Presentation given at the OSFC Mini-Summit in San Jose in 2021. Video: https://www.youtube.com/watch?v=XbBzSSvT_P0
The Coming Firmware
Oxide Computer Company
• The software revolutions of the past three decades:
○ The Internet
○ Distributed version control
○ Open source
• And of course, Moore’s Law dominated hardware
• Aside: revolutions like cloud computing are the conﬂuence of all of these
Hardware: The End of Moore’s Law
• When phrases exclusively as increased transistor density, Moore’s Law
holds at a greatly slowed pace — but at outsized cost
• Moore’s Law has ceased to exist as an economic law
• But is there another way of looking at it?
• In 1936, Theodore Wright studied the costs of aircraft manufacturing,
ﬁnding that the cost dropped with experience
• Over time, when volume doubled, unit costs dropped by 10-15%
• This phenomenon has been observed in other technological domains
• In 2013, Jessika Trancik et al. found Wright’s Law to hold better
predictive power for transistor cost than Moore’s Law!
• Wright’s Law seems to hold, especially for older process nodes
Wright’s Law: Ramiﬁcations
• If Wright’s Law continues to hold, compute will be economically viable in
more and more places that were previously conﬁned to hard logic
• This is true even on die, where chiplets have made it easier than ever to
build a heterogeneous system — and where mixed process nodes have
demanded more sophistication
• Quick, how many cores are on your server? (Don’t forget the hidden
Wright’s Law: Software Ramiﬁcations
• Having more compute in many more places means software in many
more places, many of them hard to get to!
• Historically, we have referred to the software that’s hard to get to by its
own malapropism: ﬁrmware
• More compute means much more of this lowest level system software,
but security and multi-tenancy cannot be an afterthought!
• We need to rethink our system software; could software revolutions past
guide to ﬁrmware revolutions future?
Aside: A Researcher’s Call to Rethink
Timothy Roscoe, OSDI 2021 Keynote, It's Time for Operating Systems to Rediscover Hardware
The Coming Challenges
• Much of the coming compute is, at some level, special purpose
• These systems are much less balanced than our general-purpose
systems — with much less memory and/or non-volatile storage
• The overhead of dynamic environments (Java, Go, Python, etc.) is
unacceptably high — and the development beneﬁt questionable
• Languages traditional used in this domain — C and C++ — both have
well-known challenges around safety and security
• But why are safety and security important?
The Needed Software Revolution
• Safety and security are necessary for composability!
• Composability fuels open source: when composability is absent, source
code may serve as blueprint and literature -- but not building block
• Open source is itself the most important coming revolution in ﬁrmware...
• But for the open source revolution to gain purchase within ﬁrmware, we
must have open, safe, secure, composable components
• Enter Rust, and its killer feature...
• Rust is a revolutionary language in many respects, but one that may be
underappreciated is its ability to not depend on its own standard library
• Much of what is valuable about the language — sum types, ownership
model, traits, hygienic macros — is in core, not the standard library
• Crates marked “no_std” will not perform any heap allocations — and
any such allocation is a compile-time error!
• But no_std crates can depend on other no_std crates — lending real
composability to a domain for whom it has been entirely deprived
Rust: no_std binaries
• Rust no_std binaries are stunningly small
○ E.g., at Oxide, we are developing a message-passing, memory
protected system entirely in Rust (Rust microkernel, Rust tasks);
minimal systems are 30K — and entirely realistic ones are < 200K!
• no_std is without real precedent in other languages or environments; it
allows Rust to be put in essentially arbitrarily conﬁned contexts
• Rust is the ﬁrst language since C to meaningfully exist at the boundary
of hardware and systems software!
The Coming Firmware Revolution
• Wright’s Law will continue to hold, resulting in more compute in more
places — bringing with it more ﬁrmware!
• We know from the last three decades that open source is essential --
but it needs composability to become non-linear
• Rust brings new levels of composability to ﬁrmware
• We fully expect many more open source, de novo hardware-facing
Rust-based systems — and thanks to no_std they will be able to
leverage one another, greatly accelerating open source ﬁrmware!