Rust for Flight Software

Slides:



Advertisements
Similar presentations
Northwestern University 2007 Winter – EECS 443 Advanced Operating Systems Exokernel: An Operating System Architecture for Application-Level Resource Management.
Advertisements

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 10: Buffer Overflow.
Lecture 16 Buffer Overflow modified from slides of Lawrie Brown.
Breno de MedeirosFlorida State University Fall 2005 Buffer overflow and stack smashing attacks Principles of application software security.
CS 326 Programming Languages, Concepts and Implementation Instructor: Mircea Nicolescu Lecture 18.
Contiki A Lightweight and Flexible Operating System for Tiny Networked Sensors Presented by: Jeremy Schiff.
Names and Bindings Introduction Names Variables The concept of binding Chapter 5-a.
1 RISE: Randomization Techniques for Software Security Dawn Song CMU Joint work with Monica Chew (UC Berkeley)
Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.
Chapter 3 Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.
Chapter 3.1:Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access.
Previous Next 06/18/2000Shanghai Jiaotong Univ. Computer Science & Engineering Dept. C+J Software Architecture Shanghai Jiaotong University Author: Lu,
Security Exploiting Overflows. Introduction r See the following link for more info: operating-systems-and-applications-in-
Secure Virtual Architecture John Criswell, Arushi Aggarwal, Andrew Lenharth, Dinakar Dhurjati, and Vikram Adve University of Illinois at Urbana-Champaign.
Introduction: Exploiting Linux. Basic Concepts Vulnerability A flaw in a system that allows an attacker to do something the designer did not intend,
Native Client: A Sandbox for Portable, Untrusted x86 Native Code
Old Chapter 10: Programming Tools A Developer’s Candy Store.
EECS 354 Network Security Reverse Engineering. Introduction Preventing Reverse Engineering Reversing High Level Languages Reversing an ELF Executable.
Processes and Virtual Memory
Efficient Software-Based Fault Isolation Authors: Robert Wahbe Steven Lucco Thomas E. Anderson Susan L. Graham Presenter: Gregory Netland.
CS533 Concepts of Operating Systems Jonathan Walpole.
LECTURE 3 Translation. PROCESS MEMORY There are four general areas of memory in a process. The text area contains the instructions for the application.
Towards a High Performance Extensible Grid Architecture Klaus Krauter Muthucumaru Maheswaran {krauter,
Computer System Structures
Lecture 3 Translation.
TLDK Transport Layer Development Kit
Principles of programming languages 10: Object oriented languages
Using Ada-C/C++ Changer as a Converter Automatically convert to C/C++ to reuse or redeploy your Ada code Eliminate the need for a costly and.
Adopting the Python language for On-board Programmable Payload Autonomy Steven Doran 2016 Flight Software Workshop 12/14/2016.
Simulink Interface Layer (SIL)
Introduction to Operating Systems
Protecting Memory What is there to protect in memory?
cFE FSW at APL & FSW Reusability
Protecting Memory What is there to protect in memory?
Protection and OS Structure
LWIP TCP/IP Stack 김백규.
Protecting Memory What is there to protect in memory?
Chapter 9: Virtual Memory
ENERGY 211 / CME 211 Lecture 25 November 17, 2008.
Introduction to Operating System (OS)
Introduction Enosis Learning.
CMPE419 Mobile Application Development
Many-core Software Development Platforms
(5 - 1) Object-Oriented Programming (OOP) and C++
Introduction Enosis Learning.
Chapter 9 :: Subroutines and Control Abstraction
High Coverage Detection of Input-Related Security Faults
cFS Community Day Platform Technology Roadmap
Introduction to Operating Systems
QGen and TQL-1 Qualification
AdaCore C/C++ Offering
Yes, we do those languages too.
QGen and TQL Qualification
Autonomous Operations in Space
Single Event Upset Simulation
(5 - 1) Object-Oriented Programming (OOP) and C++
Chapter 2. Protocols and Architecture
Combining Compile-Time and Run-Time Components
Lecture 7: Flexible Address Translation
CSE 153 Design of Operating Systems Winter 2019
Lecture 4: Instruction Set Design/Pipelining
RUN-TIME STORAGE Chuen-Liang Chen Department of Computer Science
Yes, we do those languages too.
CMPE419 Mobile Application Development
COMP755 Advanced Operating Systems
Last Class: Communication in Distributed Systems
Lecture Topics: 11/1 Hand back midterms
JIT Compiler Design Maxine Virtual Machine Dhwani Pandya
Dynamic Binary Translators and Instrumenters
CSE 542: Operating Systems
Presentation transcript:

Rust for Flight Software 11th Annual FSW Conference December 2018 Rust for Flight Software

Advanced Space exists to support the sustainable exploration, development, and settlement of space. Projects Mission systems and enabling technology (Moon) Robust and resilient orbital transfers (Security) Interplanetary mission design (Mars) Earth orbit and highly challenging spacecraft navigation Trajectory optimization (chemical & electric) Satellite constellation planning, design, and engineering Spacecraft guidance and avionics Spacecraft autonomy Moon, Mars, satellite

Outline What is Rust? Where does Rust shine? Memory management Error handling Dynamic libraries How have we used Rust? Potential applications

What is Rust? Systems programming language Developed by Mozilla Research, used in Firefox Formally-proven memory safety Prevents segmentation faults and race conditions Efficient C bindings Dynamic library compilation for C linking Leverages the Application Binary Interface (ABI) Debuggable with gdb Zero-cost abstractions and optimized compilation Freely use structs, traits, and clean error handling Reproducible builds, extensive testing tools, and more!

Memory management in Rust (1/4) Rust tries to store every variable on the stack Unless of variable length (like strings and mutable lists), Or explicitly marked as heap-allocated All primitives, and structures thereof, are initialized and sized at compile time Rust uses the concept of ownership of data, which is enforced by the compiler Each value in Rust has a variable that’s called its owner There can only be one owner at a time When the owner goes out of scope, the value will be dropped All variables are read-only unless explicitly stated otherwise

Memory management in Rust (2/4)

Memory management in Rust (3/4)

Memory management in Rust (4/4) The C code returns an invalid value -- a silent failure Accidently defined invec2 to be of size 2 instead of 3. Even -Wall flag did not notice that we were overwriting stack data Need for static analysis tools Rust allocated on the stack as well Compiler noticed three calls to push on vector v2 Compiler updated stack requirements to fix the programmer error

Error handling in Rust (1/2) Rust introduces a type called Result Represents either a success or a failure Compiler checks that failure case are handled Success and failure are containers for data of any type That data lives in the scope of the error handling Avoids the hazard err_no and use of uninitialized variables

Error handling in Rust (2/3)

Error handling in Rust (3/3)

Dynamic libraries in Rust (1/4) Benefit from all the advantages of Rust without full rewrites Application Binary Interface enables very low overhead communication Example: Randomly generate two vectors of size three Subtract one from the other and compute the L2 norm Repeat 50 million times Case No external library C library Rust library Execution time (seconds) 5.28 5.30 8.37 Library size (MB) N/A 3.0 2.8

Dynamic libraries in Rust (2/4)

Dynamic libraries in Rust (3/4)

Dynamic libraries in Rust (4/4)

How have we used Rust? Core Flight App communication using Protocol Buffers Developed an orbit propagator interface in Rust Developed a set of Protocol Buffer messages Communication between Rust application and cFS App over TCP Advantages Orbit propagator tool developed “ported” to ARM platform without a single change in the code Test suite executed in on a x86_64 environment, but guaranteed to work on ARM as well Only possible for C applications which have an OSAL layer like cFE

Potential applications Flight Software Frameworks Zero-cost abstractions can enable shared traits between applications Procedural macros allow compile-time optimization of routing Memory safeties ensure no race condition happen within the app Verbose yet versatile error handling allow for good readability Platform limitations Many Rust “crates” require the standard library Requires Windows, Linux, MacOS, iOS, Fushia, some *BSD Requires x86, x86_64, PowerPC, most ARM architectures, and some MIPS If standard library not available, Rust can be compiled for “no-std” Requires some customizations, but used in production for telematics

Any questions? Chris Rabotin 561-206-2271 rabotin@advancedspace.com https://github.com/AdvancedSpace/fsw_conf https://github.com/ChristopherRabotin

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.