On this page we provide information about SafeTTy Systems (and the team behind it).
The page is arranged as a series of ‘FAQs’.
Our company name is pronounced “Safety Systems”.
[This page was last updated: 2018-03-06]
What’s different about SafeTTy Systems?
The problem (as we see it)
At SafeTTy Systems, we believe that many software designs that are currently employed in safety-related systems – such as those intended to meet ISO 26262, IEC 61508 and related international standards – are unnecessarily complicated.
In our view, the resulting design complexity means that it is often very difficult to be confident about system safety.
For example, we have encountered several organisations where staff (in positions of responsibility) appear to hold the view that the following relationship is always true: “Qualified Hardware” + “Qualified RTOS” = “Safe Embedded System“.
In such organisations, we tend to find that development teams are attempting to create safety-critical embedded systems by ‘bolting together’ qualified software and hardware components (often provided by different manufacturers) without fully understanding either the ‘gaps’ between the components or the potential failure modes of the system that they are assembling.
This is always a concern.
Prof. Tony Hoare expressed the underlying challenge very succinctly several years ago: “There are two ways of constructing a software design: one way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies.”
In our view, many (but not all) RTOS-based designs fall into the “no obvious deficiencies” category.
At SafeTTy Systems:
- we specialise in the engineering of very simple software designs for safety-related embedded systems (without using an RTOS);
- keeping the designs simple allows us to model them precisely (at design time) and monitor them closely (at run time);
- we achieve this goal using ‘Time Triggered‘ (TT) software architectures.
Our solution in practice
Sometimes we apply our approach by building a complete ‘TT System’.
Here are some examples of TT Systems:
- ‘Steering-Column Lock Controller’ for a high-volume passenger car (ISO 26262, ‘ASIL D’)
- Industrial monitoring system (IEC 61508, ‘SIL 2’)
- Controller for an industrial robot (IEC 61508, ‘SIL 3’)
- Determining that a machinery-operator is ‘in place’ (ISO 13849, ‘PL e’)
- Controller for a domestic washing machine (IEC 60730 / IEC 60335, ‘Class B’)
- Developing high-reliability space-based systems (ECSS-E-ST-40C, ECSS-Q-ST-80C)
In other cases, we build a ‘TT Wrapper’: this is a monitoring unit that is used to improve confidence in the safe operation of a (pre-existing) complex component or system.
Here are some examples of TT Wrappers:
- Controller for an autonomous road vehicle (ISO 26262, ‘ASIL D’)
- Dealing with ‘SOUP’ in a medical infusion pump (IEC 62304, ‘Class C’)
- Using TT Wrappers in civilian aircraft systems (DO-178C / DO-254)
A semi-formal method
In our experience, most safety-related projects are documentated using: [i] software requirements represented in English (or French, German, Spanish …); [ii] some form of graphical representation (e.g. UML) to represent part of the software architecture / design; [iii] source code (with comments in an appropriate language).
Formal methods for software development employ mathematical-based notations and tools at some or all of the above stages. For example, requirements may be recorded in ‘Z notation‘.
The TT development process that we follow is ‘semi-formal’: it lies between the ‘traditional’ and ‘formal’ development methods. In our designs, we record requirements in English, but represent the design more formally using a ‘Tick List’ (and make use of this Tick List extensively during the development process and at run time).
In our view, the TT development process that we follow is appropriate for use in designs up to ‘SIL 4’ (IEC 61508 or EN 50128), ‘DAL A’ (in DO-178C) or ‘ASIL E’ (when this level is eventually introduced in a future version of ‘ISO 26262’ …). However – if it is felt to be necessary for a given project – our development process can be integrated with a mathematical notation (for example, key system tasks can be specified using Z).
Who’s behind SafeTTy Systems – and where did the company come from?
The team at SafeTTy Systems is led by Dr Michael J. Pont CEng.
Michael was awarded a BSc degree (in Electronics and Electrical Engineering) by the University of Glasgow (UK) and a PhD (in Computer Science) by the University of Southampton (UK). He is the author of several successful books and more than 100 technical papers: he is named inventor / co-inventor on a number of patents and patent applications.
Michael has been working in the field of time-triggered (TT) embedded systems for more than 20 years. He has helped numerous companies to create successful TT designs. Many of these designs have been produced in compliance with international safety standards and guidelines (including IEC 61508, ISO 26262 and DO-178).
Michael began this work on TT systems in the academic sector, latterly as Professor of Embedded Systems Engineering at the University of Leicester (UK). In Leicester, Michael established the Embedded Systems Laboratory, invented the PTTES “pattern language”, and led teams that developed the “NISA” safety agent, and the first single- & multi-core processors that were designed specifically to run TT software. During his time with the University of Leicester, Michael supervised more than 20 successful PhD projects.
In order to commercialise some of the above technology, Michael founded and served as CEO of the University of Leicester “spin out” company TTE Systems Ltd. “TTE” made its first sales in 2008 and – by 2012 – had reached a “break even” position, with an annual turnover of some £800k. The company achieved this through the efforts of an exceptional team and by working with a number of key UK and international companies.
At the end of 2013, Michael left the university sector, assembled a small (but highly experienced) team and founded SafeTTy Systems. “SafeTTy” subsequently acquired the IP owned by TTE.
Michael currently serves as Executive Director of SafeTTy Systems Ltd (January 2014 – date).
What are your plans for the company?
We are now in the second phase of our “Development and Growth Plan” (DAGP) for SafeTTy Systems: this runs until 2019.
2018 is set to be a very busy year with some major developments planned: further information will be available shortly.
During the course of 2017 we signed our first ReliabiliTTy® Technology licence for the space sector. We had our first US patent granted. We began work with AESIN and BSI on a new set of safety guidelines for the assessment of control systems used in autonomous vehicles (SAE Level 4 / Level 5): further information will be released about this project shortly. We expanded our training activities in India. We launched an online version of our popular TTb training course. We published two paperback editions of ‘ERES2‘ (one international edition and one Indian edition). We launched our first DuplicaTTor® Evaluation Board. We undertook a number of new customer engagements.
During 2016, we had our first two patents granted. We signed our first licence agreement for ReliabiliTTy® Technology. We ran our first stand at Embedded World. We published ‘ERES2‘. We signed a partnership agreement with Microdevice Technologies in order to support our customers in India. We undertook a number of new customer engagements.
In 2015, we focussed on a number of new customer engagements.
We launched SafeTTy Systems in 2014. During this year, we developed some new technology and filed the related patents. We also launched the SafeTTy Certified™ programme, created some new training courses and published our first book.
Are you seeking investment?
Our plan is to continue to grow the company organically (through sales). This approach is working well and we are not – therefore – seeking investment at this time.
What is your exit strategy?
We are a small company with some great technology. We expect to be acquired by a larger organisation (when we are ready).
What technology do you own?
We have developed technology that is licensed to customers through our ReliabiliTTy® programme.
This technology includes the following patents:
- Pont, M.J. (2017) “A framework as well as method for developing time-triggered computer systems with multiple system modes”, SafeTTy Systems Ltd, US Patent No. 9,830,211.
- Pont, M.J. (2016) “A framework as well as method for developing time-triggered computer systems with multiple system modes”, SafeTTy Systems Ltd, GB2526083.
- Pont, M.J. (2016) “A monitoring unit as well as method for predicting abnormal operation of time-triggered computer systems”, SafeTTy Systems Ltd, GB2526082.
Related international patents have been applied for.
What trademarks do you own?
AcquisiTTor, ConnecTTor, CorrelaTTor, DecomposiTTor, DisrupTTor, DuplicaTTor, EncapsulaTTor, MoniTTor, PredicTTor, RapidiTTy, ReliabiliTTy, SafeTTy, SafeTTy Certified, SafeTTy Systems, TriplicaTTor, TTE and WarranTTor are registered trademarks or trademarks of SafeTTy Systems Ltd in the UK and other countries.
All other tradmarks and registered trademarks mentioned on this WWW site are acknowledged.
Who are your partners?
We work with Microdevice Technologies to deliver TT training in India. Through Microdevice we are establishing links with a growing number of companies and educational establishments in India.
We work with Attila Gönczi to deliver hardware designs.
We are a member of the NMI (TechWorks) and a member of AESIN.
We are a member of the Safety Critical Systems Club (SCSC).
We are an ARM® Partner.
We are a member of the AdaCore® Tool Partners programme.
We are always happy to consider new partnership opportunities: please contact us if this is of interest.
Do you have any staff vacancies?
Please see our vacancies page for information.
What is your Company Number?
SafeTTy Systems Ltd has Company Number 08718423.
What is your VAT Registration Number?
SafeTTy Systems Ltd has VAT Registration Number GB 171 7482 94.
Where is your Registered Office?
SafeTTy Systems Ltd, Registered Office, 15 Nether End, Great Dalby, Leicestershire, UK, LE14 2EY.
Where do the images on your website come from?
Some of the images on our website are used under licence from iStockphoto and Dreamstime.
Other images were created by SafeTTy Systems Ltd.