspective.
Matthias
What plays a big role is software development for the market, especially in the automotive sector, where the requirements are very high because it’s about human lives. Many errors must be excluded. For this, MISRA is used in the automotive sector, for example. Meeting MISRA compliance is a huge effort. Any deviation must be reviewed and justified through a special process. When we use Rust, where MISRA is largely covered by the design of the language, we can save significant efforts. If something compiles in Rust, it offers much higher safety than comparable software in C and C++, because many checks and reviews are not yet integrated there.
Do you have a practical example of what a MISRA requirement might be? Is it mainly related to the software code? Just so we understand. MISRA is an organization that sets these guidelines, right?
Matthias
A big issue is working with pointers, which in C is one of the most common ways to work in the embedded sector at many points. MISRA heavily restricts this, which makes compliance very problematic. Rust has a different concept for memory management. Pointers still exist in Rust, for example, when describing registers for hardware in the embedded sector, but in other areas, you need them less, thus saving much effort.
Yes, and describing registers for hardware, we do in the embedded software development sector, for example, with a vibration sensor, where the software retrieves the vibrations. That’s what you mean, right?
Matthias
For example, when you control a peripheral, you have an interface. A simple example: We have a digital output, a GPIO, and it is controlled via a register, a peripheral register. There’s a bit, and whether you set it or not switches the respective output.
Now we’ve talked about improvements in projects. What does it look like from a business case perspective? In the end, it’s also about cost savings if you want to make a switch. What kind of cost savings can one expect when switching to Rust?
Felix
There are various and versatile cost savings when developing with Rust. Besides the safeties that Rust inherently brings, there is an increase in productivity, as various studies and Stack Overflow surveys of thousands of developers have shown. The most important point is that this language brings many safeties in memory management, which results in fewer errors in later project phases. Those familiar with this cost model know that the costs of errors rise exponentially. What costs 5 euros at the beginning can cost 50,000 euros after delivery if products have to be recalled and errors fixed. Since most errors are caught by the compiler at compile time, late errors are minimized.
How does Rust continue to support compliance with industry standards? Are there other industry standards or requirements that this programming language meets, in addition to MISRA?
Matthias
I wouldn’t say “meets” because Rust doesn’t meet MISRA. It’s more that many things that MISRA requires are not possible in Rust and therefore are not an issue. But where it might still come into play, I mean, at the moment the topic of memory-safe language is a big issue. There are not only Rust, to be complete. At the moment the topic of memory-safe language is a big issue. There are institutions that now recommend the use of memory-safe languages. At the moment it is a recommendation. Should it ever become a requirement, we would have different preconditions.
[24:48] Solutions, offerings and services – A look at the technologies used
If I want to implement this, what specific features or tools within Rust or the toolchain do I need to implement such projects? Can you tell us more about that?
Felix
Fortunately, the Rust toolchain is kept very simple and includes many of the features that are otherwise covered by various tools. Above all, you have the compiler and Cargo. Cargo includes almost all important features: static code analysis, no separate package management with Conan or CMake, and Clang-Format is covered. This is there to keep the code tidy and adhere to coding guidelines. Doxygen is completely covered by Rust-Doc. Static code analysis is hardly necessary because much is caught by the compiler. The great advantage is that all tools are from a single source, so they are coordinated. You no longer have to make sure you have the right versions installed and that they are compatible. You have just one provider and a tool package where everything important for development is already included.
Yes, I understand. Cargo is then the package management system that functions like a tool for Rust, correct? Ihr seid in den Projekten unterwegs, auch mit den Software-Teams. How do companies that want to integrate or migrate Rust into their existing system landscape go about it? How is it done?
Matthias
Good point, because most projects do not start from scratch, but there is already existing legacy software that needs to be extended or renewed. This codebase is often large. Rebuilding everything from scratch in Rust is not an option. The idea is to replace and renew new features or particularly critical elements in the software based on interoperability. Rust offers a Foreign Function Interface to C, and based on this interface, Rust can be used in combination with C or C++. There are many tools or crates for integration that simplify the effort of implementing interfaces to C by generating them automatically. This makes it easy to replace new or existing critical parts. We see this, for example, with the Linux kernel. Rust is allowed alongside C for the Linux kernel, and extensions can be written and integrated in Rust.
You’ve gained a lot of experience from the projects. Are there best practices or learnings that you want to share with the listeners? Recommendations or pitfalls to watch out for?
Matthias
Gladly. Rust is a relatively young programming language, so there is still potential for optimization. But there are many promising approaches that already bring advantages. I In our assessment, the existing advantages outweigh the remaining deficits. Looking ahead, the deficits could still be eradicated or mitigated, making the use of Rust more worthwhile. An important point is being able to use Rust at all. There are certified toolchains from providers like Ferrocene, which essentially drive Rust, but our ITK partner HEITEC also has a toolchain with a compiler that can be used. This is a prerequisite for using the language in safety-critical areas.
Felix
It can also be added that Rust is a very young language. Keep in mind that the Rust community and standard library are growing and expanding daily. There are many developers who are very satisfied with Rust. Google conducted a study in 2022 with 1,000 developers from other programming languages such as C, Python, Java, and Go. They were thrown into the deep end with Rust, and two-thirds of the developers stated that they felt confident programming with Rust in under two months. They mentioned that the software tends to do what it’s supposed to do, compared to the programming languages they had used before.
Thank you for bringing that up. If you haven’t heard of it or want to try it out, take a look at it. Felix, can you send me the study afterward? Then I’ll include it in the show notes. What do I need to do if I want to implement this? I will link your contact details in the show notes. Do you have any more links or information?
Felix
I can recommend the official Rust Wiki. We can pass on the link to you, then you can put it in the show notes. The Rust book explains well how to handle Rust and how the individual parts work, such as borrowing and references. I can recommend that.
Cool. Very nice. I have more questions, but that would go beyond the scope of today’s podcast. We also wanted to share what Rust is, what benefits it offers, and to encourage engagement with it. It is an important programming language, not just for now but also for the future, both for embedded software development and non-embedded software development. Thank you very much for being here and sharing your knowledge. If you have questions, contact Felix or Matthias. From my side, thank you very much and the last word goes to you.
Matthias
Thank you very much for the invitation. Rust is still relatively young. Maybe in a few years, we will have the opportunity to meet or hear again and talk about the development of Rust. I would personally be pleased.
Felix
I would join that; it would make me very happy. Like today, we would then be pleased to receive another invitation. It was a lot of fun. Many thanks.
Many thanks to you. An invitation will follow gladly with an update on how Rust is applied in practice. Thank you and have a great rest of the week. Take care. Ciao!
Felix
Ciao!
Matthias
Ciao!