AutoFOCUS3 (AF3) is a model-based tool and research platform for safety-critical embedded systems. It builds on a generic Eclipse-based tooling framework, is open source (Apache 2.0 license), and is released biannually for the Windows and Linux 64-bit platforms.

AutoFOCUS3 supports the design, development and validation of safety-critical embedded systems in many development phases, including architecture design, implementation, hardware/software integration, and safety argumentation based on formal models from the following viewpoints:

• Requirements
• Logical architecture and behaviour
• Technical (hardware and software) architecture
• Deployment (software/hardware mapping, scheduling
• Safety argumentation

Advanced features enable to explore design and implementation alternatives (e.g., safety patterns, task allocation, partition/compartment architectures) based on state-of-the art formal methods and solvers (e.g., Z3 solver), and to validate early designs by means of functional simulation and co-simulation (via FMI). The automatic artefact synthesis capabilities of the tool enable rapid development (e.g., code and configuration generation, scheduling synthesis). Modular assurance cases encoded in the goal-structuring notation (GSN) enable users to document the dependability of a system by bringing in information about its environment and the development context. They provide a structured argument that establishes a systematic relationship between a dependability goal and its evidence (e.g., validation artefact).

• Delivering a model-based tool and research platform for the design, development and validation of safety-critical embedded systems
• Providing a high quality and extensible open source framework for rapid tool prototyping (see, e.g., SmartF-IT)
• Serving as incubator for advanced systems engineering methods
• Closing the gap between academia and industry by mutual transfer of novel approaches and practical use cases and requirements

The tool is a research platform to investigate novel model-based systems and software engineering techniques in the following fields:

• How to build tools that combine the expertise of engineers with the power of state-of-the art formal methods?
• Definition of correct-by-construction computer aided design approaches to optimize hardware/software architectures that satisfy industrial constraints (e.g., safety, reliability, real-time, etc.).
• How to enable the use of the most efficient solver or a combination of solvers (e.g., SMT, MOEA) for model-based design-space exploration techniques that scale in realistic use cases?
• How to enable the efficient construction and maintenance of large dependability arguments for systems in open contexts with the help of modular assurance cases?
• How to use model-based engineering to support safety/security trade-off analyses by synthesizing and analysing attack-defence trees for a given safety argumentation?

In the fortissimo-demonstrator, we show how to develop software and system architectures for autonomous vehicles using a model-based approach.