Functional Safety (FuSa)
What do you have to consider if you want to develop safety-relevant systems with hardware and software? How can a functional safety process be optimally integrated into existing development processes? How do you use modern statistical methods to provide quantitative proof of safety?
Some of our IQZ experts can look back on more than 15 years of experience in the field of functional safety and will be happy to help you meeting the challenges mentioned above. Are you facing the task of integrating FuSa into a development project for the first time? No problem: During the project we work on an optimal organizational and process development and support you operationally in therelevant activities. This “accompanied learning to walk” gives you the opportunity to integrate FuSa into a development project without any previous knowledge. We can also fulfill the role of an external Functional Safety Manager, for example. With increasing know-how in your company, we withdraw more and more; you determine the degree of support. But even experienced customers trust us when it comes to an operational support in critical projects or the implementation of complex statistical methods. Due to our intensive research in the field of autonomous driving, we are also familiar with state-of-the-art methods.
We will be happy to help you with questions on the subject of functional safety, so that your products become even better, true to the motto “Safety must not be a coincidence!”.
Our Service(s):
- Advice on the application of standards (inter alia IEC 61508, ISO 26262, ISO 13849)
- Gap analysis
- Support in the development and introduction of individual processes
- Support in safety management (e.g. safety plan, safety case, DIA, tool qualification, customer communication)
- Creation of safety concepts (functional and technical)
- Taking over the role of Safety Manager
- Training of involved personnel
- Method consulting and training
- Moderation of risk analyses (HARA)
- Moderation of safety analyses, e.g. FMEA, FMEDA, FTA, DFA
- Support in determining quantitative failure data from own field data or according to internationally recognized standards
- Conducting confirmation reviews
- Advice on proven in use argumentation
- Support in setting up and establishing a corresponding process structure
- Method training
Our References
- Safety Manager for various sensor developments
- Safety Manager for sliding door development
- Safety engineering in a development project for automated driving
- Development of an approach for proven in use argumentation for a supplier
- Method support for safety verification in various development projects with suppliers and OEMs
- Process consulting for the development of a FuSa management system at the supplier’s site
- Implementation of confirmation measures at suppliers
- FuSa training with suppliers
- Method training with suppliers and OEMs
- Coaching of persons involved with the supplier
OnePager Functional Safety
What is Functional Safety?
Nowadays we rely on the correct functionality of electronic and software-based systems in almost all areas. Manufacturers and suppliers have to prove that their products do not pose any risks and that the products also perform the required function as desired. Many industries have corresponding guidelines and standards that address specifications and requirements for development and beyond. For example, is your company a specialist for automotive electronics, electronic systems or components for safety-critical automotive applications? Then you fall within the scope of ISO 26262, for example, the automotive-specific body of standards for the functional safety of E/E systems, which has reflected the state of the art since 2011 and was published in its 2nd edition in December 2018. Just like the basic safety standard IEC 61508, ISO 26262 uses a so-called safety life cycle (see following figure as an example from ISO 26262) as a framework to systematically record those activities that are necessary to ensure the functional safety of safety-related E/E systems.
As part of the development of an automotive product (see simplified V-model below), you will be confronted with various challenges and tasks in which we will be happy to support and advise you.
One of the primary objectives of the aforementioned basic safety standard IEC 61508 is to enable the derivation of sector-specific derivatives that better reflect the particularities of the relevant industry. In the course of time, this has already been done for many fields of application, as shown in the following figure.
All standards have one thing in common: (Functional) safety must not be a coincidence!
Portfolio of Methods
PAAG / HAZOP
The PAAG procedure (HAZOP, Hazard and Operability) is a systematic procedure (inductive) for determining hazards in order to get to the bottom of the respective causes and effects and to develop suitable countermeasures (see also DIN EN 60300-3-1). PAAG stands for prognosis, finding the cause, assessment of the effects and countermeasures. The basic idea behind the PAAG procedure is comparable with the FMEA, but in contrast to the FMEA it uses defined keywords (e.g. no, more, less, partly …) to determine deviations from the target function of the unit under consideration.
The PAAG process is therefore particularly suitable for hazard analysis in the process industry, but can still be applied to all areas of technology. The benefit of the process lies in the early detection of deviations, hazards and weak points as well as the documentation of the product development or process planning status (product knowledge in general).
Selected references:
- Preparation of the reliability concept for a power supply of a safety-critical infrastructure
- Hazard and safety analysis to assess the hazard potential and to increase the process-related operational safety of fuel cell heaters
Your challenges:
- In the context of a new development or a change of operation, is a risk analysis necessary?
- In the recent past, for example, have malfunctions or incidents occurred?
We offer you the necessary tools, support you in the application and creation of the necessary documents – contact us, we will be happy to help you.
Event tree analysis
The Event Tree Analysis (ETA) (see also DIN EN 60300-3-1) is suitable for mapping event chains based on an initial event (inductive). It is used to map and investigate all possible paths of subsequent events (e.g. accident sequence scenarios), their sequence and the most probable sequence.
In practice, event tree analysis is often combined with fault tree analysis (FTA), e.g. as part of quantitative risk analysis (QRA). The security levels contained in the system (Layer of Protection) are mapped in the event tree. The probabilities with which the event sequences (e.g. failure of a safety level) are followed in the event tree can be determined on the basis of methods such as fault tree analysis or Monte Carlo simulation (MCS).
Selected references:
- Creation of the reliability concept for a power supply of a safety-critical infrastructure
- Hazard and safety analysis to assess the hazard potential and to increase the process-related operational safety of fuel cell heaters
Your challenges:
- Your system has several layers of security (Layer of Protection), which are difficult to fully map using methods such as FMEA or fault tree analysis?
- Within the framework of a site-specific hazard & risk assessment, are incidents to be investigated on the basis of the hazard potential?
- In the recent past, for example, there have been incidents/incidents?
We offer you the necessary tools, support you in the application and creation of the necessary documents – contact us, we will be happy to help you.
Fault tree analysis
Fault Tree Analysis (FTA), according to DIN EN 61025 also Fault State Analysis, can be used as a safety and reliability analysis for plants and systems of all kinds, including Common Mode Failures and Human Errors. This is a deductive analysis based on Boolean algebra. The logical connections of component or subsystem failures that lead to an unwanted event (top event) are determined (see next figure presenting an example fault tree). The results of the analyses enable a system assessment with regard to reliability, availability and safety.
The following figure shows the representation of a series and a parallel system as a reliability block diagram and as a fault tree. For the parallel system, basic event 1 AND basic event 2 must occur for the top event to occur. The top event on the production system is taken by the occurrence of basic event 1 OR basic event 2.
Picture: Fault Tree Analysis Basics
The objectives of theFTA are detailed:
- The systematic identification of all possible failure causes and failure combinations that lead to an undesirable event.
- The determination of reliability parameters (e.g. occurrence frequencies of the failure combinations, occurrence frequencies of the undesired event or non-availability of the system in case of requirements).
- The creation of the graphical representation in a kind of tree structure (logical switching network) with input and output variables.
- To compare different design proposals by probabilistic reliability and safety predictions, to point out weak points, to analytically prove required reliability and safety requirements.
The FTA is particularly suitable for the reliability and safety relevant representation and analysis of large complex systems, which usually consist of thousands of minimum sections (these are event combinations, which lead to the undesired top event). The creation and evaluation is computer-aided accordingly.
Further information on the system considered during the FTA can be obtained via importance measures. These evaluation parameters can be used to determine the influence of individual basic events (often component failures) on the reliability or safety, in order to objectify and quantify issues such as system optimization, vulnerability analysis, error detection or maintenance strategies.
IQZ employees use qualitative and quantitative fault tree analyses, among other things in the area of functional safety, in order to obtain initial estimates of the probability of a defined top event occurring at a very early stage of the product development process. The software-supported creation and calculation allows different system configurations to be compared with each other in order to achieve optimum safety, reliability and cost-effectiveness.
As a basis, IQZ can access all common failure rate databases. In addition, the use of the Wuppertaler Zuverlässigkeitsprognosemodell enables the inclusion of customer-related failure rates
Get in touch with us!
You’ve got questions about functional safety?
Feel free to contact Marco Schlummer!
Telefon: +49 (0)202 – 515 616 93
Mail: schlummer@iqz-wuppertal.de