I am also an embedded dev, and I agree heartily with your post.
Something that Rust is bringing is sane and safe default. That does not look like a big deal, because you can write C and C++ "the right way". But in the real world, it does not always work like that.
My team has inherited a 1M LoC real time application that is been moved around and developed by different team of subcontractors in the last ten years. It has devolved in a bug ridden mess (hence the need to bring it back in house).
Rust would not have been a silver bullet but there is a whole class of error that would not have happened, and would have been forbidden in the first place.
The subcontractors were supposed to use a static analyzer but we got the code back we had to fix 5000 defects of the worst kind (buffer overflows, dereferencing null pointer, memory leaks and so on)
For me, the value proposition of Rust is that it is roughly equivalent to C + a good static analyzer, but it is for free, and you are sure the checks are in place and have been executed.
In my mind it is pretty clear that in the next 20 years, C is going to be replace by something safer in the embedded world. It might be Rust, it might be something else.
Something that Rust is bringing is sane and safe default. That does not look like a big deal, because you can write C and C++ "the right way". But in the real world, it does not always work like that.
My team has inherited a 1M LoC real time application that is been moved around and developed by different team of subcontractors in the last ten years. It has devolved in a bug ridden mess (hence the need to bring it back in house).
Rust would not have been a silver bullet but there is a whole class of error that would not have happened, and would have been forbidden in the first place.
The subcontractors were supposed to use a static analyzer but we got the code back we had to fix 5000 defects of the worst kind (buffer overflows, dereferencing null pointer, memory leaks and so on)
For me, the value proposition of Rust is that it is roughly equivalent to C + a good static analyzer, but it is for free, and you are sure the checks are in place and have been executed.
In my mind it is pretty clear that in the next 20 years, C is going to be replace by something safer in the embedded world. It might be Rust, it might be something else.