Certification

JA1020_202603 and Rust Certification

SAE JA1020_202603 describes certification-relevant guidance for Rust and its tooling, especially in the context of ISO 26262 and RTCA DO-178C/DO-332.

Key points for practice:

• Tool confidence and qualification must be explicitly defined for compiler and

  crates (see JA1020 section 6.1).

• Depending on project context and integrity level, three paths are considered:

  qualified tools, strong downstream verification that detects tool faults, or comprehensive confidence evidence for tool usage.

• Qualification evidence is tied to the exact tool version, target

  architecture, and relevant compiler configuration.

• Stable toolchains are expected for certification contexts; nightly features

  are not recommended for safety-related projects.

• Configuration management must include Rust toolchain components (e.g.,

  compiler, rustup/cargo, clippy/rustdoc), runtime libraries, and external crates.

• “Proven in use” arguments alone are considered difficult to justify for

  safety cases and should not replace structured qualification or verification arguments.

For SCORE, JA1020 should be used as baseline guidance for certification strategy, while project-specific safety case evidence is documented in the corresponding plans and work products.

• Toolchain
• Tools