As a controller of a safety system, the E.C.U. of an antiskid system must give all the guarantees of safety with respect to external interferences or its own eventual failures, but also it must be able to detect failures in the other parts of the system in order to warn the driver and place the system in the configuration preserving the greatest safety. The synthesis of the self-testing performed by the E.C.U. guarantees the reliability of the function and gives, in case of failure, the necessary information for a quick repair of the system: it is the self-diagnostic feature of the system.Bendix has chosen, for its third generation antiskid system, to devote a large part of the hardware and software in the E.C.U., to achieving the maximum safety and a full and reliable self-diagnostics.The architecture of the E.C.U., based on two microprocessors of different nature checking back other mutually, has been derived by an analysis of the possible failures in the control logic and of the criticality of the consequences with respect to the function of the system.Tests are performed on every sensor and actuator by the E.C.U. In case of a failure, the vehicle driver is warned and a particular failure mode is adopted by the E.C.U., depending on the component which has failed but also on the nature of this failure. The software has an important role in the detection of failures: it enables in direct checking, which is not only based on measured values of voltages and currents, but also on the global coherency of the information received by the E.C.U. By a high level of filtration, the software also avoids false detection of failures which would quickly degrade the reliability in a noisy environment.The self-diagnostic function is based on the existing detailed results of the self-tests contained in the internal memory of the E.C.U., completed by a possible dialogue at two levels: A visualisation of the flashing of the function lamp, of a reduced number of codes can be read without any special equipment. A serial link channel by which it is possible to access complete diagnostic data with an external diagnostic tool. Special procedures allow test sequences to be generated in the system or other information to be accessed, such as memorized temporary failures.