Skip to main content

Certified Toolkit

Our Safety Complete Package

Engineering ´in time´ and ´in budget´

The fastes way to your safety solution

With our highly scalable and certified safety toolkit, we provide our customers with a comprehensive portfolio for creating functionally safe control components, spanning from hardware to firmware to application engineering.

Engineering ´in time´ and ´in budget´

Certified & investment proof

In the area of hardware components, the modular system includes SIC400, SIC10e and SIC90e, high-performance platforms for safe sensors, actuators and controllers. 

Additionally, it offers designs for digital inputs and outputs, analog inputs, and sensor interfaces. Various firmware solutions are also included, such as the FSoE Host/Device Stack for safe device communication using the FSoE protocol and SIC100, which provides the firmware core for a safe device. Furthermore, the toolkit encompasses applications for CPU and memory testing (Test Library Cora), the implementation of safety motion functions (Safety Motion Library), and the calculation of single or double precision floating-point numbers (Floating Point Library). The hardware abstraction layer is also available as a solution for firmware integration with the respective hardware architecture.

All elements of the toolkit are pre-certified as compliant items in accordance with IEC61508.

To complete the portfolio, we offer the development environments Neuron Power Engineer and Neuron Safe Engineer, which, in combination with the RTS safe runtime systems, facilitate rapid, flexible, and efficient programming of functionally safe control applications.

Our certified hardware and software components



The SIC100 is a modular software toolkit with a 1oo2 safety architecture. This toolkit is a pre-certified compliant item according to IEC61508. The SIC400 consists of the base core, which can be expanded with secure digital inputs, secure digital outputs, sensor interfaces, and fieldbus connectivity. All relevant diagnostics for the interfaces are included in the software modules. Specific functions can be added in the application layer.

  • Modular software with an object-oriented concept
  • Interfaces for custom software
    • Application section
    • Hardware Abstraction Layer (HAL)
  • Inputs and outputs configurable in software and hardware - functional or secure
  • 1/2-channel
  • Configuration via a central lookup table that maps logical objects to physical hardware
FSoE Host/Device Stack

The highly compact and efficient implementation of the FSoE-Host/Device Stack V2 allows for integration into very small and cost-effective hardware structures and is characterized by its high-performance runtime behavior. Integration into existing EtherCAT structures is easily achievable due to the clear interface structure of the stack. The implementation is provided as a library, and no additional hardware platform requirements are imposed. When using the original sources and complying with or implementing the provided requirements, no further work is necessary for type testing by a notified body. Single-channel integration is possible (e.g., for SIL2).

Floating Point Library

The safe floating-point library comprises two core functions:

  • Provides secure, verified methods for performing calculations with single or double precision floating-point numbers according to the IEEE 754 Standard for platforms without a dedicated floating-point coprocessor (FPU / Floating Point Unit), it
  • Serves the purpose of runtime testing the FPU by executing calculations with single or double precision floating-point numbers according to the IEEE 754 Standard on systems equipped with an FPU as well as on a random sampling basis. The results are then compared with those of the FPU.

The safe floating-point library is developed and certified as a compliant item for ARM-based platforms. On a single processor, the safe floating-point library can achieve up to SIL2. On dual-channel systems, where results can be cross-checked at the end of the processing cycle, it can reach up to SIL3.

Testlibrary CORA

The Testlibrary CORA is a tool that enables the implementation of significant portions of hardware testing required by IEC61508.

Feasible tests:

  • CPU Test (DCCortex M3 = Medium, DCARM = Medium)
  • RAM Test (DCGalpat = High, DCMarchC- = Medium)
  • Segmented GALPAT, March C-
  • ROM Test
  • Block CRC via Table
  • Firmware Monitoring (Consistency Check, DC = High)
  • Stack monitoring for overflow and underflow
  • Configurable test manager

The Test Manager, at the core of the library, manages the configured tests and invokes individual test functions. Various memory blocks can be registered for memory testing, and the Test Manager processes them accordingly.

Typically, upon system startup, a March-C test is executed. During runtime, a segmented GALPAT test is employed to achieve the highest possible test coverage (DC). For the ROM test, a table of checksums (CRC) is created for previously configured memory blocks in non-volatile memory (program memory) and is checked for consistency during runtime. To ensure that all memory areas have been tested after n system starts, even in systems with short runtimes, the Test Manager also manages the last test segments.

Additionally, there is a diagnostic function to monitor continuous test coverage. The library is suitable for use in real-time environments and does not require an operating system. The provided functions are pre-certified by TÜV Rheinland and can be utilized in safety projects.

Delivery is in the form of source code, with an integration guide included. Optionally, all unit tests are available for custom extensions.

Safety Motion Library

The Safety Motion Library is a pre-certified library for implementing safety motion functions according to IEC61800-5.2 and for monitoring 2- and 3-dimensional motion spaces in the field of robotics.



A cost-effective 1oo2 safety architecture based on two Cortex-M4 controllers with local safe inputs and outputs, as well as optional fieldbus connectivity.

The SIC400 is a cost-effective safety hardware platform with a 1oo2 architecture designed to achieve SIL3 according to IEC61508 and Performance Level e and Category 4 according to ISO13849. The two channels are implemented by a Cortex M4 microcontroller. It can accommodate a total of 16 secure digital inputs, 8 safe digital outputs, and two SSI encoders. The safe digital inputs are of Type 3 according to IEC61131-2. The safe digital outputs are short-circuit-proof and meet the requirements of IEC61131-2. The platform can be powered by either 24VDC or 5VDC. Fieldbus connectivity is possible via an additional netX52 fieldbus controller.


A safety module featuring a 1oo2 safety architecture based on a Cortex A7 and a Cortex M4 controller, with local fieldbus connectivity, and the ability to expand local secure inputs and outputs.

The SIC10e is a safety hardware platform with a 1oo2 architecture designed to achieve SIL3 according to IEC61508 and performance level e and category 4 according to ISO13489. By implementing the first channel with a Cortex A7, the platform comes equipped with a local EtherCAT Device and Profinet Device interface. The SIC10e is a plug-in module, allowing it to be integrated into custom hardware. It can accommodate a total of 16 safe digital inputs and 8 safe digital outputs. The safe IOs are GPIOs of the two microcontrollers, enabling the use of custom physical inputs and outputs. Additionally, the platform features one SSI encoder input per microcontroller channel.

For development purposes, an IO board with 8 safe digital inputs and 4 safe digital outputs is also available. The safe digital inputs are Type 3 inputs according to IEC61131-2, and the safe digital outputs are short-circuit-proof and meet the requirements of IEC61131-2.


A high-performance 1oo2 safety architecture based on two Cortex-A9 controllers and a local fieldbus connection.

The SIC90e is a powerful hardware platform based on Cortex A9 microcontrollers in a 1oo2 architecture. The platform meets the requirements of SIL3 according to IEC61508 and Performance Level e and Category 4 according to ISO13489. Powerful Cortex A9 microcontrollers are used for both channels. The module features a local EtherCAT Device and PROFINET Device fieldbus connection. Additionally, there is an Ethernet interface as an engineering interface. It is powered by 24VDC. The SIC90e is an ideal hardware platform for PLC applications.


Neuron Power Engineer

With Neuron Power Engineer, we offer an engineering tool that provides a wide range of programming languages such as IEC 61131-3, C, C++ and MATLAB integration with extensive reuse and team engineering functionalities.

Neuron Safe Engineer

In order to be able to program the safety functions in parallel with the applications, a pre-certified safety toolchain is integrated that supports the engineering of safety functions up to level SIL 3 according to IEC61508, PLe according to ISO13849 and ASIL C according to ISO26262.

Runtimes safe & non-safe

Neuron RTS nano: In the simplest case, the generated IEC 61131-3 application can be integrated as a C-API into an external scheduler with virtually no footprint other than the application itself.

Neuron RTS micro / Neuron RTS safe: Our smallest Soft-PLC, which can also be used within safety-related systems, requires only 5k Bytes of RAM for its basic functionality. If desired, the system can be extended with specific functions to achieve an optimal balance between functionality and footprint. Additionally, RTS safe can run functionally safe applications up to SIL3, PLe, and ASIL C levels.

Neuron RTS max: Our largest runtime system is designed to operate on powerful platforms with advanced operating systems (e.g., Linux). This enables the execution of distributed applications processing millions of data points from various sources.

Bus Configurator

The Safety Bus Configurator is pre-certified according to IEC61508 for configuring safety fieldbuses such as FSoE.

Safe Parameter Tool

The Safe Parameter Tool is a pre-certified T3 offline parameterization tool according to IEC62061. Customization and definition of the safe parameter container are done through an XML structure.

Use Cases

Examples from 30 years of experience

We are looking forward to your message:

Get in touch with us!

With more than 30 years of experience, our team of experts is ready to co-create your solution! Together with our partners we develop open, flexible and efficient functionally safe solutions and engineering tools to reach the next level of industrial automation.

Stay up to date: