Critical Software

Critical Software
Name	Critical Software
Type	Private
Founded	1998
Founders	Bruno Silva, Paulo Veríssimo
Headquarters	Coimbra
Area served	Global
Industry	Software industry
Products	Safety-critical systems, mission-critical software, certification support
Employees	1,000+ (approx.)

Contents

Definition and Scope
Safety and Reliability Requirements
Development Processes and Standards
Verification, Validation, and Testing
Certification and Regulatory Compliance
Risk Management and Hazard Analysis
Examples and Application Domains
Challenges and Future Directions

Critical Software Critical Software is a technology company founded in 1998 that develops mission-critical and safety-critical systems for sectors requiring high-assurance software. The company provides engineering services, product development, and certification support across multiple industries, collaborating with academic institutions and industrial partners on real-time systems and formal methods. Its work spans aerospace, rail, energy, defense, and healthcare, emphasizing compliance with international standards and rigorous verification.

Definition and Scope

The company focuses on delivering high-integrity solutions for domains such as Aerospace industry, Rail transport, Power station, Defense industry, Healthcare, and Telecommunications. Activities include systems engineering, embedded software, real-time operating systems, and assurance cases for European Union and international markets. The organization engages with standards bodies like European Aviation Safety Agency and International Electrotechnical Commission to align offerings with regulatory frameworks.

Safety and Reliability Requirements

Projects adhere to safety integrity levels and reliability targets such as those defined in DO-178C, IEC 61508, and EN 50128. For avionics, requirements map to guidance from Federal Aviation Administration and European Union Aviation Safety Agency certification artifacts. Railway projects conform to lifecycle expectations from European Committee for Electrotechnical Standardization and national safety authorities. Reliability engineering involves fault tolerance, redundancy, and prognostics consistent with practices used by Rolls-Royce Holdings, Airbus, and Siemens in critical platforms.

Development Processes and Standards

Development processes align with lifecycle models described in ISO 9001, CMMI, and domain standards like DO-178C and ISO 26262 for automotive-related safety. The company applies model-based development linked to languages and tools such as MATLAB, Simulink, and formal tools influenced by SPARK (language) and Ada (programming language). Configuration management and traceability practices reference tools and approaches used by IEEE-aligned projects and multinational contractors including Thales Group and BAE Systems.

Verification, Validation, and Testing

Verification and validation employ unit testing, integration testing, system testing, and acceptance testing consistent with expectations from European Space Agency and NASA programs. Formal verification techniques are used where applicable, drawing on theorem provers and model checkers similar to those in Microsoft Research and University of Oxford research labs. Test automation, hardware-in-the-loop, and continuous integration practices are integrated with platforms used by Siemens Mobility and Bombardier Transportation.

Certification and Regulatory Compliance

Supporting certification dossiers involves compiling evidence for authorities such as European Aviation Safety Agency, Federal Railroad Administration, and National Health Service (England). Compliance activities reference standards including DO-178C, IEC 61508, EN 50128, and ISO/IEC 27001 for information security. The company has partnered with certification bodies and notified bodies similar to TÜV SÜD and DNV GL to achieve approvals for safety-critical deployments.

Risk Management and Hazard Analysis

Risk management processes use techniques like Failure Modes, Effects, and Criticality Analysis (FMECA), Hazard and Operability Study (HAZOP), and Fault Tree Analysis (FTA), in line with approaches from NASA, European Union Agency for Railways, and International Organization for Standardization. Safety cases and assurance arguments are structured to satisfy assessors from regulatory agencies and integrators such as Airbus Defence and Space and Siemens. Cybersecurity risk assessments are informed by guidance from ENISA and NIST publications.

Examples and Application Domains

Examples of application domains include avionics systems in collaboration with contractors like Airbus and Rolls-Royce Holdings, signalling projects for operators such as Network Rail and manufacturers like Alstom, and control systems for energy providers including EDF (company). Healthcare software efforts intersect with suppliers to systems used in hospital environments overseen by agencies like National Health Service (England). Research collaborations have involved universities such as University of Coimbra and research centers like INESC.

Challenges and Future Directions

Key challenges include scaling formal methods to industrial-size systems, integrating cybersecurity with safety in line with ISA/IEC 62443, and addressing supply-chain assurance concerns raised by multinational programs like those managed by NATO and the European Defence Agency. Future directions point toward model-based assurance, increased use of artificial intelligence and machine learning with explainability requirements influenced by European Commission initiatives, and tighter tool qualification traces reflecting practices from EASA and FAA.

Category:Software companies of Portugal