$30 off During Our Annual Pro Sale. View Details »

The Coming Firmware Revolution

The Coming Firmware Revolution

Presentation given at the OSFC Mini-Summit in San Jose in 2021. Video: https://www.youtube.com/watch?v=XbBzSSvT_P0

Bryan Cantrill

November 11, 2021
Tweet

More Decks by Bryan Cantrill

Other Decks in Technology

Transcript

  1. The Coming Firmware Revolution Bryan Cantrill Oxide Computer Company

  2. OXIDE Revolutions past • The software revolutions of the past

    three decades: ◦ The Internet ◦ Distributed version control ◦ Open source • And of course, Moore’s Law dominated hardware • Aside: revolutions like cloud computing are the confluence of all of these
  3. OXIDE Hardware: The End of Moore’s Law • When phrases

    exclusively as increased transistor density, Moore’s Law holds at a greatly slowed pace — but at outsized cost • Moore’s Law has ceased to exist as an economic law • But is there another way of looking at it?
  4. OXIDE Wright’s Law? • In 1936, Theodore Wright studied the

    costs of aircraft manufacturing, finding that the cost dropped with experience • Over time, when volume doubled, unit costs dropped by 10-15% • This phenomenon has been observed in other technological domains • In 2013, Jessika Trancik et al. found Wright’s Law to hold better predictive power for transistor cost than Moore’s Law! • Wright’s Law seems to hold, especially for older process nodes
  5. OXIDE Wright’s Law: Ramifications • If Wright’s Law continues to

    hold, compute will be economically viable in more and more places that were previously confined to hard logic • This is true even on die, where chiplets have made it easier than ever to build a heterogeneous system — and where mixed process nodes have demanded more sophistication • Quick, how many cores are on your server? (Don’t forget the hidden ones!)
  6. OXIDE Wright’s Law: Software Ramifications • Having more compute in

    many more places means software in many more places, many of them hard to get to! • Historically, we have referred to the software that’s hard to get to by its own malapropism: firmware • More compute means much more of this lowest level system software, but security and multi-tenancy cannot be an afterthought! • We need to rethink our system software; could software revolutions past guide to firmware revolutions future?
  7. OXIDE Aside: A Researcher’s Call to Rethink Timothy Roscoe, OSDI

    2021 Keynote, It's Time for Operating Systems to Rediscover Hardware
  8. OXIDE The Coming Challenges • Much of the coming compute

    is, at some level, special purpose • These systems are much less balanced than our general-purpose systems — with much less memory and/or non-volatile storage • The overhead of dynamic environments (Java, Go, Python, etc.) is unacceptably high — and the development benefit questionable • Languages traditional used in this domain — C and C++ — both have well-known challenges around safety and security • But why are safety and security important?
  9. OXIDE The Needed Software Revolution • Safety and security are

    necessary for composability! • Composability fuels open source: when composability is absent, source code may serve as blueprint and literature -- but not building block • Open source is itself the most important coming revolution in firmware... • But for the open source revolution to gain purchase within firmware, we must have open, safe, secure, composable components • Enter Rust, and its killer feature...
  10. OXIDE Rust: no_std • Rust is a revolutionary language in

    many respects, but one that may be underappreciated is its ability to not depend on its own standard library • Much of what is valuable about the language — sum types, ownership model, traits, hygienic macros — is in core, not the standard library • Crates marked “no_std” will not perform any heap allocations — and any such allocation is a compile-time error! • But no_std crates can depend on other no_std crates — lending real composability to a domain for whom it has been entirely deprived
  11. OXIDE Rust: no_std binaries • Rust no_std binaries are stunningly

    small ◦ E.g., at Oxide, we are developing a message-passing, memory protected system entirely in Rust (Rust microkernel, Rust tasks); minimal systems are 30K — and entirely realistic ones are < 200K! • no_std is without real precedent in other languages or environments; it allows Rust to be put in essentially arbitrarily confined contexts • Rust is the first language since C to meaningfully exist at the boundary of hardware and systems software!
  12. OXIDE The Coming Firmware Revolution • Wright’s Law will continue

    to hold, resulting in more compute in more places — bringing with it more firmware! • We know from the last three decades that open source is essential -- but it needs composability to become non-linear • Rust brings new levels of composability to firmware • We fully expect many more open source, de novo hardware-facing Rust-based systems — and thanks to no_std they will be able to leverage one another, greatly accelerating open source firmware!