Model-based development of embedded systems


AutoFOCUS3 (AF3) is a model-based tool and research platform for safety-critical embedded systems. It builds on a generic Eclipse-based tooling framework, is open source (Apache 2.0 license), and is released biannually for the Windows and Linux 64-bit platforms.

AutoFOCUS3 supports the design, development and validation of safety-critical embedded systems in many development phases, including architecture design, implementation, hardware/software integration, and safety argumentation based on formal models from the following viewpoints:

  • Requirements
  • Logical architecture and behaviour
  • Technical (hardware and software) architecture
  • Deployment (software/hardware mapping, scheduling
  • Safety argumentation

Advanced features enable to explore design and implementation alternatives (e.g., safety patterns, task allocation, partition/compartment architectures) based on state-of-the art formal methods and solvers (e.g., Z3 solver), and to validate early designs by means of functional simulation and co-simulation (via FMI). The automatic artefact synthesis capabilities of the tool enable rapid development (e.g., code and configuration generation, scheduling synthesis). Modular assurance cases encoded in the goal-structuring notation (GSN) enable users to document the dependability of a system by bringing in information about its environment and the development context. They provide a structured argument that establishes a systematic relationship between a dependability goal and its evidence (e.g., validation artefact).

Software Downloads

System requirements: Windows or Linux with Java Runtime Environment (JRE) 11 (64 bit). In case you should face problems with starting the tool or want to run AF3 on macOS have a look at our FAQ.

Current Release 2.23 (2023-04-03)

Release Notes

WIN 64Linux 64 


Nightly Build

WIN 64Linux 64 



  • Delivering a model-based tool and research platform for the design, development and validation of safety-critical embedded systems
  • Providing a high quality and extensible open source framework for rapid tool prototyping (see, e.g., SmartF-IT)
  • Serving as incubator for advanced systems engineering methods
  • Closing the gap between academia and industry by mutual transfer of novel approaches and practical use cases and requirements

Research contribution

The tool is a research platform to investigate novel model-based systems and software engineering techniques in the following fields:

  • How to build tools that combine the expertise of engineers with the power of state-of-the art formal methods?
  • Definition of correct-by-construction computer aided design approaches to optimize hardware/software architectures that satisfy industrial constraints (e.g., safety, reliability, real-time, etc.).
  • How to enable the use of the most efficient solver or a combination of solvers (e.g., SMT, MOEA) for model-based design-space exploration techniques that scale in realistic use cases?
  • How to enable the efficient construction and maintenance of large dependability arguments for systems in open contexts with the help of modular assurance cases?
  • How to use model-based engineering to support safety/security trade-off analyses by synthesizing and analysing attack-defence trees for a given safety argumentation?

Application in demonstrators


In the fortissimo-demonstrator, we show how to develop software and system architectures for autonomous vehicles using a model-based approach.

 Simon Barner

Your contact

Simon Barner

+49 89 3603522 22

More informationen


[Translate to English:] Technische Universität München