From modern cars to airplanes to industrial plants, many applications that must execute in a timely manner are deployed on distributed systems. In case of safety-critical applications, like the anti-lock braking system of a car, the underlying system must tolerate inadvertent environmentally-induced faults to guarantee user safety. Since such systems often operate at high frequencies, fault-induced failures have to be masked through active replication. Furthermore, before such a system is deployed, it typically has to be analyzed w.r.t. its runtime, safety guarantees, etc. This is required for common safetycertification standards such as the DO-178C standard for aviation or the ISO 26262 standard for automotive systems. To ease the development of such systems, our goal is to design a fault-tolerant middleware on which real-time control applications can be effortlessly replicated, that respects realtime and low-latency requirements, and whose reliability can be analyzed a priori for the purpose of safety certification.