[tptacek]

I've done professional validation work in automotive, industrial (and utilities), and medical (I'm a low-level C vulnerability researcher and have been since 1995), and believe you are simply wrong.

There are, no doubt, a number of niche systems that require specific toolchains. There are, in our fallen world, systems that require Ada or even particular variants of C. If you want to tell me that aviation flight control systems are such a niche, I will believe you --- I've never had to assess one.

But it is not the case that industrial computing or medical device software are locked into memory-unsafe languages due to industry-wide certificational requirements; in fact, that's something I know not to be true from specific experience. And virtually all of the embedded systems I've had to assess over the years would have benefited, commercially, from a memory-safe implementation language.

[gmueckl]

You surely must be aware of IEC 61508 and ISO 26262 if you work in that field. These govern automotive software and industrial automation (the later has no domain specific standard). It is easily verified that these standards are adhered to in practice. I worked on IEC 61508 compliant systems. And all these standards require that the tools used for compiling, verifying and testing the software is tested and certified to be correct. This certification is performed by a Notified Body. This is mandated by law for medical systems and the standard procedure for the rest.

This is a major barrier to entry for new programming languages in these markets. Note that I am not saying that improved memory safety wouldn't be useful in embedded software. But the market is so conservative in parts that real uptake is at least a decade or two away.