Functional safety, or FuSa, is a term that we’re increasingly discussing with our customers and prospects, particularly in association with automotive and autonomous vehicles. Imagination is now on a journey that will ensure that it can offer its customers FuSa certifiable or FuSa certified IP in the automotive space. However, while automotive gets much of the attention it’s important to acknowledge that FuSa doesn’t just apply to the automotive industry. Other industries, such as aviation, marine, industrial and healthcare, are also benefiting from system, device, machine and equipment safety.
Functional safety provides assurance for safety-related functions within the product itself. Safety mechanisms built into the product can reduce the probability that a hazard will occur by detecting a fault and, if possible, maintain or return the system to a safe state. A good example would be the detection of smoke by a fire alarm and the activation of sprinklers or other firefighting initiatives to stop the fire spreading.
Today, safety is one of the most rapidly growing areas of importance in automation. To be successful it needs to be considered from the outset as an integrated part of the design and development process for systems, devices and machinery, not an after-thought added just to meet regulations. With this in mind, let’s look at how other industries aside from automotive are embracing functional safety.
Medical devices are among the most highly regulated technology in the world. A single failure could mean the difference between the life and death of a patient.
The World Health Organisation has recommended that governments worldwide make national regulations for medical devices a key part of their overall national health systems. In Europe, all medical devices must meet the EU Medical Device Regulations and safety standards such as ISO 14971 and IEC 60601.
ISO 14971 establishes the requirements for risk management to determine the safety of a medical device by the manufacturer during the product lifecycle. It also specifies a procedure for review and monitoring during production and post-production. IEC 60601 adds requirements for specific use cases.
Software has become more prominent in electrical medical devices in recent years and because it is developed differently to hardware it required its own standard: IEC 62304.
FuSa in healthcare ensures that any given device functions correctly in response to inputs. For example, if an infusion pump malfunctions, FuSa protocols ensure that alarms are activated to signal the malfunction and if relevant, the pump is deactivated to protect the patient from harm through over-dosing. A different set of safety protocols ensures that a patient only receives exactly the programmed dose of medication, but no more.
Industry 4.0 offers a new vision for the factories of the future and in these factories, safety is critical.
The basic FuSa standard for industry is IEC 61508. The first revision of this standard was published in 1998, with revision 2 in 2010 and work is now underway to update to revision 3 for 2020. Since the first edition of IEC 61508 was published in 1998, it has been adapted to suit fields such as automotive (ISO 26262), process control (IEC 61511) programmable logic controls (IEC 61131), machinery (IEC 62061), variable speed drives (IEC 61800) and many other areas.
A key idea in Industry 4.0 is that of cyber-physical systems (CPS). A CPS consists of “smart machines, storage systems, and production facilities capable of autonomously exchanging information, triggering actions, and controlling each other independently,” according to the International Electrotechnical Commission. Put simply, everything is intelligent, instrumented, and interconnected.
With sensor fusion and data analytics, new insights will be gained, including preventative maintenance based on diagnostics gathered from smart instruments and its analysis in the cloud.
FuSa has a lot to offer Industry 4.0, not just because safety is a critical element of future factories, but also because the functional safety process offers techniques that ensure diagnostics, reliability, resilience, and redundancy.
The aerospace and aviation industry naturally have high standards for safety and security. DO 178C is the primary document for certification authorities such as the Federal Aviation Administration (FAA) and European Aviation Safety Agency (EASA) to approve all commercial software-based aerospace systems.
The DO 254 provides guidance for the development of airborne electronics hardware such as field-programmable gate arrays (FPGAs), programmable logic devices (PLDs) and application-specific integrated circuits (ASICs). There are five levels of compliance, going from A through E, which depend on the effect a hardware failure would have on the operation of an aircraft. Level A is the most stringent and defined as catastrophic, meaning the loss of the aircraft, while a failure of Level E will not affect the safety of the aircraft.
The maritime industry plays a key role in enabling international trade in goods while making an important contribution to the economy. The UK’s maritime sector, for example, generated £14.5 billion in 2016 and supported almost 190,000 jobs according to the Department for Transport Annual Report 2017-18.
As with other forms of transport, navigation is one of the main use cases but the huge scale of shipping, the hazardous and polluting nature of cargoes and the small margins for error amplify the challenge. Internationally agreed rules outline what types of ship must give way to others and provides a good framework within which to operate but when failures of systems, people or technology happen, a major accident can quickly escalate.
SOLAS Chapter V Regulation 19.2 requires that all ships on international voyages are fitted with an electronic chart display and information system (ECDIS), a geographical information system for nautical navigation that complies with International Maritime Organisation (IMO) regulations. An ECDIS system displays the information from electronic navigational charts (ENC) or digital nautical charts (DNC) and integrates position information from position, heading and speed through water reference systems and optionally other navigational sensors. ECDIS systems need to meet international regulations and comply with standards such as IEC 61174.
Looking to the future, for autonomous and remotely operated ships to be approved for commercial use, they will need to be at least as safe as conventional vessels. It is expected that future regulations will require control and navigation systems for autonomous ships to be certified according to functional safety requirements.
A future with FuSa
As technology becomes ever more ubiquitous and automated, safety will play an even more crucial role. Ultimately, any device that interacts with people will need to be FuSa certified – vehicles, aeroplanes, boats, drones, medical robots, and industrial robots just to name a few – to mitigate risk and protect people from harm. Manufacturers and their suppliers will need to prove that despite increasing complexity, their electronic systems will deliver the required functionality safety and reliability.
As a supplier of the fundamental building blocks of the technologies used in the industries and devices discussed above, Imagination has been drawing on its 15-year experience of supplying to the automotive industry to embed safety by design inside its IP. Since the creation of the relatively new ISO 26262 standard in the automotive industry, Imagination has been participating in the development of that standard and the work in the Safety Critical and Security Software community to help our partners and customers enhance their products with our key elements.