The Engineering of Reliable Embedded Systems’ (Ed. 2) by Michael J. Pont
‘The Engineering of Reliable Embedded Systems’ (ERES2), documents an industry-proven approach to the development of software for reliable, real-time embedded systems, based on the use of second-generation ‘Time Triggered’ (TT) architectures.
What distinguishes TT approaches is that it is possible to model the expected system behaviour precisely. This means that: [i] during the development process, we can demonstrate that all of the requirements have been met; and [ii] at run time, we can detect problems very quickly.
The end result is that we can have a high level of confidence that a TT system will either: [i] operate precisely as required; or [ii] move into an appropriate state if a problem occurs.
The above characteristics mean that appropriately-implemented TT systems provide a particularly effective means of meeting the requirements of various international safety standards, including IEC 61508, ISO 26262, IEC 62304, IEC 60730 and DO-178C.
In order to illustrate how the TT techniques presented in ERES2 can be employed in practical designs, five detailed case studies are included. These studies describe the development of embedded control and monitoring systems for the following devices:
- an industrial alarm sounder unit (IEC 61508, SIL 2);
- a domestic washing machine (IEC 60730, Class B);
- a hospital radiotherapy machine (IEC 60601-1; IEC 62304, Class C);
- a steering-column lock for a passenger car (ISO 26262, ASIL D);
- an aircraft jet engine (DO-178C, Level A).
Further information about ERES2 is provided on this page.
Further information about TT architectures
You will find further information about TT architectures on our Technology page.
[This page was last updated: 2023-01-06]
How to buy your copy of ERES2
- ERES2 is available in three editions (International ‘hardback’ and ‘paperback’ editions and an Indian ‘paperback’ edition).
- The book can be purchased on Amazon (and other online and physical bookshops) and direct from SafeTTy Systems.
Please scroll to the bottom of this page for purchase information.
Who should read this book?
ERES2 will be of particular value to people who need to develop software for industrial, automotive, medical or aerospace systems, or safety-related household goods.
The techniques presented in the book are intended to help developers achieve compliance with international standards such as IEC 61508, ISO 26262, ISO 13849, IEC 62304, DO-178C and IEC 60730.
The ERES2 sample chapters may help you to decide if use of TT techniques is likely to provide benefits to your team or organisation.
‘ERES2’ vs. ‘PTTES’?
Comments from Michael J. Pont (author of ‘PTTES‘ and ‘ERES2’).
“I wrote ‘PTTES’ over a 4-year period at the end of the 1990s.
“In the time between writing ‘PTTES’ and writing the first ‘ERES’ book, I had the opportunity to work for almost 20 years on many challenging projects, in a range of different sectors. In the process, I learned a great deal about the successful application of TT software architectures in practical systems. I have tried to capture what I learned in the ERES book series.
“Looking back, I now view the techniques described in ‘PTTES’ as being representative of ‘first generation’ TT systems. I think it is fair to say that the techniques described in ‘ERES2’ reflect a ‘second generation’ of these important software architectures.”
[Comments provided in May 2018.]
The Engineering of Reliable Embedded Systems (Second Edition)
Developing software for ‘SIL 0’ to ‘SIL 3’ designs using time-triggered architectures
by Michael J. Pont
ISBN: 978-0-9930355-3-1 (Hardback, International)
ISBN: 978-0-9930355-4-8 (Paperback, International)
ISBN: 978-0-9930355-5-5 (Paperback, India only)
PART ONE: INTRODUCTION
CHAPTER 1: Introduction
CHAPTER 2: A simple TTC scheduler
PART TWO: FOUNDATIONS OF RELIABLE TT SYSTEMS
CHAPTER 3: Polling and buffering
CHAPTER 4: Data storage and data transfers
CHAPTER 5: Interacting with peripherals
CHAPTER 6: Diverse Tasks
CHAPTER 7: Balanced Tasks
CHAPTER 8: Modes and states
CHAPTER 9: Multi-processor systems
CHAPTER 10: Working with third-party code libaries
PART THREE: MODELLING TTC DESIGNS
CHAPTER 11: Modelling with Tick Lists
CHAPTER 12: Modelling shared-clock systems
PART FOUR: MONITORING TTC DESIGNS
CHAPTER 13: Performing startup tests (POSTs)
CHAPTER 14: Checking the software configuration
CHAPTER 15: Performing periodic system tests (BISTs)
CHAPTER 16: Making effective use of an internal WDT
CHAPTER 17: Adding an eWDC unit
CHAPTER 18: Monitoring task execution times
CHAPTER 19: Monitoring task execution sequences
CHAPTER 20: Adding a WarranTTor unit
PART FIVE: CASE STUDIES
CHAPTER 21: Introduction to the case studies
CHAPTER 22: Industrial alarm system
Related standards: IEC 61508; IEC 61784-3.
CHAPTER 23: Domestic washing machine
Related standards: IEC 60335; IEC 60730.
CHAPTER 24: Radiotherapy machine
Related standards: IEC 60601-1; IEC 60601-2-1; IEC 62304; IEC 61508; EN / ISO 13845.
CHAPTER 25: Steering-column lock
Related standards: ISO 26262.
CHAPTER 26: Aircraft jet engine
Related standard: DO-178C.
PART SIX: CONCLUSIONS
CHAPTER 27: Bending the rules
CHAPTER 28: Conclusions
APPENDIX 1: Definitions
APPENDIX 2: Foundation platforms
APPENDIX 3: Recommended platforms
APPENDIX 4: Selecting MCUs for your platform
APPENDIX 5: The TT Framework SoRS
APPENDIX 6: Understanding the impact of jitter
APPENDIX 7: Generating timing data
APPENDIX 8: Generating a Tick List
APPENDIX 9: Supporting task pre-emption
APPENDIX 9: Creating deterministic TTH / TTP designs
APPENDIX 11: Unit tests and integration tests
APPENDIX 12: Conducting reviews
APPENDIX 13: Coding guidelines and related matters
Full list of references and related publications
Most of the code examples in ERES2 target microcontrollers (MCUs) from STMicroelectronics (STM32F0, STM32F4), NXP / Freescale (LPC17xx), Infineon (XMC4000), and Texas Instruments (TMS570).
For safety-related projects, we would aim to employ a processor with a ‘Safety Manual’ where this is possible. Such a manual is available for the majority of the processors that are employed in the book.
Where safety is not a direct concern, the techniques presented in ERES2 can be applied with virtually any MCU.
Download sample chapters
We have released the following sample material:
Full table of contents; Preface; CHAPTER 1: Introduction; CHAPTER 2: A simple TTC scheduler
This material is available as a single PDF file.
[Latest update to the sample chapters: 2017-05-16]
Download code examples (TTRDs)
‘ERES2’ is accompanied by a growing suite of public ‘Time-Triggered Reference Designs’ (TTRDs).
You can download the latest public TTRDs here.
Use of this code in commercial projects requires purchase of a ReliabiliTTy® Technology Licence.
Reviews of ‘ERES2’
We are aware of the following review of ‘ERES2’:
- Review by Pouya Neshagar.
If you are aware of any other reviews of this book (good or bad) please let us know and we will add links here. Thank you.
How to buy the ‘ERES2’ Hardback edition (International)
Pont, M.J. (2016) “The Engineering of Reliable Embedded Systems: Developing software for ‘SIL 0’ to ‘SIL 3’ designs using Time-Triggered architectures”, (Second Edition) SafeTTy Systems. ISBN: 978-0-9930355-3-1. £85.00.
First printing: November 2016 (‘Edition 2.0’)
Second printing (with corrections): December 2016 (‘Edition 2.1’)
Third printing (with corrections): April 2017 (‘Edition 2.2’)
Fourth printing (with corrections): May 2017 (‘Edition 2.3’).
The international hardback edition of ‘ERES2’ is available from Amazon.com and other online and physical bookshops.
How to buy the ‘ERES2’ Paperback edition (International)
Pont, M.J. (2017) “The Engineering of Reliable Embedded Systems: Developing software for ‘SIL 0’ to ‘SIL 3’ designs using Time-Triggered architectures”, (Second Edition) SafeTTy Systems. ISBN: 978-0-9930355-4-8.
First printing: May 2017 (‘Edition 2.3’).
The international paperback edition of ‘ERES2’ is currently available (only) from SafeTTy Systems.
This edition is primarily intended to allow our customers to distribute copies to members of their development teams.
We can supply bulk orders of this edition at low cost (e.g. 20 copies for £700 + delivery; 100 copies for £3000 + delivery).
Our minimum order quantity (MOQ) is 10 copies (for £400 + delivery).
Please contact us for further information.
How to buy the ‘ERES2’ Paperback edition (India only)
Pont, M.J. (2017) “The Engineering of Reliable Embedded Systems: Developing firmware in compliance with IEC 61508, ISO 26262 and related functional-safety standards using Time-Triggered architectures”, (Second Edition) SafeTTy Systems. ISBN: 978-0-9930355-5-5. Rps 525/-.
First printing in India: October 2017 (‘Edition 2.3’).
The Indian paperback edition of ‘ERES2’ is currently available (only) from Pothi.com at a cost of Rs 525 plus delivery.
The contents of the Indian edition are identical to the contents of the corresponding international editions.
Please contact us if you require further information about this book.