Your browser does not support JavaScript! Skip to main content
Free 30-day trial DO-178C Handbook RapiCoupling Preview DO-178C Multicore Training Multicore Resources
Rapita Systems
 

Industry leading verification tools & services

Rapita Verification Suite (RVS)

  RapiTest - Unit/system testing  RapiCover - Structural coverage analysis  RapiTime - Timing analysis (inc. WCET)  RapiTask - Scheduling visualization  RapiCoverZero - Zero footprint coverage analysis  RapiTimeZero - Zero footprint timing analysis  RapiTaskZero - Zero footprint scheduling analysis  RapiCouplingPreview - DCCC analysis

Multicore Verification

  MACH178  MACH178 Foundations  Multicore Timing Solution  RapiDaemons

Engineering Services

  V&V Services  Data Coupling & Control Coupling  Object code verification  Qualification  Training  Consultancy  Tool Integration  Support

Industries

  Civil Aviation (DO-178C)   Automotive (ISO 26262)   Military & Defense   Space

Other

RTBx Mx-Suite Software licensing Product life cycle policy RVS Assurance issue policy RVS development roadmap

Latest from Rapita HQ

Latest news

SAIF Autonomy to use RVS to verify their groundbreaking AI platform
RVS 3.22 Launched
Hybrid electric pioneers, Ascendance, join Rapita Systems Trailblazer Partnership Program
Magline joins Rapita Trailblazer Partnership Program to support DO-178 Certification
View News

Latest from the Rapita blog

How to certify multicore processors - what is everyone asking?
Data Coupling Basics in DO-178C
Control Coupling Basics in DO-178C
Components in Data Coupling and Control Coupling
View Blog

Latest discovery pages

control_tower DO-278A Guidance: Introduction to RTCA DO-278 approval
Picture of a car ISO 26262
DCCC Image Data Coupling & Control Coupling
Additional Coe verification thumb Verifying additional code for DO-178C
View Discovery pages

Upcoming events

DASC 2025
2025-09-14
DO-178C Multicore In-person Training (Fort Worth, TX)
2025-10-01
DO-178C Multicore In-person Training (Toulouse)
2025-11-04
HISC 2025
2025-11-13
View Events

Technical resources for industry professionals

Latest White papers

Mitigation of interference in multicore processors for A(M)C 20-193
Sysgo WP
Developing DO-178C and ED-12C-certifiable multicore software
DO178C Handbook
Efficient Verification Through the DO-178C Life Cycle
View White papers

Latest Videos

Rapita Systems - Safety Through Quality
Simulation for the Motorola 68020 microprocessor with Sim68020
AI-driven Requirements Traceability for Faster Testing and Certification
Multicore software verification with RVS 3.22
View Videos

Latest Case studies

GMV case study front cover
GMV verify ISO26262 automotive software with RVS
Kappa: Verifying Airborne Video Systems for Air-to-Air Refueling using RVS
Supporting DanLaw with unit testing and code coverage analysis for automotive software
View Case studies

Other Resources

 Webinars

 Brochures

 Product briefs

 Technical notes

 Research projects

 Multicore resources

Discover Rapita

Who we are

The company menu

  • About us
  • Customers
  • Distributors
  • Locations
  • Partners
  • Research projects
  • Contact us

US office

+1 248-957-9801
info@rapitasystems.com
Rapita Systems, Inc.
41131 Vincenti Ct.
Novi
MI 48375
USA

UK office

+44 (0)1904 413945
info@rapitasystems.com
Rapita Systems Ltd.
Atlas House
Osbaldwick Link Road
York, YO10 3JB
UK

Spain office

+34 93 351 02 05
info@rapitasystems.com
Rapita Systems S.L.
Parc UPC, Edificio K2M
c/ Jordi Girona, 1-3
Barcelona 08034
Spain

Working at Rapita

Careers

Careers menu

  • Current opportunities & application process
  • Working at Rapita
Back to Top Contact Us

Breadcrumb

  1. Home

Discover WCET Tools

  • Intro
  • What are WCET tools?
  • Measurement based tools
  • Static analysis tools
  • Hybrid tools
  • RapiTime

Importance of Worst-Case Execution Time

The importance of worst-case execution time (WCET) can be illustrated using a simple example relating to a system to control air bags in an automobile. If the airbag does not deploy within certain timing deadlines, its effectiveness in preventing injury to the driver may be negatively affected. Similar use cases exist in other safety-critical industries including aerospace, rail, nuclear etc.

For this reason, DO-178C guidance for aerospace and the ISO 26262 standard for automotive both require that evidence on the WCET of applications and their critical sub-routines are provided to support certification.

execution-time-vs-response-time

What are WCET tools?

WCET tools are a subset of software testing tools that analyze worst-case execution time (WCET) – and often other timing metrics – of an application. WCET tools are widely employed in the safety-critical industry to provide evidence to certification authorities that timing deadlines will be met.

WCET tools are based on either measurement, static analysis or a hybrid combination of the two.

Measurement-based WCET tools

These tools measure execution times of short sections of code ‘on-target’ (on the real hardware) . Measurements are derived from external hardware units such as oscilloscopes, or often via the processor clock.

Measurement-based analysis can yield the ‘worst observed’ execution time – often called ‘high-water mark time’ and provide evidence of the likelihood of this occurring. In practice, the inherent optimism of a measurement-based approach can be reduced by adding a safety margin, for example adding 20% to the longest observed execution time and treating this as a WCET estimation.

An example of a measurement-based WCET tool is Gliwa's Timing Suite T1.

MC/DC

Static analysis WCET tools

Static analysis WCET tools were developed as an alternative to measurement-based WCET tools. These tools rely on a precisely accurate model of the processor including pipelines, memory etc. and any other hardware feature that could affect the timing behavior of the software being analyzed.

A major advantage of static analysis WCET tools is that they do not need to run on-target, minimizing the cost and effort needed to use them.

The major disadvantage of these tools is that they identify the pathological – worst theoretically possible – WCET, which tends to be highly pessimistic. Another disadvantage is that highly complex architectures (such as multicore processors) cannot be accurately modeled, making the technique unsuitable for these architectures.

Examples of static analysis WCET tools are:

  • Chronos, an open source static WCET analysis tool from the National University of Singapore.
  • OTAWA, a framework of C++ classes dedicated to static analyses of programs in machine code and to the computation of WCET, from the Traces Research group on Architectures and Compilers for Embedded Systems at IRIT (Institut de Recherche en Informatique de Toulouse)
  • Bound-T Execution Time Analyzer from Tidorum.

Hybrid WCET tools

Hybrid WCET tools aim to combine the best features of measurement-based and static analysis WCET tools whilst avoiding their pitfalls.

Hybrid WCET tools differ in that they:

  • Use on-target testing to measure the execution time of short sub-paths between decision points in the code.
  • Support offline analysis with information obtained during testing, such as numbers of loop iterations and execution frequencies (modal operation) to build up a model of the overall code structure and determine which combinations of sub-paths form complete and feasible paths through the code.
  • Combine measurements and information from path analysis to compute worst-case execution times in a way that captures execution time variation on individual paths due to hardware effects.



control_flow

Hybrid tools give a balanced approach to measuring WCET which is neither too optimistic nor pessimistic

Execution times are determined from real measurements, addressing the first problem with static-only WCET tools: no reliance on processor models.

Another advantage of hybrid WCET tools they can be used to obtain other accurate on-target timing metrics such as high and low water marks, execution frequencies, and execution time distributions

Examples of hybrid WCET tools are:

  • pWCET developed as part of the Next TTA project
  • RapiTime
RapiTime

In-depth execution time analysis for critical software

 
Choose your free resource:
When you contact us, we will process your personal data in accordance with our data protection policy, please see our Customer Privacy Information for more information.
  • Solutions
    • Rapita Verification Suite
    • RapiTest
    • RapiCover
    • RapiTime
    • RapiTask
    • MACH178
    • Verification and Validation Services
    • Qualification
    • Training
    • Integration
  • Latest

    • Latest menu

    • News
    • Blog
    • Events
    • Videos
  • Downloads

    • Downloads menu

    • Brochures
    • Webinars
    • White Papers
    • Case Studies
    • Product briefs
    • Technical notes
    • Software licensing
  • Company

    • Company menu

    • About Rapita
    • Careers
    • Customers
    • Distributors
    • Industries
    • Locations
    • Partners
    • Research projects
    • Contact
  • Discover
    • Multicore Timing Analysis
    • Embedded Software Testing Tools
    • Worst Case Execution Time
    • WCET Tools
    • Code coverage for Ada, C & C++
    • MC/DC Coverage
    • Verifying additional code for DO-178C
    • Timing analysis (WCET) & Code coverage for MATLAB® Simulink®
    • Data Coupling & Control Coupling
    • Aerospace Software Testing
    • Automotive Software Testing
    • Certifying eVTOL
    • DO-178C
    • AC 20-193 and AMC 20-193
    • ISO 26262
    • What is CAST-32A?

All materials © Rapita Systems Ltd. 2025 - All rights reserved | Privacy information | Trademark notice Subscribe to our newsletter