Rust & RIOT combined for ergonomic embedded development
Ariel OS is an operating system for secure, memory-safe, low-power Internet of Things (IoT). Ariel OS is based on Rust from the ground up, and uses formal verification for critical modules. To learn more about our motivations, see this manifesto.
Hardware targets include varieties of IoT hardware based on 32-bit microcontroller architectures (such as Cortex-M, RISC-V).
In practice, Ariel OS builds on top of Embassy. Compared to what Embassy already provides, Ariel OS brings additional value in terms of abstraction, operating system functionalities, and integration for a (curated) set of software modules, tools and libraries, as well as a stronger focus on cybersecurity and formal verification.
In particular, Ariel OS aims to combine:
- application code portability across all supported hardware, via consistent memory/energy efficient APIs;
- async programming paradigms, based on Embassy;
- preemptive scheduler programming paradigms, based on formally verified modules using hax;
- booting & update security, via measured boot and secure software updates, using formally verified modules.
Ariel OS is an offspring of RIOT OS. It shares many of its goals and visions, such as portability and providing a 'batteries-included' experience.
The following list of hardware is currently supported:
- Nordic nRF52840 DK (Cortex-M4)
- Nordic nRF5340 DK (Cortex-M33)
- Raspberry Pi Pico (RP2040, Cortex-M0+)
- Raspberry Pi Pico W (RP2040, Cortex-M0+)
- BBC Micro:Bit v2 (Cortex-M4)
- Expressif ESP32-C6-DevKitC-1 (RISC-V)
- ST NUCLEO-F401RE (Cortex-M4)
- ST NUCLEO-H755ZI-Q (Cortex-M7)
- ST NUCLEO-WB55RG (Cortex-M4)
- and more to come soon.
This is currently work-in-progress. Expect missing functionalities and frequent changes! If you are not so adventurous, but nevertheless looking for a way to run your Rust module on a microcontroller, you could try to glue it directly on top of Embassy, or instead, run your module in a riot-wrappers.
The following assumes you have a Nordic nrf52840dk connected to your PC. (For other supported boards, you can find your board's name in ./src/ariel-os-boards/Cargo.toml and use it instead of 'nrf52840dk' in the below guidelines.)
The following instructions will enable you to flash and run the hello-world
example:
-
install needed system dependencies. On Ubuntu, the following is sufficient:
apt install build-essential curl git python3 pkg-config \ libssl-dev llvm-dev cmake libclang-dev gcc-arm-none-eabi \ clang libnewlib-nano-arm-none-eabi unzip lld ninja-build -
install rustup
-
install laze:
cargo install laze -
install probe-rs:
cargo install probe-rs-tools --locked -
clone this repository and cd into it
-
install rust targets:
laze build install-toolchain
-
Compile, flash and the hello-world example using
probe-rs runlaze -C examples/hello-world build -b nrf52840dk run
(might fail if the flash is locked, click here for unlocking instructions)
This might fail due to a locked chip, e.g., on most nrf52840dk boards that are fresh from the factory. In that case, the above command throws an error that ends with something like this:An operation could not be performed because it lacked the permission to do so: erase_all
The chip can be unlocked using this command:
laze -C examples/hello-world build -b nrf52840dk flash-erase-all
Please look at the build system documentation for more usage information.
Ariel OS makes use of selected Rust unstable features. For the time being, it is
recommended to use the nightly version pinned by rust-toolchain.toml.
Please see the chapter on coding conventions in the documentation.
Ariel OS is licensed under either of
- Apache License, Version 2.0 (LICENSE-APACHE or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT)
at your option.
Copyright (C) 2020-2023 Freie Universität Berlin, Inria, Kaspar Schleiser
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
Thanks to all the people who already contributed!