Microsoft applies coat of Rust to Azure Sphere IoT platform

Developers can now use the Rust programming language when creating applications on Azure Sphere platform for internet-connected devices.

Programmers can apply the performance and security capabilities within Rust to make software for Internet of Things devices and other embedded systems that can be the target of botnets and other malware.

Want to try a null-pointer dereference? Not gonna happen! For embedded systems this is a lifeline...

"Rust and Azure Sphere are a good match – a programming language that can improve safety of code with strict compile time safety checks alongside Azure Sphere's secure identity, update, and end-to-end encrypted communication services for internet-connected devices should provide greater security to the customer applications," Akshatha Udayashankar, an embedded software engineer at Microsoft, wrote in a blog post this week.

The move by Microsoft – which previewed the idea in June 2022 – comes the same week Google said it will support third-party Rust libraries in its open-source Chronium project. Like Microsoft, Google touted the security features in the programming language.

As our sister site DevClass wrote at the time, the attraction is not just safety. "Other factors include a greater likelihood of correctness, as a side-effect of safety guarantees, and more reliable concurrency. Rust's 'rich type system' assists in writing expressive code."

Azure Sphere already includes built-in security features for internet-connected devices and comprises hardware built atop chips from MediaTek and a Linux-based operating system. In addition, it includes the cloud-based Azure Sphere Security Services (AS3) that creates a secure connection between the devices and the internet or cloud.

AS3 ensures a secure boot, device identity authentication, the trust of the software, and certification the devices are running trusted code. It also enables Microsoft to securely download updates to the Azure Sphere OS and applications on the devices.

The introduction of Rust to Azure Sphere adds more security capabilities.

"The promise of Rust is the elimination or significant reduction of entire classes of software flaws," Joseph Lloyd, principal technical program manager for Azure Sphere, wrote in June.

"Forgot to initialize a variable? Nice explicit compiler errors! Want to try a null-pointer dereference? Not gonna happen! For embedded systems this is a lifeline, a pushback against the cost entropy of increasingly complex systems needing orders of magnitude more work and effort to come to market, even when they inherit from older code or integrate multiple open-source projects."

Udayashankar added that Rust brings modern developer tools to systems programming and low-level code control, which can be hit with a range of "subtle bugs" that most other languages can only catch by developers running extensive tests and code reviews.

By contrast, the Rust compiler will refuse to compile code that have their flaws, such as concurrency bugs. The compiler's actions enable greater stability via feature additions and refactoring, making them less risky than legacy code in languages that don't have such checks, she wrote.

"Rust endeavors to make safe code be fast code as well," Udayashankar wrote. "Zero-cost abstractions ensure higher-level features compile to low-level code as fast as code is written manually."

Rust was developed by Mozilla until 2021, when it got its own foundation to continue the work. The embrace by both Microsoft and Google is a boon to the language and a nod to its security features. Google already uses Rust in Android, and others like Apple and the Linux kernel have adopted it.

America's National Security Agency (NSA) in November 2022 recognized Rust when it encouraged organizations to transition from languages C and C++ to memory-safe languages like Rust, Go and C#, among others.

Such languages use compile time and runtime checks to automatically block many of the flaws that can be mistakenly included in the code by programmers.

In a report last year, Okta wrote that the Rust compiler "does not allow memory unsafe code unless it's explicitly marked as unsafe in an unsafe block or function. This static compile-time analysis eliminates many types of memory bugs, and with some additional runtime checks, Rust guarantees memory safety."

• Google polishes Chromium code with a layer of Rust
• If GNU please: Rust support merged for the forthcoming GCC 13
• Rust projects open to denial of service thanks to Hyper mistakes
• MacOS9.app: A tour de force of emulation and integration

That said, Rust is among a number of emerging programming languages – Go being another – that are being used by cyberthreat groups like Hive and BlackCat to better evade detection.

Rust is implemented in Azure Sphere through Rust's crate system, with dependencies built into what Microsoft calls the "customer app" for the platform. Udayashankar noted that given the myriad dependencies in the Azure Sphere app, programmers will need to determine how Rust will use memory compared to an app written in C language.

Microsoft is providing a link to the Azure Sphere Rust project on GitHub that includes the API, samples, and license terms. ®