27
November 17
s
afety
& s
eCurIty
At first sight there are many standards
related to functional safety. These standards
have many similarities and differ often only
slightly, e.g. in definitions. The most import-
ant standard is the IEC/EN 61508. This fun-
damental Functional Safety standard for E/E/
EP (electrical, electronic or programmable
electronic) applications harmonized former
safety standards. This standard is usually the
basis for Functional Safety developments and
expanded by additional industry sector spe-
cific standards. Some of these additional stan-
dards are directly referred as an adaption or
expansion of the IEC 61508.
Developing a safety application, especially
with embedded systems inside, can be very
complex. Historically, a lot of safety critical
systems established safety simply by physical
separation. In case of a not present separation
like an opened access or flap the complete sys-
tem was also physically separated from elec-
tricity. This guarantees a really high safety but
can be quite inefficient from the productivity
point of view and also expensive.The target of
modern safety applications is to combine ade-
quate functional safety with high performance
of the system. A safety developer is always
confronted with the compromise between
functional safety and availability. Usually a
higher availability and high performing system
increases the complexity and the needed efforts
of functional safety considerations. Therefore,
a detailed hazard and risk analysis has to be
done. The goal is to identify every potential
failure, understand the consequences of it, esti-
mate the probabilities of its occurrence, and
lastly to identify countermeasures to detect any
occurrence of each risk. For a safety analysis of
a system all components and their interactions
have to be considered. This includes the hard-
ware components, the hardware design and
also the application software. Based on this
safety analysis countermeasures of all critical
failure scenarios can be made.
Additionally, it is very important to get a com-
plete understanding of the timings of a safety
critical application. It is mandatory to under-
stand in which time failures could occur and
fit the timing of needed countermeasures.
Here the so-called Process Safety Time (PST)
related to the application has to be evaluated.
This is the minimum time in which a fail-
ure leads to a hazardous event and for sure
the needed countermeasure has to be faster.
Looking on the variety of safety applications
the PST can be in a lower millisecond range
up to even multiple seconds. In a safety analy-
sis the big picture always has to be understood
with all its critical and partially high com-
plex components. In modern systems one of
the most critical and complicated hardware
components are complex ICs and especially
microcontrollers (MCUs).
In almost every modern electronic appli-
cation a kind of MCU is integrated. All the
different flavours of MCUs have in common
that they usually are the complex heart of the
Figure 1. Functional Safety Standards
