Month: February 2023

Despite a host of up-and-coming alternatives, C++ is still a force to be reckoned with, certainly in the legacy-fraught high-tech industry. In a series of articles, High Tech Institute trainer Kris van Rens puts the language in a modern perspective. In our new 4-day training course, Kris van Rens introduces participants to the language basics and essential best practices.

Every couple of years, C and C++ are declared dead. Recently, Microsoft Azure CTO Mark Russinovich publicly stated that they should be deprecated, in favor of Rust. Though expressed in a personal capacity, it’s an interesting take for someone from Microsoft, which has an enormous C++ code base and many active members in the C++ committee.

Regardless, C and C++ are still very much alive and kicking – each the lingua franca of many industrial software development environments. Yet, Rust is the apparent ‘place to be’ these days in systems programming land. What is it about this language that makes it so attractive? Let’s look at it from a C++ perspective.

Notable differences

First off, Rust offers a clear and objective advantage over C++: guaranteed memory safety for the compiled result. Essentially, Rust trades off compilation time (and compiler complexity) for a safer runtime. The compiler will try to prove to itself that the code you feed it is memory safe, using its type system and sometimes the help of the developer to indicate things like variable or reference lifetime dependencies.

There have been multiple independent security surveys on large C and C++ code bases that have shown a consistent and whopping 70 percent of all bugs and security issues to be memory safety related. In light of this, trading compile time for a memory-safe runtime seems a no-brainer. Writing quality C++ using the right tools, tests, best practices and compiler sanitizers can get you there too, but it doesn’t provide hard guarantees from the get-go. The ‘guard rails’ Rust implements to protect you from shooting yourself in the foot may sometimes be complex or even irritating, but think about the considerable benefits a runtime memory safety guarantee brings to programming concurrent software.

Another notable difference to C++ is the way Rust integrates the handling of errors and function result values. Unlike C++, it has no exceptions; it offers mechanisms to deal with errors using regular control flow. Result values must be processed, forcing the developer to implement error handling and prevent incorrect code, so errors or exceptions rarely fly under the radar. If during runtime, things really go sideways – say memory is exhausted – Rust will generate a so-called panic, a fatal error, stopping the thread in question (which can be handled gracefully).

The Rust compiler, built on top of the LLVM compiler back-end, is evidently very pedantic, to uphold memory safety and correctness of code, but quite helpful at the same time. Consider it a pair programmer, looking over your shoulder and providing readable error messages, even suggesting potential solutions. Aside from the compiler, most of the Rust tooling ecosystem revolves around Cargo, which is a build system, a package and dependency manager and much more, all in one. Despite the wealth of package managers, build systems and other tools available for C++, setting up a serious C++ project can still be a pain in the rear end.

Being relatively young, Rust has had the luxury of assimilating 40+ years of language development into its syntax and structure. Much of the inspiration was drawn from both imperative languages like C++ and functional languages like Haskell and Scheme. This gives it the subjective benefit of a very ‘modern’ feel. Moreover, many things in Rust are expressions, providing more flexibility in code notation.

In my previous contribution, I argued that the user base of a programming language is of paramount importance. Rust, with help of the Rust Foundation, is gradually building this user base, as can be deduced from many indicators, like the Tiobe index and the Stack Overflow survey, and by the adoption of Rust in the Linux v6.1 kernel – not a minor feat. As more and more security reports claim net positive effects strongly related to the use of memory-safe languages like Rust, the user base will continue to grow. Every pointer (no pun intended) seems to indicate a bright future for Rust.

Not all sunshine and roses

Should we then just deprecate C and C++ in favor of Rust? In my opinion, this poses a false dichotomy. Why should we have to choose between one or the other? As software engineers, we should use the right tool for the job.

Migrating to Rust isn’t all sunshine and roses either. When you have a large body of existing C++ code, Rust isn’t directly going to be of help, unless you’re willing to drop to C APIs for interaction. There are tools for C++-level interoperability, but these are still in their infancy. Of course, you could also rewrite your code – but that isn’t going to be easy, especially not when you lean heavily on advanced templates. And when you’re relying on absolute maximum performance requirements, safe Rust may not be up to it (yet?). Furthermore, in stricter environments like automotive or aviation, standards often prescribe the use of a formally specified programming language, which Rust currently is not.

The best advice is to not pin yourself down on a single programming language. Learning multiple languages is generally really beneficial and will improve your competence, style and knowledge in every language you master. So take a look at C++, Rust and other alternatives to broaden your perspective – or just for the sheer fun of it.

Trainers Kees Verbaan and Hans Vermeulen on the fun of training. They look back on the passive damping training at ASML in Wilton, for which they received the highest trainer score in 2022.

Kees Verbaan and Hans Vermeulen, the two High Tech Institute Teachers of the Year 2022, were surprised with their award. But not so much about the high appreciation behind it coming from the participants of the Passive damping training at ASML Wilton in the US. ‘Our story resonated there,’ both say. Vermeulen: ‘ASML is clearly leading in terms of technology development. You see that it has really become necessary to apply passive damping. There are multiple dampers in a lithographic scanner, actually in these machines you find them all over the place.’

Technology professionals at ASML are relatively well trained and have often been involved in many complex problems. Vermeulen: ‘Teaching such a group of engineers on site implies a lot of interaction. They keep up very well in terms of knowledge level. The subject also suits them. Unsurprisingly they came with a lot of critical questions.’ Verbaan: ‘You feel the urgency. It was great fun to have discussions with them on the cutting edge. Many of the engineers also had a dynamic background, so actually all the topics of the course resonated well.’

Prof. Hans Vermeulen at Eindhoven University of Technology.

The need for trainings at ASML is driven by the large influx. ‘At all development sites they bring in a lot of people, also in Wilton,’ says Vermeulen. ‘When I was there for ASML Research in 2017, they had about 350 development engineers on the payroll. I think that number has quadrupled by now.’

The main purpose of the trainings is to get everyone in the organization speaking the same language. ‘Starting mechatronics engineers follow the same curriculum of four basic training courses. The basic ‘Mechatronics’ training part 1 and 2, ‘Dynamics and modeling’ and ‘Passive damping for high tech systems’.’

Passive damping is the most recent one. The field of knowledge is on the rise because traditional design methods based on masses and springs alone are no longer adequate enough for the latest demands. In the past, it was not necessary. For a long time, technical designers found head room to increase resonance frequencies through lighter and stiffer structures to achieve required precision. But we are running more and more towards limits. ‘Therefore, we started to reduce vibration amplitudes at resonances by means of damping,’ Vermeulen says. ‘It is an element you have to build in carefully. The goal is to extract energy from a system to reduce unwanted vibrations. But it can come at the cost of your positioning accuracy if you don’t apply it properly.’

Should every mechanical engineer in a high-tech company know about it?

‘In any case, it’s good to be aware of it. In civil engineering, damping has been applied in skyscrapers and bridges for decades already.’ Vermeulen finds it difficult to draw a comparison with his own field, but he still sees things going wrong these days. ‘There are sometimes resonances in airplane wings and bridge decks that could have been avoided if the relevant analyses would have been done, as for example for the London Millennium Bridge. Whatever field you come from, as an engineer it’s good to know how to apply it. But it starts with sound mechanical design. The moment you need it, it’s handy to have it readily available.’

Verbaan: ‘Not everyone needs to be able to implement it in full detail, or be able to fully calculate it. But a good understanding of how to create lightweight and stiff structures, after which you might apply damping to get to an optimal result, is something I think you need to have.’

Dr. Kees Verbaan at Eindhoven University of Technology.

Verbaan says about the fun of the training: ‘It’s great fun when you understand a subject yourself and then witness that someone is really getting the message. That generates a lot of enthusiasm in that person, but also for myself.’

Vermeulen says he recognizes this. ‘I very much like to get things really across. The training is also designed with that goal in mind. We discuss how to deal with damping mathematically, about mass, spring and damping matrices. But in addition, very early in the course, participants practice with an elementary case on how to reduce the vibration amplitude of a mass-spring system say by a factor of one hundred in ten cycles through dissipation of energy. Then it sinks in what it means to apply damping.’

Verbaan: ‘They start thinking: ‘What does that mean’?, and then rapidly see what a damper really does and what definitions mean that go with it. In this way, we awaken the interest they need to tackle in other cases later on.’

Besides the elementary basics, the two also cover design and modeling, and a practical exercise to implement it themselves. In addition, also how participants can apply it in their own practice. ‘That combination creates a very nice interaction,’ Verbaan says. ‘Some engineers are very much into modeling, others have more practical experience. We see a lot of interaction between participants there, and we get a lot of energy from that.’

What is the interaction like in the passive damping trainings with open enrollment?

‘There we see more mixed and diverse groups,’ Verbaan says. ‘There it is sometimes more challenging to get everyone to join in immediately on every single topic. For materials scientists, the experience is much different from someone who is used to work with complex dynamic models. In Wilton, all the topics resonated well with all the people.

This article is written by René Raaijmakers, tech editor of High-Tech Systems.