How is software safety certified?

*(a crash course)* James explains a bit about how safety critical industries think about reliability, the work that goes into shipping safety critical software, and how the Rust language and compiler are a good fit these industries. Visit https://sdr-podcast.com/episodes/traceability/ to see the show notes and transcript! This episode is sponsored by Depot https://depot.dev/?utm_source=sdrpodcast&utm_medium=podcast&utm_campaign=sdr_podcast_may2025: the build acceleration platform that's on a mission to make all builds near instant. [00:00:00] Start [00:01:12] How is software safety certified? [00:08:50] There is no "safe" and "not safe" binary [00:14:00] Functional safety [00:25:56] Address risk the best way we know how to [00:29:49] A paper trail... [00:33:35] Everything can fail, especially people [00:37:49] “Just add safety" afterwards? [00:42:19] Working backwards to prove safety... [00:46:12] We can mitigate known failure modes [00:50:18] Functional safety is imperfect, but it's useful # Shownotes - safety-critical system https://en.wikipedia.org/wiki/Safety-critical_system - Announcing the Safety-Critical Rust Consortium https://rustfoundation.org/media/announcing-the-safety-critical-rust-consortium/ - Gen Z 'zoomer' https://www.merriam-webster.com/dictionary/Zoomer, millennial https://en.wikipedia.org/wiki/Millennials - Ferrocene https://ferrocene.dev/en/ from Ferrous Systems https://ferrous-systems.com/, AdaCore https://www.adacore.com/, HighTec https://www.hitex.com/products/development-tools/hightec-rust-development-platform - Infineon TriCore https://en.wikipedia.org/wiki/Infineon_TriCore - voltage regulator https://en.wikipedia.org/wiki/Voltage_regulator - Felix https://github.com/xylakant and Florian https://github.com/skade Gilcher - Facet https://facet.rs/ from Amos https://fasterthanli.me/articles/introducing-facet-reflection-for-rust - merde https://github.com/bearcove/merde, Previous Self-Directed Research episodes: Merde is not Serde https://sdr-podcast.com/episodes/merde-is-not-serde/ and A Different Serde https://sdr-podcast.com/episodes/a-different-serde/ - functional safety https://en.wikipedia.org/wiki/Functional_safety - Backblaze hard drive failure rates https://www.backblaze.com/blog/backblaze-drive-stats-for-q1-2025/ - XKCD video series "What if the sun suddenly went out?" https://www.youtube.com/watch?v=X7sbn9LMZOg - Podcast "Well There's your problem" https://www.wtyppod.com/ - ETOPS "Extended-range Twin-engine Operations Performance Standards" https://en.wikipedia.org/wiki/ETOPS, and the backronym "Engines Turn Or Passengers Swim" https://en.wikipedia.org/wiki/ETOPS#Backronym - IEC 61508 https://en.wikipedia.org/wiki/IEC_61508, ISO 26262 https://en.wikipedia.org/wiki/ISO_26262 - SDR episode: Traceability https://sdr-podcast.com/episodes/traceability/ - the "Swiss cheese model" https://en.wikipedia.org/wiki/Swiss_cheese_model - James' homegrown network stack ergot https://docs.rs/ergot/latest/ergot/ - Coz, the causal profiler https://github.com/plasma-umass/coz - MISRA https://misra.org.uk/, misra-rust repo https://github.com/PolySync/misra-rust from Polysync https://www.polysync.io/