SAFERTOS® provides Industrial developers with a responsive, deterministic embedded Real Time Operating System (RTOS) with a Design Assurance Pack that provides an easy route to achieving certification of SAFERTOS once integrated into an Industrial Safety Product.
By specifically supporting the needs of industrial device developers, SAFERTOS can greatly reduce program risks, lower development costs and shorten the time to market for industrial device products.

Common Industrial Applications Using SAFERTOS®
- Sensors
- Industrial Automation
- Drilling Equipment
- Oil and Gas valves
- Power Generation Applications
- Actuation Systems
- Industrial Control Systems
- Radiation Monitoring Equipment
- Battery Charging Devices
Pre-Certified to IEC 61508 SIL 3 by TÜV SÜD
SAFERTOS® is available pre-certified to IEC 61508-3 SIL-1,-3,-4 by TÜV SÜD. SIL 3 is the highest possible safety rating a software only component can achieve.
IEC 61508 is the international standard for electrical, electronic and programmable electronic safety related systems. It sets out the requirements for ensuring that systems are designed, implemented, operated and maintained to provide the required safety integrity level (SIL). Four SILs are defined according to the risks involved in the system application, with SIL4 being used to protect against the highest risks. The standard specifies a process that can be followed by all links in the supply chain so that information about the system can be communicated using common terminology and system parameters.
The standard is in eight parts:
- IECTR 61508-0, Functional safety and IEC 61508
- IEC 61508-1, General requirements
- IEC 61508-2, Requirements for E/E/PE safety-related systems
- IEC 61508-3, Software requirements
- IEC 61508-4, Definitions and abbreviations
- IEC 61508-5, Examples and methods for the determination of safety integrity levels
- IEC 61508-6, Guidelines on the application of IEC 61508-2 and IEC 61508-3
- IEC 61508-7, Overview of techniques and measures
Other standards are being produced for the application of the 61508 approach to particular sectors.Sector specific standards related to IEC 61508 include:
- IEC 61511 Process industries
- IEC 61513 Nuclear power plants
- IEC 62061 Machinery sector
- IEC 61800-5-2 Power drive systems.
We are proud to be members of The 61508 Association.
Design Assurance Pack (DAP)
The SAFERTOS® Design Assurance Pack contains the planning, design, and verification evidence which supports the certification of SAFERTOS. It is specific to the selected processor/compiler combination, which removes the need for expensive and prolonged retesting on the target hardware.
Certification of SAFERTOS integrated into an Industrial product is straightforward. WHIS supplies an easy to follow Safety Manual that clearly details how to install and integrate SAFERTOS into a safety critical development environment. Following the concise instructions preserves the verification and validation already performed by the WHIS Safety engineers.
- Deterministic, Responsive Embedded RTOS
- Contains all Planning, Design and Verification artefacts
- Specific to the selected Processor/Compiler combination
- Demonstrates the exceptional high quality of SAFERTOS
Popular SAFERTOS Industrial Platforms
- ST Microelectronics – STM32
- Texas Instruments – Hercules
- Texas Instruments – Tiva
- NXP – Kinetis
- NXP – i.MX
- NXP – MPC
- NXP – LPC
- Renesas – RX
- Xilinx – Zynq

Free Demos & Manuals
Download fully functional, time-limited SAFERTOS demos, plus manuals, datasheets, and more.
SAFERTOS in Multicore Industrial Solutions
SAFERTOS® enables dual and multicore/processor designers to create seamless, mixed safety criticality designs quickly and efficiently. Due to its small size and its safety critical credentials, SAFERTOS is ideally suited for use on the primary core. This allows the system to boot and configure itself securely before enabling other cores that could run non-critical applications such as Linux to implement web servers and WiFi connections.
In a multicore environment, SAFERTOS is typically used on cores implementing safety critical functionality, or on cores providing monitoring/verification of the primary function. Due to its high safety classification, SAFERTOS can safely be used on both primary and monitoring cores, removing the need to use differential software.
WHIS as your Trusted Partner for Software Development
WITTENSTEIN high integrity systems are first and foremost a safety systems company. For safety critical developments, WHIS uses an ISO 9001:2015 Quality Management System, certified by Lloyds Register LRQA UK (since 2007) as appropriate for:
“Design, development, installation and support of high integrity systems and software for medical, aviation and industrial applications.”
Lloyds Register LRQA UK
Beyond SAFERTOS for Industrial
- SAFERTOS CORE: for industrial applications that only need to consider safety and don’t require full certification.
- Safety Plugins: bring greater robustness to safety critical industrial designs. WHIS Safety components are available with a Design Assurance Pack supporting certification to industrial standards.
- Board Support Packages and Drivers: delivered either as commercial grade components, or with a Design Assurance Pack supporting industrial submissions and certifications.
- Training: maximise the use of your RTOS and increase development proficiency by attending one of our comprehensive training courses.
- Peer review services: sometimes just a few hours of consultancy to review a preliminary industrial design, and check the approach being taken is correct, can deliver significant benefits to the outcome of a project.
- Consultancy services: designed to support our industrial customers, allowing us to share our knowledge and experience of industrial device development to help optimise the final design, improve the design processes and smooth the route to device certification.