Functional safety is achieved when every specified safety function is carried out and the level of performance required of each safety function is met. This is normally achieved by a process that includes the following steps as a minimum:
- Identifying what the required safety functions are. This means the hazards and safety functions have to be known. A process of function reviews, formal HAZID, HAZOP and accident reviews are applied to identify these.
- Assessment of the risk-reduction required by the safety function. This will involve a Safety Intgrity Level (SIL) or performance level or other quantification assessment. A SIL (or PL, AgPL, ASIL) applies to an end-to-end safety function of the safety-related system, not just to a component or part of the system.
- Ensuring the safety function performs to the design intent, including under conditions of incorrect operator input and failure modes. This will involve having the design and lifecycle managed by qualified and competent engineers carrying out processes to a recognised functional safety standard. In Europe, that standard is IEC EN 61508, or one of the industry specific standards derived from IEC EN 61508, or some other standard like ISO 13849.
- Verification that the system meets the assigned SIL, ASIL, PL or agPL by determining the meant time between failures and the safe failure fraction (SFF), along with appropriate tests. The SFF is the probability of the system failing in a safe state: the dangerous (or critical) state states are identified from a failure mode and effects analysis or (failure mode effects and criticality analysis) of the system (FMEA or FMECA).
- Conduct functional safety audits to examine and assess the evidence that the appropriate safety lifecycle management techniques were applied consistently and thoroughly in the relevant lifecycle stages of product.
Neither safety nor functional safety can be determined without considering the system as a whole and the environment with which it interacts. Functional safety is inherently end-to-end in scope.