Functional Safety

Functional safety means that a system, plant or device functions safely without posing an unreasonable risk to people, property or the environment. It focuses on the identification, development, and implementation of safety measures to reduce the risk of hazards and accidents caused by malfunctions or failures in the operation of a system.

In order to ensure functional safety in various industries, different standards were derived from the basic functional safety norm IEC 61508. They meet the requirements and specifications of the individual industries.

The most common norms derived from IEC 61508 are listed below.


IEC 61508, entitled “Functional safety of electrical/electronic/programmable electronic safety-related systems”, is an international standard that regulates functional safety in various industries such as the automotive, aerospace, manufacturing, and process industries.

The standard provides a comprehensive framework for the management of functional safety, focusing on the development of safety-related systems and the reduction of risks associated with potential hazards.

The most important aspects of IEC 61508 include:

  • Safety Lifecycle: The standard defines a safety lifecycle that includes various phases such as concept, requirements, design and implementation, operation, maintenance, and decommissioning.
  • Safety Integrity Levels (SIL): The Safety Integrity Levels quantify the reliability requirements for safety functions within a system. SIL 1 is the lowest level and SIL 4 the highest.
  • Safety functions: Functions are defined as safety functions in order to achieve or maintain a safe state. Guidance is provided on the identification, specification, and implementation of safety functions to achieve the desired level of risk minimization.
  • Safety Requirements: Requirements are specified to ensure the safety of systems, including hardware and software design, validation and verification, management of systematic failures and documentation.
  • Verification and Validation: The standard emphasizes the importance of verification and validation of safety-related systems to ensure that they meet the specified safety requirements. It contains guidelines for carrying out verification and validation activities throughout the entire life cycle.

Various specified standards have been derived from IEC 61508 and are used in different industries. One example is ISO 26262, which is used in the automotive sector, or ISO 25119, which describes the safety requirements for tractors and machines in the agricultural machinery sector. ​

ISO 26262 is an internationally recognized standard that deals with the functional safety of electrical and electronic systems in motor vehicles. Its main objective is to reduce the risk of malfunctions in these systems to ensure the safety of vehicles and their occupants. The standard defines a structured development process that includes various phases such as concept development, system design, implementation, and verification. Risk assessments are also carried out to identify and evaluate potential hazards.

A central concept in ISO 26262 is the classification of the safety integrity of systems using Automotive Safety Integrity Levels (ASIL A-D). This classification enables a differentiated consideration and treatment of risks, with ASIL D representing the highest requirements. The standard also places requirements on management, organization, and quality management throughout the entire development process.

Compliance with ISO 26262 can be certified and is often a prerequisite for the market approval of vehicles for both original equipment manufacturers (OEMs) and suppliers.

Overall, the standard represents an important step towards improving the functional safety of vehicles and increasing consumer confidence in the safety of motor vehicles. ​

Safety Of The Intended Functionality (SOTIF) covers risks that arise from an intended system function, for example taking into account the environment or situational influences.

From an SAE automation level of one or higher, consideration based solely on ISO 26262 is no longer sufficient – here SOTIF is also taken into account during development. ISO 21448 focuses precisely on these aspects and offers a systematic approach to identifying these risks and developing countermeasures. As with ISO 26262, the aim of SOTIF is to reduce the inappropriate risk to an acceptable level.

ISO 21448 describes a complete process that runs parallel to the functional safety procedure described in ISO 26262 and established in practice. The increasing number of driver assistance systems with a corresponding SAE level underlines the relevance of SOTIF for the engineering process of current and future development projects. ​

DIN EN 50126 entitled “Railway applications – Specification and verification of reliability, availability, maintainability and safety (RAMS)” is an international standard developed specifically for the railroad industry. It provides a structured and systematic approach to the management of RAMS aspects of railroad systems and equipment throughout their life cycle.

The standard covers different phases of the life cycle, including concept, design, development, testing, operation, maintenance, and decommissioning. It emphasizes that RAMS requirements should be considered in the early stages of system development and implemented throughout the operational life of the system.

Overall, the EN 50126 aims to ensure the safety, reliability, availability, and maintainability of railroad systems, thereby reducing the risk of accidents and incidents while improving system performance and efficiency. It provides a comprehensive framework for railroad operators, manufacturers and other stakeholders to effectively manage RAMS aspects and improve the overall quality and safety of railroad operations. ​

DIN EN 60601, entitled “Medical electrical equipment – Part 1: General requirements for safety and essential performance”, is an international standard that regulates the safety and essential performance of medical electrical equipment. It provides a comprehensive framework for ensuring the safety of patients, operators, and other persons who come into contact with medical devices in the healthcare sector.

The standard describes requirements for the design, testing, and documentation of medical electrical equipment to minimize potential risks and hazards associated with its use. This includes considerations for electrical safety, mechanical safety, electromagnetic compatibility (EMC), and software safety.

Compliance with EN 60601 is essential for manufacturers of medical electrical equipment to meet legal requirements and obtain approval for their products. It demonstrates a commitment to ensuring the safety and effectiveness of medical devices, contributing to the overall quality of patient care and healthcare.

In summary, EN 60601 plays an important role in setting safety standards for medical electrical equipment. It provides manufacturers with guidelines and requirements for the development, testing and documentation of devices that meet the essential safety and performance criteria for use in the healthcare sector. ​


Are you about to undergo a safety audit for IEC 61508, ISO 26262 or DIN EN 50126? We have compiled the most frequently required evidence for you.

Please note that these lists are not exhaustive. They are intended to give you a first impression. The exact documentation required will vary depending on the complexity of the project.

In any case, we recommend that you take another look at the relevant standard yourself and also discuss it with the audit company you have commissioned.

Updates | Safety Management

Do you have questions about Functional Safety, or are you considering hiring external support?

Please feel free to contact me at any time. Click on the button below and easily choose a time slot so that we can discuss your project without obligation and free of charge.

Schedule appointment

Philipp Hofmann
Head of Safety Management