Phase 3: Enhanced Type System Integration with Safety-Level Selection

[avrabe]

Overview

Enhance the prelude system and type selection to work with the new four-layer safety architecture, enabling safety-level-based type selection beyond just std/no_std patterns.

Parent Issue: #101
Depends on: #102, #103

Current State

The prelude system currently uses binary std/no_std selection:

// wrt-foundation/src/prelude.rs
#[cfg(not(feature = "std"))]
pub type ArgVec<T> = BoundedVec<T, MAX_WASM_FUNCTION_PARAMS, NoStdProvider<...>>;

#[cfg(feature = "std")]  
pub type ArgVec<T> = Vec<T>;

Required Enhancements

1. Safety-Level-Based Type Selection

Extend prelude files to select types based on safety requirements:

// Enhanced type selection based on memory strategy
#[cfg(feature = "static-allocation")]
pub type SafeVec<T> = BoundedVec<T, CAPACITY, StaticProvider<CAPACITY>>;

#[cfg(feature = "bounded-allocation")]
pub type SafeVec<T> = BoundedVec<T, CAPACITY, BoundedProvider<CAPACITY>>;

#[cfg(feature = "managed-allocation")]
pub type SafeVec<T> = BoundedVec<T, CAPACITY, ManagedProvider>;

#[cfg(feature = "std-allocation")]
pub type SafeVec<T> = Vec<T>;

// Safety-level-specific capacity limits
#[cfg(any(feature = "asil-d", feature = "dal-a", feature = "sil-4", feature = "class-c"))]
pub const MAX_SAFETY_CAPACITY: usize = 256; // Strict limits for highest safety

#[cfg(any(feature = "asil-c", feature = "dal-b", feature = "sil-3", feature = "class-b"))]  
pub const MAX_SAFETY_CAPACITY: usize = 1024; // Medium limits

#[cfg(any(feature = "asil-b", feature = "dal-c", feature = "sil-2", feature = "class-a"))]
pub const MAX_SAFETY_CAPACITY: usize = 4096; // Relaxed limits

#[cfg(any(feature = "qm", feature = "dal-e", feature = "sil-1"))]
pub const MAX_SAFETY_CAPACITY: usize = 65536; // No strict limits

2. Compositional Type Aliases

Create type aliases that compose the four layers:

// Memory management + Safety level composition
#[cfg(all(feature = "static-allocation", any(feature = "asil-d", feature = "dal-a")))]
pub type RuntimeString = BoundedString<256, StaticProvider<1024>>;

#[cfg(all(feature = "bounded-allocation", any(feature = "asil-c", feature = "dal-b")))]  
pub type RuntimeString = BoundedString<1024, BoundedProvider<4096>>;

#[cfg(all(feature = "managed-allocation", any(feature = "asil-b", feature = "dal-c")))]
pub type RuntimeString = BoundedString<4096, ManagedProvider>;

#[cfg(feature = "std-allocation")]
pub type RuntimeString = String;

// Multi-standard function parameter types
#[cfg(any(
    all(feature = "iso-26262", feature = "asil-d"),
    all(feature = "do-178c", feature = "dal-a"),
    all(feature = "iec-61508", feature = "sil-4"),
    all(feature = "iec-62304", feature = "class-c")
))]
pub type FunctionArgs<T> = BoundedVec<T, 32, StaticProvider<512>>; // Strict limits

#[cfg(any(
    all(feature = "iso-26262", any(feature = "asil-b", feature = "asil-c")),
    all(feature = "do-178c", any(feature = "dal-b", feature = "dal-c")),
    all(feature = "iec-61508", any(feature = "sil-2", feature = "sil-3"))
))]
pub type FunctionArgs<T> = BoundedVec<T, 128, BoundedProvider<2048>>; // Medium limits

3. Safety-Qualified Memory Providers

Integrate with the existing safe_managed_alloc\! system:

// Safety-level-aware memory allocation
#[cfg(feature = "static-allocation")]
#[macro_export]
macro_rules\! safety_alloc {
    ($size:expr, $crate_id:expr) => {
        // Static allocation - compile-time verified
        $crate::static_managed_alloc\!($size, $crate_id)
    };
}

#[cfg(feature = "bounded-allocation")]
#[macro_export] 
macro_rules\! safety_alloc {
    ($size:expr, $crate_id:expr) => {
        // Bounded allocation - runtime verified
        $crate::safe_managed_alloc\!($size, $crate_id)
    };
}

#[cfg(feature = "managed-allocation")]
#[macro_export]
macro_rules\! safety_alloc {
    ($size:expr, $crate_id:expr) => {
        // Managed allocation - monitored
        $crate::monitored_managed_alloc\!($size, $crate_id)  
    };
}

4. Integration with safety_system.rs

Leverage the existing multi-standard infrastructure:

// Compile-time safety context selection
#[cfg(all(feature = "iso-26262", feature = "asil-d"))]
pub const SAFETY_CONTEXT: SafetyContext = safety_context\!(AsilD);

#[cfg(all(feature = "do-178c", feature = "dal-a"))]  
pub const SAFETY_CONTEXT: UniversalSafetyContext = 
    universal_safety_context\!(Do178c(DalA));

#[cfg(all(feature = "iec-61508", feature = "sil-4"))]
pub const SAFETY_CONTEXT: UniversalSafetyContext =
    universal_safety_context\!(Iec61508(Sil4));

// Runtime safety verification integration
pub trait SafetyQualified {
    fn verify_safety_constraints(&self) -> Result<()>;
    fn get_safety_level(&self) -> SafetyStandard;
}

impl<T, const N: usize, P> SafetyQualified for BoundedVec<T, N, P> 
where P: MemoryProvider
{
    fn verify_safety_constraints(&self) -> Result<()> {
        #[cfg(any(feature = "asil-d", feature = "dal-a", feature = "sil-4"))]
        {
            // Highest safety levels require formal verification
            if \!self.is_formally_verified() {
                return Err(Error::safety_violation("Formal verification required"));
            }
        }
        
        #[cfg(any(feature = "asil-c", feature = "dal-b", feature = "sil-3"))]
        {
            // High safety levels require bounds checking
            self.verify_bounds()?;
        }
        
        Ok(())
    }
}

Implementation Tasks

Prelude System Updates:

• wrt-foundation/src/prelude.rs: Add safety-level-based type selection
• wrt-runtime/src/prelude.rs: Enhance with compositional type aliases
• wrt-component/src/prelude.rs: Add multi-standard type support
• All other prelude files: Consistent safety-aware type selection

Type System Integration:

• Create safety-qualified memory providers
• Implement compositional type aliases for all four layers
• Add compile-time safety context selection
• Integrate with existing safety_system.rs infrastructure

Macro System:

• Enhance safety_alloc\! macro for layer-aware allocation
• Add safety verification macros
• Create compile-time feature validation macros
• Update existing macros to be safety-aware

Documentation:

• Document type selection patterns for each safety level
• Provide examples of compositional type usage
• Create migration guide from old patterns
• Document qualification constraints clearly

Testing Requirements

Compile-Time Testing:

# Test static allocation for highest safety levels
cargo check --features="iso-26262,asil-d" --no-default-features
cargo check --features="do-178c,dal-a" --no-default-features
cargo check --features="iec-61508,sil-4" --no-default-features

# Test bounded allocation for medium safety levels  
cargo check --features="iso-26262,asil-c" --no-default-features
cargo check --features="do-178c,dal-b" --no-default-features

# Test that std is only available for non-safety-critical
cargo check --features="iso-26262,qm,std-allocation"
\! cargo check --features="iso-26262,asil-d,std-allocation" # Should fail

Runtime Testing:

• Verify safety context selection works correctly
• Test type capacity limits are enforced
• Validate memory allocation patterns match safety levels
• Ensure no unsafe operations in safety-critical paths

Acceptance Criteria

• Type selection works based on safety levels, not just std/no_std
• Compositional type aliases work correctly across all four layers
• Integration with existing safety_system.rs is seamless
• No breaking changes to existing safe code patterns
• Clear documentation of type selection patterns
• Compile-time validation prevents unsafe feature combinations
• All safety levels have appropriate type constraints

Integration Notes

• Must preserve existing safe_managed_alloc\! functionality
• Should leverage existing safety_system.rs multi-standard support
• Type selection should be deterministic and predictable
• Documentation must clearly explain qualification implications