top | item 9750225

(no title)

> Rust’s strengths are Clojure’s weaknesses, and vice-versa. Rust isn’t as expressive or interoperable, and its concurrency story isn’t as complete. That said, it’s much better for performance or safety critical needs, and it can be embedded inside other programs or on very limited hardware.

I find this hard to believe. Is anyone actually using Rust for a safety-critical application?

discuss

jamwt|10 years ago

Depends on what you mean by safety. "People may die" safety, no; but "data may be lost, existential risk to business" safety, yes. Dropbox is writing a block storage engine in it.

lambdaelite|10 years ago

I go by what I thought was the accepted definition, which is a failure or error presenting a risk for temporary or permanent harm to people. Financial risk like data loss would fall under mission critical.

discreteevent|10 years ago

A lot of certified safe systems are written in C++. I mean the ones that control the machine that could kill you. Response time is often a critical factor in safe systems. Also languages aren't as important as we would like then to be. Proof isn't used much for example because proofs are too difficult to review. Other techniques are more important like review, redundancy and testing. Safe systems tend to be more about boring old software engineering than computer science.

lambdaelite|10 years ago

I agree, the choice of programming language is one of the less important parts of the SDLC. In the case of Rust for SC work, as the linked article alludes to, what doesn't make sense to me is that there is no industrial-grade tooling or support software. It seems like an ill-informed statement.

As to proofs, I thought some level of formal proof was required at SIL4?