Modern avionics systems rely on platforms composed of individual computers, a centralized network, specialized avionics buses, and connected peripherals. Teaching these concepts requires expertise in multiple disciplines: e.g., mechanics, electronics, thermodynamics, low-level and higher-level programming, and systems engineering. Integrating these topics into a single teaching module is challenging, even for students with prior experience.

Accessible technical literature on safety-critical systems is significantly lacking. To address this issue, I propose a structured, three-phase approach that progressively introduces students to embedded systems, redundant computing, and full redundancy concepts in avionics platforms. Each part builds on the previous one, introducing additional concepts and mechanisms. The theoretical material should be accompanied by experiments with simple, non-specialized components. This approach gradually increases in complexity and difficulty while allowing students to experiment with the concepts at home.

The Arduino ecosystem aims at bringing young students and children to micro-controllers and programming since 2005. It introduces embedded software concepts to the user by abstracting the actual embedded bits into well-formed functions and methods. With a single Arduino and suitable peripherals you can easily implement a complex elevator control: combine an MPU6050 inertial reference unit, two MG90 servos, and a potentiometer as stick replacement. These components are easy to obtain and cost in total less than 20€. We use this basic concept within the school students projects and build up the entire model within a day: mechanical assembly, soldering, wiring, and programming. This presentation shows this crucial step and the caveats. Arduino serves as an accessible entry point, allowing students to grasp embedded systems fundamentals before progressing to more complex avionics implementations.

This simplex control channel does not meet requirements for safety-critical systems and is easily susceptible to single-point failures. Safety-critical systems require both, reliability and integrity: probabilities that the system is working and that it does not have an uncontained failure. Redundancy concepts can ensure these metrics: monitoring for integrity - and replication for reliability. We can combine two Arduinos in COM-MON architecture (duplex) to ensure integrity – or in COM-COM architecture (dual simplex) for improved reliability. While flight-control-systems in modern aircraft feature up to 12 individual computers, this chapter will discuss the general architectures with a minimum set of computers. The presentation will feature COM-MON and COM-COM architectures with a suitable implementation.

Finally, the overall platform needs to be sized for the required reliability figures: based on a pre-design, the individual redundancy degree is estimated for each peripheral. This approach is then theoretically shown. As redundancy increases, challenges such as consensus mechanisms, fault detection, time and data synchronization become critical. Future work will explore approaches like voting, time-synchronization, reliable broadcast, Byzantine fault tolerance, and operational strategies.

Overall, this presentation introduces crucial steps from simplex prototyping to actually developing a redundant platform. It builds up on the insights gathered during the HYMASY project, a funded re-development of an avionics laboratory. It features pre-made laboratory experiments with an Arduino Quadruplex system, which was evaluated by students during two lab courses already and showed good potential, especially due to the mostly familiar Arduino ecosystem. We take this approach further and propose a method to empower students in learning about safety-critical systems outside the classrooms.