With the application of real-time databases and the intrusion of malicious transactions, it has become increasingly important to model the ability of real-time database intrusion tolerance and effectively evaluate its survivability. Based on the features of transaction and data for real-time database system, an intrusion tolerant architecture has been proposed for real-time database system. Considering factors such as intrusion detection latency and a variety of parameters for real-time, Semi-Markov evaluation model for survival assessment is established. Based on this model, relevant quantitative criteria are made to define the important indicators of survivability, such as integrity and availability, so as to validate intrusion detection capability and the survivability of real-time database. The three important factors of false alarm, detection rate and the intensity of attack are analyzed in detail by the TPC-C benchmark. Experiments show that the model can accurately predict the behavior of real-time database. The real-time database following the model can still provide essential services when facing attacks and the basic survival characteristics will not be seriously affected.