Tel. +31­ 345 545535
Coming soon...
Who we work with
What's going on
Something to read
Who we are
Where we are
You are on the following page: Products > Safety Critical & Certified Systems > Formal Verification > AiT - Worst Case Execution Time Nederlands | French

AiT - Worst Case Execution Time

The industry standard for static timing analysis
aiT WCET Analyzers statically compute tight bounds for the worst-case execution time (WCET) of tasks in real-time systems. They directly analyze binary executables and take the intrinsic cache and pipeline behavior into account.

The challenge
In real-time systems, timely task completion is of the essence. Each real-time task has to be completed within a specified time frame in order to ensure that the system works correctly. In other words, it is essential that the WCET of each task is known.

However, computing the WCET is a challenge:

"Testing, in general, cannot show the absence of errors."

  • Testing by repeatedly measuring the execution time of a task is tedious and typ­i­cally not safe. It is often impossible to prove that the conditions determining maximum exe­cu­tion time have been taken into account.
  • Modern processor components such as caches and pipelines complicate the task of de­ter­mining the WCET considerably, since the execution time of a single instruction may depend on the execution history.
  • Analysis methods that do not consider cache and pipeline behavior typically over­estimate the WCET by orders of magnitude, leading to a substantial waste of hardware re­sources.

The solution
aiT WCET Analyzers provide the solution to these problems: they statically analyze a task's in­trinsic cache and pipeline behavior based on formal cache and pipeline mod­els. This enables correct and tight upper bounds to be computed for the worst-case execution time.

The analyzers are based on the technique of abstract interpretation. A graphical user interface supports the visualization of the worst-case program path and the interactive inspection of all pipeline and cache states at arbitrary program points.

Your benefits


  • aiT-computed bounds are extremely tight and thus reflect the ac­tu­al performance of your system. Ensuring deadline adherence is not done at the expense of hardware re­sources.
  • aiT-computed bounds are valid for all inputs and each execution of a task. Extensive timing testing is a thing of the past.
  • aiT directly analyzes binary executables. It is widely in­de­pendent of the compiler and source code language used.

This means no mod­i­fi­cation of your toolchain or the system's operational behavior and performance is required.





Who uses aiT?

  • aiT was originally designed in close collaboration with Airbus France. For fifteen years now, it's been used at the Toulouse plant for vali­dating the timing behavior of crit­i­cal avionics software, including the flight control software of the A380.
  • Daimler uses aiT in many auto­motive software projects, including the powertrain control system of the new Actros truck.
  • Vestas uses aiT for static analysis of their wind turbine control software.
  • OHB uses aiT in the development of software for geostationary communication satellites and satellite navigation.
  • MTU Friedrichshafen uses aiT to demonstrate the cor­rectness of control software for emergency power generators in nuclear power plants.
  • NASA used aiT as an industry-standard static analysis tool for demonstrating the absence of timing-related software defects in the 2010 Toyota Unintended Accel­eration Investigation.

Supported targets
aiT is available for a wide and ever-growing array of target processors and compilers.


Seamless integration into your toolchain

aiT supports tight integration with many state-of-the-art development tools, including:


  • SCADE Suite, the market-leading embedded-software development environment from Esterel
  • TargetLink, the production-code generation tool from dSPACE
  • SymTA/S scheduling analysis tools from Symtavision/Luxoft
  • Jenkins, the leading open-source automation server

  • ASCET modeling tools from ETAS
  • WCC, the first WCET-aware C compiler from TU Dortmund
  • RT-Druid, the Eclipse-based development environment from Evidence


aiT can also be combined with other analysis tools from AbsInt (e.g. StackAnalyzer for stack usage analysis) in the same user interface.

"aiT is very easy and straightforward to use"

"the best capabilities to resolve dynamic calls automatically"

"the most feature-complete tool"

"a clear winner in terms of additional functionality"

Comparison of WCET tools by University of Stuttgart (PDF)

Qualification support

Your usage of aiT can be qualified according to ISO 26262, DO-178B/C, and other safety standards. We offer special Qualification Support Kits that simplify and automate the qualification process. These Kits are quite popular with our customers, notably in the avionics and automotive industries.

Additionally, we offer QSLCD Reports that document our own development pro­cesses, including all verification and quality assurance activities.

Lastly, aiT is also available as an integral part of the SCADE develop­ment environ­ment, which is DO-178B quali­fied up to level A for Military and Aero­space Industries, IEC 61508 certified at SIL 3 by TÜV for Heavy Equip­ment and Energy, and EN 50128 certi­fied at SIL 4 by TÜV for Rail Transportation. Within the SCADE Suite, you'll find aiT under the name "Timing Verifier".

Free 30-day trial
Request your free trial package today, complete with free training and support.

How to buy :

Please do not hesitate to contact Gerard Fianen at INDES-IDS BV to discuss your formal S/W verification requirments



INDES-IDS BV offers solutions for Embedded Software Development as well as for the Telecommunication NEMS and Service Providers. In these markets we offer products of either the market leader or the innovation leaders. Our goal is to assist you to get to the market sooner by offering a combination of products, knowledge and services.