Model-based development of embedded systems


AutoFOCUS3 is a model-based tool and research platform for safety-critical embedded systems. It builds on a generic Eclipse-based tooling framework, is open source (Apache 2.0 license), and is released biannually for the Windows, Linux, and macOS 64-bit platforms.

AutoFOCUS3 supports the design, development and validation of safety-critical embedded systems in many development phases, including architecture design, implementation, hardware/software integration, and safety argumentation based on formal models from the following viewpoints:

  • Requirements
  • Logical architecture and behaviour
  • Technical (hardware and software) architecture
  • Deployment (software/hardware mapping, scheduling
  • Safety argumentation

Advanced features enable to explore design and implementation alternatives (e.g., safety patterns, task allocation, partition/compartment architectures) based on state-of-the art formal methods and solvers (e.g., Z3 solver), and to validate early designs by means of functional simulation and co-simulation (via FMI). The automatic artefact synthesis capabilities of the tool enable rapid development (e.g., code and configuration generation, scheduling synthesis). Modular assurance cases encoded in the goal-structuring notation (GSN) enable users to document the dependability of a system by bringing in information about its environment and the development context. They provide a structured argument that establishes a systematic relationship between a dependability goal and its evidence (e.g., validation artefact).

Software Downloads

System requirements: Windows, Linux, or macOS with Java Runtime Environment (JRE) 11 (64 bit). Current macOS versions require manual steps during installation (see FAQ).

Current release 2.17

Release Notes

WIN 64Linux 64Mac 64


Nightly Build

WIN 64Linux 64Mac 64



  • Delivering a model-based tool and research platform for the design, development and validation of safety-critical embedded systems
  • Providing a high quality and extensible open source framework for rapid tool prototyping (see, e.g., SmartF-IT)
  • Serving as incubator for advanced systems engineering methods
  • Closing the gap between academia and industry by mutual transfer of novel approaches and practical use cases and requirements

Research contribution

The tool is a research platform to investigate novel model-based systems and software engineering techniques in the following fields:

  • How to build tools that combine the expertise of engineers with the power of state-of-the art formal methods?
  • Definition of correct-by-construction computer aided design approaches to optimize hardware/software architectures that satisfy industrial constraints (e.g., safety, reliability, real-time, etc.).
  • How to enable the use of the most efficient solver or a combination of solvers (e.g., SMT, MOEA) for model-based design-space exploration techniques that scale in realistic use cases?
  • How to enable the efficient construction and maintenance of large dependability arguments for systems in open contexts with the help of modular assurance cases?
  • How to use model-based engineering to support safety/security trade-off analyses by synthesizing and analysing attack-defence trees for a given safety argumentation?

Application in demonstrators


In the fortissimo-demonstrator, we show how to develop software and system architectures for autonomous vehicles using a model-based approach.

 Johannes Eder

Your contact

Johannes Eder

+49 89 3603522 558

More informationen


[Translate to English:] Technische Universität München