The FAA (US) and JAA (European) certification authorities impose high demands on the reliability of safety-critical aircraft systems. The high degree of reliability is typically achieved through the use of physically redundant components. Commercial aircraft such as the Boeing 777 have redundant control surfaces, sensors, processors, hydraulic lines, and communication networks. This talk will first review the design challenges associated with redundancy management for commercial aircraft. One drawback of physical redundancy is the increased size, cost, weight, and power requirements. Some aircraft, e.g. unmanned aircraft, cannot be designed to meet the conflicting design requirements imposed by the use of physical redundancy for reliability. Model-based fault detection provides an alternative means to achieve high levels of reliability without using redundant physical hardware. These analytical methods detect faults using dynamic models to relate the behavior of various subsystems and sensor measurements. A major obstacle to the use of analytical fault detection in aerospace systems is the lack of appropriate tools to analyze and certify the performance of these systems. The second part of the talk will describe a mathematical framework that can be used to analyze the performance of safety-critical systems that rely on analytical redundancy.