The SIFT computer and its validation methodology represent a state-of-art approach to autonomous fault-tolerant computing for critical control systems. The design was strongly influenced by the intended application (flight control for advanced commercial air transports), but the emphasis on simplicity and provability has general value.
Jack Goldberg, Jack Goldberg,
"The Software-Implemented Fault Tolerance (SIFT) Approach To Fault Tolerant Computing", Proc. SPIE 0298, Real-Time Signal Processing IV, (30 July 1982); doi: 10.1117/12.932540; https://doi.org/10.1117/12.932540