FuSa Run-Time System

Run-Time System for Functional Safety

Arm FuSa RTS is a set of embedded software components qualified for use in the most safety-critical applications in automotive, medical and industrial systems.

FuSa RTS provides a reliable, secure, and highly optimized software platform that enables engineers to shift their efforts from low-level software layers onto the value-add application code.

FuSa RTS components, Arm Safety Compiler and Arm Keil MDK tools natively work together and significantly simplify system design, development, validation and certification processes for safety applications.

Request more info

Supported safety standards

Arm FuSa RTS is certified for the following safety standards:

Automotive: ISO26262, ASIL D
Industrial: IEC61508, SIL 3
Railway: EN50128, SIL 4
Medical: IEC62304, Class C

FuSa RTS safety compliance is confirmed by the TÜV Süd Certificate.

FuSa RTS Components

Arm FuSa RTS package contains components as outlined by the red dotted line on the figure below:

FuSa RTX RTOS: deterministic real-time operating system

FuSa Event Recorder: functionality to easily record events and collect execution statistics.

FuSa CMSIS-Core: vendor-independent software interface to the processor resources.

FuSa C library: a subset of the C library functions verified for safety-critical applications.

Safety Package: documentation set explaining the usage of FuSa RTS in safety context.

Process Isolation

FuSa RTS contains protection mechanisms that control access to system resources (such as memory, peripherals, processor execution time). These process isolation capabilities allow to avoid undesired interferences between software elements of different safety integrity levels and so build mixed-criticality systems on a single-core microcontroller.

FuSa RTS Process isolation is achieved with the following features:

Spatial isolation is enforced by MPU Protected Zones that use processor's Memory Protection Unit (MPU) to shield access to memory and peripherals. Access to RTOS objects and Kernel operations is additionally controlled with assigned Safety Classes.

Temporal isolation is enabled with Thread Watchdogs mechanism that controls the timing constraints in the system.

Controlled system recovery provides user with control over system operation in case of failures and so allows to block execution of non-safety components or proceed to a safety state.

Traffic Light example

Example project TrafficLight demonstrates how to use the process isolation capabilities present in FuSa RTS.

It supports real hardware targets but explains universal principles and many implementation details can be similarly applied to any Cortex-M devices with a Memory Protection Unit (MPU) present.

Application Note KAN336 describes the project in details, and the overview video demonstrates the program in action.

Related tools from Arm

Arm equips software engineers with professional tools that support safety development process and simplify creation, analysis and verification of complex embedded applications in safety context.

Arm Keil MDK

FuSa RTS is developed and verified using Arm Keil MDK and natively integrates with it.

MDK-Professional edition contains the µVision IDE and debugger with built-in tools for code coverage tests and execution profiling. It also provides access to the safety Arm C/C++ compiler used for FuSa RTS validation.

Keil MDK enables static code analysis and MISRA compliance checking via integration with third-party verification tools.

Learn more about MDK safety aspects

Safety-qualified Arm C/C++ compiler

FuSa RTS has been validated with safety-qualified Arm C/C++ compiler that for many years have been used in safety-related applications across a wide range of verticals, including automotive, medical, industrial, avionics and railway.

MDK-Professional edition provides access to the Arm compiler safety package without additional costs.

More about Arm C/C++ Compiler for functional safety

Run-Time System for Functional Safety

Resources

Application notes

Webinars