Summary: Research at RSRE has revealed significant problems in the use of commercial microprocessors in safety critical equipment. The difficulties arise from the imprecise documentation of the instruction sets by the microprocessor manufacturers and changes in internal design and external functionality during the years a popular device is marketed. To meet certain defence needs, RSRE is conducting research on formal methods of design and implementation of VLSI chips which provide simple processing capability and can be proved to be functionally correct. The first product of this research is a new 32-bit microprocessor architecture, called VIPER, which is described in outline in this paper. Although the primary application of such high integrity devices is in the defence field it is believed that they would be of great value in civil aviation, both in fast control loops in aircraft and in the control of critical DVOR/ DME, ILS and MLS transmitters on the ground.