DF2: Mission-Critical Real-Time Systems

About this course

Engineer software that must be correct and on time: real-time scheduling, safety-critical design, fault tolerance, and the reliability and certification practices defense systems demand.

Course format. Thirteen weeks, four contact hours each: a two-hour lecture (concepts and theory) and a two-hour practice session. The course is project-based; teams carry one running project end to end and present it three times, in weeks 5, 8, and 13.

What you will build

Built a mission-critical real-time control system on FreeRTOS and an ARM Cortex-M target, implementing rate-monotonic scheduling with proven schedulability, priority-inheritance synchronization, triple-modular redundancy with voting, and a DO-178C-style requirements traceability and structural-coverage evidence package.

Expected outcomes

Model real-time tasks with periods, deadlines, and worst-case execution times
Apply rate-monotonic and earliest-deadline-first scheduling and prove schedulability
Perform response-time analysis and reason about worst-case execution time
Analyze and bound priority inversion and apply priority inheritance and ceiling protocols
Design fault-tolerant systems using redundancy, voting, and error detection
Quantify reliability, availability, and safety with dependability models
Build hard real-time software on a real-time operating system
Map software development to certification objectives such as DO-178C
Evaluate a design against safety requirements with hazard and failure analysis
Design and defend a complete mission-critical real-time system as a team project

Key topics

Real-time scheduling
Safety-critical software
Fault tolerance & reliability
Certification standards

Theoretical foundations

The concepts and results this course rests on.

the periodic task model with periods, deadlines, and worst-case execution times
rate-monotonic optimality and the Liu and Layland utilization bound
exact response-time analysis and the schedulability test
priority inversion and the priority inheritance and ceiling protocols
the dependability taxonomy of faults, errors, and failures
redundancy, voting, and the Byzantine agreement problem
reliability and safety modeling with fault trees and FMEA

Prerequisites

This is a Year-3 course. It assumes the mandatory CS core: data structures and algorithms, operating systems, computer networks, databases, software engineering, and the core mathematics (linear algebra, probability and statistics, calculus, discrete mathematics). It additionally requires the specific prior courses listed below.

Course-specific prerequisites:

Operating systems
Embedded or systems programming
Software engineering

Weekly schedule 13 weeks · lecture + practice

Foundations

Wk 1

Real-time systems and timing

LectureWhat makes a system real-time: hard versus soft deadlines, the task model with periods and deadlines, and why timing correctness is a functional requirement.

PracticeSet up the RTOS toolchain and run periodic tasks, measuring their timing on target hardware.

ProjectRepository, target platform, and periodic tasks with measured timing.

WatchNPTEL real-time systems, lecture 1: introduction (Rajib Mall) · NPTEL real-time systems, lecture 2: system characteristics

Scheduling

Wk 2

Fixed-priority scheduling

LectureRate-monotonic scheduling and the Liu and Layland utilization bound, optimality of rate-monotonic priority assignment, and the periodic task model.

PracticeAssign rate-monotonic priorities to a task set and verify schedulability against the bound.

ProjectRate-monotonic task set running on the RTOS.

WatchNPTEL real-time systems, lecture 6: task scheduling basics · NPTEL real-time systems, lecture 9: rate monotonic scheduler

Wk 3

Response-time analysis and EDF

LectureExact response-time analysis from Audsley and colleagues, earliest-deadline-first dynamic scheduling, and the comparison of fixed and dynamic priority.

PracticeCompute worst-case response times for the task set and compare a fixed-priority and an EDF schedule.

ProjectSchedulability analysis report for the project task set.

WatchNPTEL real-time systems, lecture 8: event-driven scheduling, EDF · NPTEL real-time systems, lecture 11: deadline monotonic scheduling

Wk 4

Resource sharing and priority inversion

LecturePriority inversion, the priority inheritance and priority ceiling protocols of Sha, Rajkumar, and Lehoczky, and bounding blocking time.

PracticeReproduce a priority inversion, then apply priority inheritance and measure the bounded blocking.

ProjectSynchronization with bounded blocking in the system.

WatchNPTEL real-time systems, lecture 13: resource sharing · NPTEL real-time systems, lecture 14: priority ceiling protocols · NPTEL real-time systems, lecture 15: priority ceiling analysis

Milestone

Wk 5

Specification presentationPresentation

LectureScoping a safety-critical project: the task model, timing requirements, safety requirements, and certification target. Rubric for the specification defense.

PracticeSTUDENT PRESENTATION milestone, specification. Teams present their system concept, the task and timing model, identified hazards and safety requirements, the target certification objectives, and a milestone plan.

ProjectApproved specification with a requirements and timing model.

Timing

Wk 6

Worst-case execution time

LectureWCET analysis, the challenge of caches and pipelines, static versus measurement-based estimation, and why timing predictability matters for safety.

PracticeEstimate WCET for critical tasks with measurement and static analysis and bound the timing.

ProjectWCET bounds feeding the schedulability argument.

WatchReal-time analysis and worst-case execution time

Fault tolerance

Wk 7

Redundancy and fault tolerance

LectureFault, error, and failure from the Avizienis dependability taxonomy, redundancy, N-version programming, and triple modular redundancy with voting.

PracticeAdd redundancy and a voter to a critical function and inject faults to test recovery.

ProjectFault-tolerant critical path in the system.

WatchTriple modular redundancy and hardware reliability

Milestone

Wk 8

Interim demo presentationPresentation

LectureDemonstrating a safety slice: a scheduled, fault-tolerant build meeting deadlines under load.

PracticeSTUDENT PRESENTATION milestone, interim demo. Teams demo the scheduled system meeting its deadlines on target, show timing and overload behavior, and demonstrate fault detection and recovery.

ProjectScheduled, fault-tolerant build meeting deadlines.

Dependability

Wk 9

Reliability and safety modeling

LectureReliability, availability, MTBF, fault trees, failure modes and effects analysis, and quantifying safety integrity.

PracticeBuild a fault tree and an FMEA for the system and compute a reliability estimate.

ProjectReliability and hazard analysis for the design.

WatchFMEA and fault tree analysis (Swansea University)

Distributed

Wk 10

Distributed fault tolerance and consensus

LectureByzantine faults and the Byzantine generals problem of Lamport, agreement under failure, and time-triggered communication for deterministic distributed systems.

PracticeImplement a fault-tolerant agreement or a time-triggered message schedule across nodes.

ProjectRobust distributed coordination in the system.

WatchThe Byzantine generals problem (Martin Kleppmann, Cambridge) · NPTEL real-time systems, lecture 20: clock synchronization with Byzantine clocks

Certification

Wk 11

Safety standards and DO-178C

LectureThe certification landscape, DO-178C software levels and objectives, requirements-based testing, structural coverage, and traceability.

PracticeBuild a requirements-to-test traceability matrix and measure structural coverage on critical code.

ProjectCertification evidence package taking shape.

WatchDO-178C and ED-12C for beginners: the practicalities of compliance

Integration

Wk 12

Verification and the safety case

LectureVerification strategy, the assurance argument and safety case, configuration management, and tool qualification for certified workflows.

PracticeAssemble the safety case and complete verification against the requirements and timing budget.

ProjectVerified system with a safety case ready for the final defense.

WatchVisualizing safety cases: Tim Kelly on goal structuring notation

Milestone

Wk 13

Final demo and oral defensePresentation

LectureCourse synthesis: from rate-monotonic scheduling to a verified, certifiable safety-critical system and the dependability tradeoffs that defined it.

PracticeSTUDENT PRESENTATION milestone, final demo with oral defense. Teams present the finished system meeting its deadlines on target, walk through scheduling, fault tolerance, and certification evidence, and answer technical questions.

ProjectFinal mission-critical real-time system with certification evidence.

AI tools in this course.

Students use AI assistants and vibe-coding to write and refactor RTOS task code for FreeRTOS or Zephyr, generate scheduling and synchronization scaffolding, and translate response-time and utilization analysis into checkable code. They interact with toolchains and analyzers through assistants and MCP servers that expose the build, the target board, schedulability tools, and coverage tools, asking the model to set up a task set or instrument timing measurements. AI generates requirements-based tests, fault-injection scenarios, and traceability scaffolding for a DO-178C-style evidence package, and helps analyze structural coverage and timing results. Because the code is safety-critical, students rigorously review and independently verify every AI suggestion against timing budgets, schedulability proofs, and the safety requirements.

Student project

Each team builds one mission-critical real-time control or monitoring system across the term on a real-time operating system and target hardware. The project grows weekly from periodic scheduled tasks to a fault-tolerant system with proven schedulability, bounded blocking, reliability analysis, and a DO-178C-style traceability and verification evidence package. The same artifact is presented at the specification, interim, and final milestones.

Requirements

Build a working system, not a set of disconnected exercises.
Be original: a new system that solves a real problem, not a re-implementation of a tutorial or course demo.
Show real depth: real data, real users or realistic load, and engineering trade-offs that are measured rather than assumed.
Carry one running project from specification to a deployed, defensible result across the whole term.
Work in a team of three or four and defend the design at each of the three presentations (weeks 5, 8, and 13).

Example projects

Flight-control loop for a small fixed-wing UAVEngine or motor controller with redundant sensingRailway signaling interlock prototypeMedical infusion-pump controllerTriple-redundant attitude estimation nodeAutomotive brake-by-wire control loopTime-triggered distributed sensor network

Assessment & grading

Grading is project-based, with no written exam. Teams of three or four present one running project three times.

Component	What it covers	Weight
Project · Specification	Presentation 1 (week 5): problem, objectives, and architecture	20%
Project · Interim	Presentation 2 (week 8): the working system demonstrated live	30%
Project · Final	Presentation 3 (week 13): end-to-end demo with oral defense	50%

Tools & platforms

FreeRTOS: open-source real-time kernel for embedded targets
Zephyr RTOS: scalable real-time OS for embedded systems
Ada and SPARK: language and toolset for high-integrity software
Cheddar: open-source real-time scheduling analysis tool
STM32 or similar ARM Cortex-M target board
GNAT and the Ada toolchain for certified development
AbsInt aiT: static worst-case execution time analysis
LDRA or VectorCAST: structural coverage and unit testing for DO-178C
GoogleTest: unit testing of critical components
Git and a configuration-management workflow for traceability
Logic analyzer and oscilloscope for timing measurement
Wireshark with time-triggered protocols for network analysis

Free online courses

Existing free, video-based courses this course can build on, for self-study or as a teaching basis.

UniversityReal-Time Systems (IIT Kharagpur)
NPTEL course, Prof. Rajib Mall, full video lectures.

Primary literature

Seminal works to read for graduate-level depth.

PaperScheduling Algorithms for Multiprogramming in a Hard-Real-Time Environment
C. L. Liu and James W. Layland, 1973
PaperPriority Inheritance Protocols: An Approach to Real-Time Synchronization
Lui Sha, Ragunathan Rajkumar, and John P. Lehoczky, 1990
PaperThe Byzantine Generals Problem
Leslie Lamport, Robert Shostak, and Marshall Pease, 1982
PaperBasic Concepts and Taxonomy of Dependable and Secure Computing
Algirdas Avizienis, Jean-Claude Laprie, Brian Randell, and Carl Landwehr, 2004
PaperApplying New Scheduling Theory to Static Priority Pre-emptive Scheduling
Neil Audsley, Alan Burns, Mike Richardson, Ken Tindell, and Andy Wellings, 1993

References

Books and resources link to an online or publisher page.

TextbookReal-Time Systems and Programming Languages, 4th Edition
Alan Burns and Andy Wellings, 2009
TextbookHard Real-Time Computing Systems, 3rd Edition
Giorgio C. Buttazzo, 2011
DocumentationDO-178C Software Considerations in Airborne Systems and Equipment Certification
RTCA SC-205, 2011, Civil avionics software certification standard
DocumentationFreeRTOS Documentation
Amazon Web Services and the FreeRTOS project, 2025
DocumentationARINC 653 Part 1 Required Services
SAE ITC AEEC, 2019, Avionics application software partitioning standard
TextbookSafety-Critical Computer Systems
Neil Storey, 1996, ISBN 9780201427875
DocumentationZephyr Project Documentation
Zephyr Project, 2025

Role in each concentration

Concentration	Role
Intelligent Software Systems	Elective
Networking & Cyber Security	Elective
AI & Robotics	Elective
AI and Quantum Computing for Finance	Elective
Immersive Systems & Game Development	Elective
Defense Technologies & Autonomous Systems	Core · Semester 2

← DF1 · Sensor Fusion & Signal Processing