Lessons Learned from Functional Safety Standards: IEC 61508

Understanding IEC 61508: The Safety Lifecycle

IEC 61508 introduces the concept of the safety lifecycle, a structured engineering process designed to minimize design errors and manage risks throughout the life of a system. The lifecycle is divided into three main phases:

• Analysis (Phases 1–5): Concept, risk assessment, and specification.

• Realization (Phases 6–13): Design, implementation, verification, and validation.

• Operation (Phases 14–16): Operation, maintenance, and decommissioning.

Embedded Development Process Under IEC 61508

1. FSM

In embedded development, the journey to functional safety begins with Functional Safety Management (FSM) rather than direct hazard and risk assessment. FSM ensures that all activities, responsibilities, and processes are systematically managed to achieve and maintain functional safety throughout the product lifecycle.

• Establish a Safety Management System: Set up documented processes and structures for managing functional safety.
• Define Roles and Responsibilities: Clearly assign and communicate safety-related tasks within the team.
• Competency Management: Ensure all personnel involved are trained and qualified for their roles.
• Safety Planning: Develop and maintain safety plans that guide all activities and resources.
• Configuration and Change Management: Control and document all changes to hardware, software, and documentation.
• Supplier and Subcontractor Assessment: Integrate third parties into the FSM process and monitor their performance.
• Incident and Near-Miss Reporting: Encourage a culture of reporting and learning from incidents.
• Audit and Review: Regularly review the FSM system to ensure compliance and improvement.

2. Functional Safety Requirements Specification

• Document Requirements: Clearly specify all safety functions, performance criteria, and environmental constraints.

• Traceability: Ensure every requirement is traceable throughout the lifecycle, from design to decommissioning.

3. Hardware Development

• Architectural Design: Implement redundancy, fault tolerance, and diagnostics to meet the required SIL.

• Quantitative Analysis: Calculate failure probabilities (PFD/PFH) and ensure safe failure fractions are within acceptable limits.

• Qualitative Measures: Address architectural constraints, such as hardware fault tolerance and safe failure fraction.

4. Software Development

• Lifecycle Management: Follow a defined software safety lifecycle, including planning, specification, design, implementation, verification, and validation.

• Coding Standards: Use strict coding guidelines (e.g., MISRA C, AUTOSAR C++) to ensure deterministic, robust, and maintainable code.

• Verification & Validation: Employ rigorous testing, static analysis, and formal verification where appropriate to demonstrate compliance with safety requirements.

5. Integration and Validation

• System Integration: Combine hardware and software components, verifying that the integrated system meets all safety requirements.

• Validation: Conduct end-to-end testing and validation to ensure the system performs its intended safety functions under all specified conditions.

• Risk Analysis with HAZOP and FMEA: Use HAZOP and FMEA methods to systematically identify and address potential risks during integration and validation.

6. Operation, Maintenance, and Modification

• Operational Procedures: Define and document procedures for safe operation, maintenance, and proof testing.

• Change Management: Implement robust configuration and change management processes to maintain safety integrity throughout the system’s operational life.