RISC-V: Bringing Greater Reliability, Safety, and Security to Military and Aerospace Systems

March 1, 2026

Military and aerospace applications have become increasingly complex real-time systems. Multi-core SoCs improve performance but create new challenges in maintaining and verifying deterministic behavior. Connected systems require exceptional security to protect code from external cyberattacks. Evolving functional safety and reliability standards that keep raising the bar mean developers need to begin comprehensive testing sooner if they are going to meet tighter design schedules. Finally, certifying these complex systems has become even more difficult.

To help OEMs meet these challenges, the RISC-V architecture has been designed with unique capabilities that support reliability and security in the development of safety-critical applications. With its open instruction set architecture, modularity, and extensibility, RISC-V accelerates the design of functionally safe systems while reducing the complexity, cost, and risk associated with certification to standards like DO-178C and ISO 26262.

The RISC-V architecture is already being designed into mission-critical military and aerospace systems. For example, RISC-V processors from Microchip based on the X280 RISC-V core developed by SiFive are at the foundation of the High-Performance Spaceflight Computing (HPSC) processor from NASA’s Jet Propulsion Labs designed to provide at least 100 times the computational capacity of existing spaceflight computers.

Open Instruction Set Architecture

Unlike proprietary processor architectures, such as Arm, RISC-V uses an open instruction set architecture (ISA) developed by the University of California, Berkeley. This architecture is based on Reduced Instruction Set Computing (RISC) principles, emphasizing performance and modularity in processor design in a way that offers distinct advantages in terms of reliability and simplifying the certification process.

Figure 1: The RISC-V ISA is customizable through the addition of various extensions. Its open standard approach eliminates the compatibility requirements that typically increase certification complexity and vendor lock-in. (Image: TASKING)

One of the primary advantages of the RISC-V ISA is that the ISA is standardized. This means all RISC-V chips are built on the same core foundation. The ISA is structured as a small base integer set, enabling developers to incorporate only the essential features and minimize unnecessary system complexity. At the same time, the ISA is customizable through the addition of various extensions and is scalable from low-power to 64-bit high-end (see Figure 1). RISC-V International also provides specifications for non-ISA hardware such as the RISC-V Advance Interrupt Architecture spec, the RISC-V Input-Output Memory Management Unit (IOMMU) spec, and MMU support.

The open standard approach for the RISC-V ISA eliminates the compatibility requirements that typically increase certification complexity and vendor lock-in. In addition, RISC-V’s royalty-free licensing model eliminates cost barriers when customizing implementations, and its absence of proprietary IP reduces potential design liability concerns.

Consider the great variety of ARM implementations available. Some implementations have hardware partitioning, some offer memory management units (MMU), some support different privilege modes. ARM vendors can introduce new capabilities based on their own proprietary implementation. This means that a feature offered by one vendor differs from the same feature offered by a different vendor. In addition, each combination of features creates a wholly unique SoC architecture.

While this gives developers flexibility in choosing the capabilities they want to implement – and pay for – it also introduces significant development and certification challenges. It can also be challenging to find the ideal architecture for mission-critical systems, as well as to find an equivalent architecture from a second source.

The distinctness of each vendor’s ARM-based SoC offerings tends to create vendor lock-in given how much effort it would take to migrate a system to another vendor’s SoC. The limitations of vendor lock-in extend to the hardware and tools OEMs can use as well. From a certification standpoint, vendor lock-in makes each ARM-based SoC a unique platform in terms of hardware, software, and tools an OEM has to certify.

Security and Reliability

At its core, RISC-V is an architecture designed for reliable real-time execution. For example, DO-178C mandates the analysis of Worst Case Execution Time (WCET). Cache is effectively a shared resource between threads, and unrelated code on another thread or core can flush the cache on time-critical code. RISC-V employs a cache memory management architecture that supports deterministic runtime execution by allowing level 2 cache memory to be configured as RAM. This enables more precise control over critical system timing, facilitating the WCET analysis essential for certification.

For military and aerospace systems, security and reliability are essential. RISC-V doesn’t require OEMs to choose to be secure. The core architecture supports important capabilities like privilege levels and MMUs, making security and reliability an integral, not optional, part of systems. In addition, the use of extensions modularizes and standardizes features such as encryption.

This modular approach with standard extensions allows for more portable code, eliminating SoC vendor lock-in and enabling OEMs to use similar SoCs from other vendors without requiring a major system migration effort. Modularity also impacts tool selection as OEMs can use their tools-of-choice without being locked into a particular platform.

Modularity helps create a clean separation between hardware and software as outlined by functional safety standards like ISO 26262 that require documentation of hardware-software interfaces (HIS). The open standard, modular approach of RISC-V facilitates compliance by clearly defining core ISA functionality and optional extensions so development teams can document safety-related custom extensions while maintaining standard interface specifications for the base architecture. This, in turn, simplifies requirements traceability and verification processes.

Figure 2: A complete SoC can be designed using only RISC-V cores with the advantage of simplifying development to a single toolchain rather than require a different tool suite for each core. (Image: TASKING)

The modularity of RISC-V extends to multicore implementations. Instead of using many different cores with different ISAs for dedicated functionality, a complete SoC can be designed using only RISC-V cores (see Figure 2). This has the advantage of simplifying development to a single toolchain rather than require a different tool suite for each core.

Figure 3 - With a virtual ECU (vECU), developers can scale virtual implementations into the cloud to accelerate iterative testing and analysis such as measuring WCET to verify deterministic system operation. (Image: TASKING)

The availability of virtual models of RISC-V-based SoCs accelerates development by enabling early design space exploration, system evaluation, and validation. For example, with a virtual ECU (vECU), developers can build code with TASKING’s RISC-V compiler and execute it under the control of the TASKING winIDEA debugger (see Figure 3). In addition, developers can scale virtual implementations into the cloud to accelerate iterative testing and analysis such as measuring WCET to verify deterministic system operation using TASKING’s advanced test tools. All this work can be done pre-silicon, before hardware is even available.

Developers can use a graduated approach for simulation, beginning with models, moving to simulated hardware and eventually target hardware once it is available. The ability to use the same toolchain from vECU to physical hardware allows developers to maintain a consistent and deterministic DevOps workflow. In addition, all test scripts developed pre-silicon using virtual implementations can be leveraged and reused without modification once silicon becomes available (i.e., artifact reuse across several lifecycle phases). This also has the benefit that verification and certification can start at the earliest stages of development. The sooner potential issues can be identified, the faster and with less they can be resolved.

This “Left-Shift” approach to development helps reduce the cost and risk associated with certification. For example, with TASKING’s integrated toolchain design flaws can be detected before hardware manufacturing begins and the cost to make major architectural changes increases. Similarly, developers can validate architecture choices earlier so OEMs can be confident in their designs sooner. Early testing also increases overall test coverage, increasing confidence in systems.

Simplified Certification

In December 2025, Qualcomm acquired Ventana Micro Systems, a chip design company that develops server processors based on the RISC-V architecture. The deal marked another indication of how RISC-V adoption and development are accelerating. Pictured here is their Veyron V2 processor. (Image: Ventana Micro Systems)

RISC-V’s open architecture provides options for implementing dissimilar redundancy strategies for systems that must achieve DO-178C Design Assurance Level A (DAL-A) certification. Engineering teams can deploy varying processor configurations within a single system or use different RISC-V vendor implementations while preserving architectural consistency. Additionally, they have the flexibility to integrate diverse architectures in mixed-criticality systems where safety requirements and certification levels vary across components. These implementation approaches minimize the complexity of certification evidence required to demonstrate protection against common-mode failures.

The growing number of pre-certified RISC-V IP cores from established vendors, including Synopsys, Microchip, SiFive, and CAST, also significantly reduces certification overhead. These components integrate essential safety features such as advanced error detection and correction mechanisms, sophisticated watchdog timers, and robust memory protection units. Implementation teams can leverage existing certification documentation when using these pre-certified cores, reducing compliance effort. For specialized applications, suppliers such as Microchip and Frontgrade Gaisler provide radiation-hardened RISC-V hardware designed specifically for space.

Furthermore, the modularity of RISC-V enables portable code, allowing OEMs to leverage a wider range of software libraries and tools. Because architectures are standardized and not unique, it is easier for vendors to certify tools and libraries. This mix of industry support, technical guidelines, and certification tools accelerates RISC-V adoption in safety-critical systems, making it an attractive option for organizations developing next-generation applications.

RISC-V presents an opportunity for military and aerospace OEMs. With security and safety built into the core architecture, RISC-V provides a firm foundation upon which to build reliable, real-time embedded systems. The open modularity of RISC-V ensures that OEMs have access to the SoCs and toolchains of their choice, eliminating vendor lock-in and simplifying certification while reducing cost and risk. Instruction fusion at the microarchitecture level improves performance, power efficiency, and determinism. And with the right integrated toolchain, developers can optimize the certification process while maintaining robust safety, security, and reliability standards.

This article was written by Jay Thomas, Senior Director, Field Engineering, TASKING, and Gerard Vink, TASKING (Birkenhead, UK). For more information, visit here .