This is incorrect. Any language with a well-defined semantics (such as a compiler or interpreter) can be validated formally. It may just be too time-consuming for people to bother. For example the operational semantics of C has been implemented formally, e.g. [1]. The same could be done with C++.
My day job is currently writing embedded high availability code to a slightly modified version of the JSF coding standard (which is itself a modified version of MISRA for C++). There's a lot of safety that Rust would give us on top of C++ with the coding standard's rules, and we're waiting for Rust to simply mature a little.
To me, it seems like in the future Rust could occupy the same niche as Java + RTSJ does presently. I'm just not clear on how or why Rust would be sufficiently better to overcome the track record of Java + RTSJ.
JITs and interpreters suck for realtime, and there's only so many optimizations that an AOT compiler can do to a Java codebase (hence why JITs ar so prevalent for Java). Pushing all of these verifications into compile time significantly reduces the run time requirements.
Honestly I see Rust as (potentially, down the road) being a better, less verbose Ada than a better C++ or Java. You tend to write Rust code much like you would an Ada or VHDL program.
Both JamaicaVM and PERC seem to have favorable requirements when run with AOT compilation, and the JIT compilation didn't seem too onerous either. What problems have you run into?
I ask because I'm in the process of spec'ing out a safety critical medical device, and JamaicaVM is the lead candidate at the moment.
[1] http://fsl.cs.illinois.edu/index.php/An_Executable_Formal_Se...