SafeTTy Systems™

At SafeTTy Systems, we help our customers to create software for products that are reliable, secure and safe, and in compliance (where required) with one or more international safety standards: IEC 61508, ISO 26262, DO-178C, IEC 62304, IEC 60730 …

We employ an industry-proven engineering process that integrates ‘Time-Triggered‘ (TT) software architectures with patented run-time monitoring techniques.

The designs that we work on are typically based on low-cost, off-the-shelf microcontrollers, provided by a range of different semiconductor manufacturers (we are not tied to any particular hardware platform).

We offer:

We also offer:

We are a UK company with a worldwide customer base.



Latest awards on the SafeTTy Certified™ programme in Mumbai (India)

Microdevice Technologies operate as our Training Partner in Mumbai (India).

In 2017, Microdevice Technologies began working in collaboration with Sardar Patel Institute of Technology (SPIT) to deliver courses on ‘Time Triggered’ (TT) embedded systems in Mumbai as part of the SafeTTy Certified programme.

‘Level 1’ certificates were awarded to the latest cohort of students in September 2018.

The photograph shows the successful students, accompanied – on the right – by Dr Prachi Gharpure (Principal SPIT) and – on the left by Dr Surendra Rathod (Dean SPIT) and Govind Gaundalkar (from Microdevice Technologies, at the back).




The rise of the ‘TT Wrapper’ – An interview with Dr Michael J. Pont

Michael Pont, Founder and CEO at SafeTTy Systems, was interviewed recently by AutoSens.

During this interview, Michael discussed the changes in demand for TT systems; complexity management challenges, and insights from his book “The Engineering of Reliable Embedded Systems”.

You have been working in the field of time-triggered (TT) embedded systems for more than 25 years. How much of this work has been directly related to automotive?

I’ve supported the development of safety-related embedded systems in a range of sectors over the years, including industrial control, civilian aircraft, space and medical. I began my first major TT project in the automotive sector around 15 years ago. Since this time, I have seen two step-changes in demand for TT systems in this sector.

The first step-change came in the lead up to the publication of the first edition of the international standard ISO 26262 in 2011. At this time, many organisations realised that they needed to be able to provide evidence that the vehicles or automotive components that they were producing had been ‘designed for safety’. TT architectures provide a highly-effective way of achieving this.

The second step-change came in the last few years as people became interested in ADAS / AV designs. At this point, the complexity of automotive designs increased very significantly, and I saw further demand for cost-effective TT designs as a means of improving confidence in the safety of such systems.

The end result is that – at the present time – around 60% of my work is in the automotive sector.

What have you learnt in working in other areas of Embedded Systems that can be applied to automotive?

My main goal is to help organisations to produce systems where we can be confident about safety. The key thing that I have learned from different sectors – particularly the aerospace sector – is the importance of having what is sometimes called a ‘safety culture’ in any organisation that wishes to achieve this goal. For me, a safety culture relies on having good people throughout an organisation who are not afraid to question design decisions that – in their view – may have a negative impact on safety.

I think it’s important to add that this is no longer simply a question about the lessons that automotive organisations can learn from other sectors. The ADAS / AV designs that automotive organisations are currently involved with present safety challenges that are – in my view – greater than those faced in many aerospace designs. Over the next few years, I would expect to see experienced automotive designers providing advice in many other sectors.

You can read the full interview on the AutoSens website.



SafeTTy Outsource™ Service

We offer a SafeTTy Outsource™ service, where we develop some or all of the software needed for our customer’s product.

This service is primarily intended to support software development in compliance with international standards and guidelines, such as:

  • Automotive: ISO 26262 (to ‘ASIL D’);
  • Industrial / Machinery: IEC 61508 (to ‘SIL 3’) and / or ISO 13849 (‘PL e’);
  • Medical: IEC 62304 (to ‘Class C’);
  • Household goods: IEC 60730 (‘Class C’).

Where required, we can provide both full source code and all of the documentation – software requirements, software architecture, test & verification plan … – needed to support a third-party assessment of the software (e.g. to make your product ‘SIL 3’ or ‘ASIL D’ compliant).

Learn more about the SafeTTy Outsource service …



Our popular ‘ERES2’ book is available as a paperback for just £45

Did you know that ‘The Engineering of Reliable Embedded Systems’ (ERES2) is available in a low-cost paperback format?

This popular book documents an industry-proven approach to the development of software for reliable, real-time embedded systems, based on the use of ‘Time Triggered’ (TT) architectures.

The case studies in ERES2 describe the development of software for the following products: [i] an industrial alarm sounder unit (IEC 61508, SIL 2); [ii] a domestic washing machine (IEC 60730, Class B); [iii] a hospital radiotherapy machine (IEC 60601-1; IEC 62304, Class C); [iv] a steering-column lock for a passenger car (ISO 26262, ASIL D); and [v] an aircraft jet engine (DO-178C, Level A).

You’ll find further information on the ERES2 page.


Our ‘ERES2’ book is accompanied by a growing suite of public ‘Time-Triggered Reference Designs‘ (TTRDs).

Used in conjunction with the book, these code examples are designed to illustrate ways in which TT software architectures can be used to support the development of a wide range of embedded systems for which safety is a key design consideration.

The latest suite of public TTRDs can be downloaded from our TTRD page.



Taster Days

Our popular Taster Day programme is delivered on your company site.

Taster Days have been designed:

  • to explain how state-of-the-art TT architectures can support the engineering of embedded systems that are reliable, secure and safe; and,
  • to allow you to determine the level of benefit that use of such a TT architecture in your next project may offer for your organisation.

Following your Taster Day:

  • you are under no obligation to make further purchases from SafeTTy Systems;
  • where required, we can support your team as they create their first successful TT design by means of a fully-customised SafeTTy Solutions™ package;

Learn more about Taster Days …



ReliabiliTTy® Technology Evaluation Licence

Our ReliabiliTTy Technology Evaluation Licence (RTEL) packages provide a cost-effective and time-efficient way of exploring the benefits that our state-of-the-art TT technology can provide for your business.

RTEL packages:

  • include 2 days of one-to-one design support, helping to ensure that your team can develop their first TT prototype successfully, at minimal cost;
  • may also include our popular TTb Training Course (delivered on your company site);
  • provide an excellent foundation for a SafeTTy Solutions™ package.

Learn more about RTEL packages …



The SafeTTy Certified™ Programme

The internationally-recognised SafeTTy Certified programme is designed to help people obtain the skills needed to develop reliable, secure and safe embedded systems using ‘Time Triggered‘ (TT) software architectures – and provide evidence that they possess such skills.

The programme starts at “Level 1” (L1) and progresses to “Level 3” (L3).

In our view:

  • Level 1 represents the minimum qualification level that should be expected from an individual involved in the development of real-time embedded systems that are intended to be reliable, but where failure has no direct safety implications.
  • Level 2 represents the minimum qualification level that should be expected from an individual involved in the development of real-time embedded systems that may have some safety implications (for example, designs developed in compliance with IEC 61508 or in compliance with ISO 26262), and / or where system failure could prove very expensive (e.g. deep-sea products, satellite systems).
  • Level 3 represents an appropriate qualification level for an individual who is involved in the development of real-time embedded systems that are safety-critical in nature (for example, designs developed in compliance with IEC 61508 up to ‘SIL 3’ / ‘SIL 4’ or in compliance with ISO 26262 up to “ASIL D”, or in compliance with DO-178C up to “Level A”).


Please note that:

  • For more experienced developers, we offer the option of Direct Entry to L2 courses: this means that it is not necessary to complete L1 of this programme before attempting the intermediate-level training and examination.
  • All three levels can be taken online: this option is particularly popular where a single developer in an organisation wishes to complete the programme.

Learn more about the SafeTTy Certified programme …



– Learn more about our Company – Learn more about our Technology – Visit our News page – Read our Technical Blog

– Investigate our specialised Evaluation Hardware for safety-related systems –

– Learn about our Training Courses and the SafeTTy Certified™ programme –