Sign in Subscribe

Rust is DO-178C Certifiable

Rust is DO-178C Certifiable

Here’s How (and Who’s Involved Today)

In the world of safety-critical systems—think aerospace, automotive, and medical devices—certification is paramount. These industries demand stringent standards to ensure software behaves predictably, safely, and securely. Traditionally, languages like C/C++ and Ada have dominated these sectors due to their maturity and certification-ready toolchains. However, Rust, a relatively new language, isn’t just a viable alternative—it’s quickly becoming the best option for safety-critical systems. In fact, many industry leaders are now adopting Rust for safety-critical applications.

Why Rust in Safety-Critical Systems?

Rust emerged 13 years ago from Mozilla's research to develop a 'Safe by Design' programming language that addresses cybersecurity issues inherent in C and C++. As Silicon Valley increasingly embraced safety-first design principles over the past decade, Rust’s popularity in tech surged.

Rust’s reputation for safety and performance also makes it an attractive choice for hardware products where reliability is non-negotiable. From memory safety to concurrency guarantees, Rust’s standout features help teams catch errors earlier, reduce the need for exhaustive testing, and gain a level of confidence akin to formal verification—without fully taking on that effort themselves. Simply put, Rust empowers teams to be both more productive and more confident in their code.

What Makes Rust Certifiable?

In safety-critical software, certification standards like DO-178C (aerospace), ISO 26262 (automotive), or IEC 61508 (industrial) set the bar for what’s considered acceptable. While Rust isn’t “certified” out of the box, it provides attributes that facilitate certification. By design, Rust restricts certain low-level operations and enforces strict memory safety rules, effectively shifting much of the error-checking and verification into compile-time. This means that issues that might otherwise be found by multiple external tools in C/C++ are caught early during the Rust build process.

Companies Involved in Safety Critical Rust Development

Several forward-thinking organizations are already working on for Rust in safety-critical domains:

Challenges to Rust Certification

As recently as a year ago, Rust qualification under DO-178C was possible but far from straightforward. Today, however, organizations like AdaCore and Ferrous Systems have closed much of the tooling gap that once separated Rust from C/C++ or Ada. With developments such as the Ferrocene-qualified compiler, Rust can now meet all the analysis requirements under DO-178C, one of the most stringent safety-critical standards worldwide.

The main challenges that remain are awareness and education. Engineers, certification authorities, and regulators need to understand Rust’s merits—both technical and practical—so they can confidently adopt it for safety-critical applications.

The Future of Rust in Safety-Critical Applications

Rust is no longer just the “new language on the block”; it’s poised to become a go-to language for safety-critical industries. As companies increasingly adopt Rust for systems requiring DO-178C and ISO 26262 compliance, the pace of innovation is expected to accelerate.

For developers and organizations looking to innovate rapidly while maintaining the highest safety standards, Rust offers a compelling path forward. By eliminating common programming errors and enabling deterministic execution, Rust not only solves today’s challenges but also positions itself as a foundational technology for the future of safety-critical systems.

Are you considering Rust for your next safety-critical project? Let’s chat!

At Pictorus, we’re committed to enabling the future of safety-critical systems. Our expertise in model-based development and cutting-edge technologies like Rust can help you stay ahead.