> For the same purpose that all standards have--to formally define it in writing.
This is tautological. It's equivalent to saying "it needs a standard to be written because it needs a written standard."
I mean what use case is there for Rust language users that isn't already met by the Ferrocene project? And the Ferrocene project is not a standard as in "other implementations will be found lacking," but a description of the 1.68 compiler as-is. That is a specification, not a standard. Ferrous Systems did not need Rust to have a standard in order to qualify the compiler for ISO 26262 and IEC 61508.
And if you need a ISO 26262 qualified Rust compiler, one exists. Hurrah.
Since you edited your post…simply having a standard won’t immediately qualify the language for those industries. There is only a tenuous link between having a standard and qualifying the language for industrial use.
>> simply having a standard won’t immediately qualify the language for those industries. There is only a tenuous link between having a standard and qualifying the language for industrial use.
Not having a language standard disqualifies Rust.
Administrators say that it shows that Rust is "not serious" and "not ready" for critical work.
Ferrocene is not a "stock Rust compiler". The "stock Rust compiler" is not qualified for safety critical work. If Ferrocene did not add value above what is offered by the stock Rust compiler, why would anyone buy Ferrocene?
Ferrocene is qualified for some safety critical work and plans to have more qualifications soon.
The blog post you link to says it's an unmodified fork. Here's a Ferrous Systems employee saying as much:
> Ferrocene is upstream rustc but with some extra targets, long term support, and qualifications so you can use them in safety critical contexts. This is what was stopping things like automotive companies from moving to Rust for things like engine control units, etc.
> It basically costs some money for the support and the qualification documents, but they will be all you need to prove qualification to any pertinent regulatory body so that your software can be certified for use in a real vehicle or whatever.
Basically the value add was to expand the support and documentation, which was required for qualification.
Again...no "standard" needed.
I think you are conflating standards and specifications. Ferrous fleshed out the specification, the description of the 1.68 compiler as-is. That means Rust 1.68 as-is was good enough for ISO qualification. Without a standard.
A standard is a minimum bar for languages to meet in order to be considered compliant. That's not a problem right now because there is, for all intents and purposes, a single canonical compiler and that is not likely to change.
As you point out, the important bit is the documentation that shows how and why a language is compliant with a safety standard. The spec serves as the basis on which the compliance can be referenced. A given implementation then is shown to satisfy the spec.
So yes, a given vanilla release is compliant, you just can't do anything with that in a way that an audit will allow until you include all the justifications as to how that makes the language safe (defined by whatever safety standard you need).
This is tautological. It's equivalent to saying "it needs a standard to be written because it needs a written standard."
I mean what use case is there for Rust language users that isn't already met by the Ferrocene project? And the Ferrocene project is not a standard as in "other implementations will be found lacking," but a description of the 1.68 compiler as-is. That is a specification, not a standard. Ferrous Systems did not need Rust to have a standard in order to qualify the compiler for ISO 26262 and IEC 61508.