SafeTTy Systems™

At SafeTTy Systems, we help our customers to create software for products that are reliable, secure and safe, and in compliance (where required) with one or more international safety standards: IEC 61508, ISO 26262, DO-178C, IEC 62304, IEC 60730 …

We employ an industry-proven engineering process that integrates ‘Time-Triggered‘ (TT) software architectures with patented run-time monitoring techniques.

The designs that we work on are typically based on low-cost, off-the-shelf microcontrollers, provided by a range of different semiconductor manufacturers (we are not tied to any particular hardware platform).

We offer:

We also offer:

We are a UK company with a worldwide customer base.



The rise of the ‘TT Wrapper’ – An interview with Dr Michael J. Pont

Michael Pont, Founder and CEO at SafeTTy Systems, was interviewed recently by AutoSens.

During this interview, Michael discussed the changes in demand for TT systems; complexity management challenges, and insights from his book “The Engineering of Reliable Embedded Systems”.

You have been working in the field of time-triggered (TT) embedded systems for more than 25 years. How much of this work has been directly related to automotive?

I’ve supported the development of safety-related embedded systems in a range of sectors over the years, including industrial control, civilian aircraft, space and medical. I began my first major TT project in the automotive sector around 15 years ago. Since this time, I have seen two step-changes in demand for TT systems in this sector.

The first step-change came in the lead up to the publication of the first edition of the international standard ISO 26262 in 2011. At this time, many organisations realised that they needed to be able to provide evidence that the vehicles or automotive components that they were producing had been ‘designed for safety’. TT architectures provide a highly-effective way of achieving this.

The second step-change came in the last few years as people became interested in ADAS / AV designs. At this point, the complexity of automotive designs increased very significantly, and I saw further demand for cost-effective TT designs as a means of improving confidence in the safety of such systems.

The end result is that – at the present time – around 60% of my work is in the automotive sector.

What have you learnt in working in other areas of Embedded Systems that can be applied to automotive?

My main goal is to help organisations to produce systems where we can be confident about safety. The key thing that I have learned from different sectors – particularly the aerospace sector – is the importance of having what is sometimes called a ‘safety culture’ in any organisation that wishes to achieve this goal. For me, a safety culture relies on having good people throughout an organisation who are not afraid to question design decisions that – in their view – may have a negative impact on safety.

I think it’s important to add that this is no longer simply a question about the lessons that automotive organisations can learn from other sectors. The ADAS / AV designs that automotive organisations are currently involved with present safety challenges that are – in my view – greater than those faced in many aerospace designs. Over the next few years, I would expect to see experienced automotive designers providing advice in many other sectors.

You can read the full interview on the AutoSens website.



Latest ‘Level 1’ awards on the SafeTTy Certified™ programme in Mumbai

Microdevice Technologies operate as our Training Partner in Mumbai (India).

In 2017, Microdevice Technologies began working in collaboration with Sardar Patel Institute of Technology (SPIT) to deliver courses on ‘Time Triggered’ (TT) embedded systems in Mumbai as part of the SafeTTy Certified programme.

‘Level 1’ certificates were awarded to the latest cohort of students in September 2018.

The photograph shows the successful students, accompanied – on the right – by Dr Prachi Gharpure (Principal SPIT) and – on the left by Dr Surendra Rathod (Dean SPIT) and Govind Gaundalkar (from Microdevice Technologies, at the back).



The SafeTTy Certified programme is designed to help people obtain the skills needed to develop reliable, secure and safe embedded systems using ‘Time Triggered‘ (TT) software architectures – and provide evidence that they possess such skills.

The programme starts at “Level 1” (L1) and progresses to “Level 3” (L3).

In our view:

  • Level 1 represents the minimum qualification level that should be expected from an individual involved in the development of real-time embedded systems that are intended to be reliable, but where failure has no direct safety implications.
  • Level 2 represents the minimum qualification level that should be expected from an individual involved in the development of real-time embedded systems that may have some safety implications (for example, designs developed in compliance with IEC 61508 or in compliance with ISO 26262), and / or where system failure could prove very expensive (e.g. deep-sea products, satellite systems).
  • Level 3 represents an appropriate qualification level for an individual who is involved in the development of real-time embedded systems that are safety-critical in nature (for example, designs developed in compliance with IEC 61508 up to ‘SIL 3’ / ‘SIL 4’ or in compliance with ISO 26262 up to “ASIL D”, or in compliance with DO-178C up to “Level A”).


Learn more about the SafeTTy Certified programme …



Our popular ‘ERES2’ book is available as a paperback for just £45

Did you know that ‘The Engineering of Reliable Embedded Systems’ (ERES2) is available in a low-cost paperback format?

This popular book documents an industry-proven approach to the development of software for reliable, real-time embedded systems, based on the use of ‘Time Triggered’ (TT) architectures.

The case studies in ERES2 describe the development of software for the following products: [i] an industrial alarm sounder unit (IEC 61508, SIL 2); [ii] a domestic washing machine (IEC 60730, Class B); [iii] a hospital radiotherapy machine (IEC 60601-1; IEC 62304, Class C); [iv] a steering-column lock for a passenger car (ISO 26262, ASIL D); and [v] an aircraft jet engine (DO-178C, Level A).

You’ll find further information on the ERES2 page.


Our ‘ERES2’ book is accompanied by a growing suite of public ‘Time-Triggered Reference Designs‘ (TTRDs).

Used in conjunction with the book, these code examples are designed to illustrate ways in which TT software architectures can be used to support the development of a wide range of embedded systems for which safety is a key design consideration.

The latest suite of public TTRDs can be downloaded from our TTRD page.



– Learn more about our Company – Learn more about our Technology – Visit our News page – Read our Technical Blog

– Investigate our specialised Evaluation Hardware for safety-related systems –

– Learn about our Training Courses and the SafeTTy Certified™ programme –