[First paragraph] Safety-critical systems, such as those in the avionics, automotive, power, space, and medical industries, are predominantly driven by real-time embedded software and are often referred to as highintegrity real-time systems (HIRTS). In these systems, safety is of paramount importance. Safety is broadly defined as freedom from accidents and loss.1 When no safe alternative to normal service exists, a system must be dependable to be safe—that is, it must have reliable ways to deliver a certain quality of service. Dependability is thus concerned primarily with fault tolerance. Dependability attributes (availability, reliability, safety, confidentiality, integrity, and maintainability) are highly desirable in many other categories of modern software systems. For example, a Web service’s availability is highly desirable from a business perspective. However, it isn’t critical in the same sense as the availability of an aircraft’s landing gear. Likewise, we want our banking system to be reliable, but not in the same way that we want our car to be reliable at high speeds.