Using the Rust programming language in the Army?

42 views
Skip to first unread message

Bill Barnhill

unread,
Dec 13, 2022, 10:46:55 AM12/13/22
to Military Open Source Software (Mil-OSS)
Does anyone know of uses of Rust within the Army?

I am specifically interested in existing waivers, or an existing CON for using Rust.

I'd like to use Rust on an upcoming project, but it's new to my directorate, so I could use evidence of use elsewhere within the Army.

Rust is a compiled language whose key strengths are the low level control of a Systems language like C, the expressivity of a higher level language like C++, and a level of reliability not found in many programming languages ("memory safe" through a Rust-unique feature of the borrow checker, and through other mechanisms).

Any help is greatly appreciated, thank you.

Christopher Sean Morrison

unread,
Dec 13, 2022, 10:59:39 AM12/13/22
to mil...@googlegroups.com
There’s no CoN/RMF/ATO for C/C++ (that I’m aware of at least), so I’m not sure why there’d need to be one for Rust or any other programming language.  I supposed there might be one for the compiler or an IDE application, but still seems like a pretty straightforward no-risk non-standard software request for your IAM, at best.

There’s precedence with Java SDK, Intel oneAPI, Visual Studio, Python, etc.  It’s the app built on Rust that needs to be assessed.  I do know of DoD folks that have used it, but not aware of anyone doing anything special waiver-wise.

Cheers!
Sean


--
--
You received this message because you are subscribed to the "Military Open Source Software" Google Group.
To post to this group, send email to mil...@googlegroups.com
To unsubscribe from this group, send email to mil-oss+u...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/mil-oss?hl=en
 
www.mil-oss.org

---
You received this message because you are subscribed to the Google Groups "Military Open Source Software (Mil-OSS)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mil-oss+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mil-oss/01b06982-937b-4cc3-b88e-1699e12e8b2an%40googlegroups.com.

Kit Plummer

unread,
Dec 13, 2022, 11:05:47 AM12/13/22
to mil...@googlegroups.com

The question might be whether Rust is distributed with a STIGd OS, e.g., RHEL, if you need to use Cargo and build Rust in a walled garden.

Chuck Milam

unread,
Dec 13, 2022, 11:10:12 AM12/13/22
to mil...@googlegroups.com
There’s no CoN/RMF/ATO for C/C++ (that I’m aware of at least), so I’m not sure why there’d need to be one for Rust or any other programming language.

As always, results may vary at the local level, depending entirely on the aptitude and attitude of the local Cyber Staff (ISSMs, IASOs, whatever they're calling themselves now.)
 
I was at a site that was insisting on a complete RMF A&A package for the use of Python. The only things they'd allow without any of this kind of administrative friction was DOS .BAT files and only begrudgingly, PowerShell. 

Yes, these people exist, and they're guiding policy decisions.  
 
---
Chuck Milam


To view this discussion on the web visit https://groups.google.com/d/msgid/mil-oss/3D9E7164-A46C-421F-B0F5-00099BB69666%40mac.com.

John Scott III

unread,
Dec 13, 2022, 11:17:22 AM12/13/22
to mil...@googlegroups.com

Kit Plummer

unread,
Dec 13, 2022, 11:47:02 AM12/13/22
to mil...@googlegroups.com
The fact that it is in the Linux kernel means that many people will be using Rust without even knowing it.  😁

But if you’re really concerned about safety, language may not be the most important aspect. 

I’m interested in how Rust is going to show up in the cloud-native world.  Or things like Constellation, Ballista and unikernels (nanovms).

This is cool too: 

Reply all
Reply to author
Forward
0 new messages