Author: indx-smx

Functional Safety is safety captured in instructions. Instructions for operating a machine, instructions for driving a car, directions for assembling a bicycle. These instructions can be written in a natural language, like English or Japanese, and executed by humans, or captured in software code to be run on a computer.

It is safety in design and execution:

  • Execution controlled most often by software, programming or, for humans, via work-, assembly- or process-instructions,
  • directing actions of and movement within and by, devices, products, equipment, machinery, and/or people,
  • which could be harmful to people, animals, pets, or the environment,
  • if not monitored for the appearance of hazards, which are most often failures in computing, interface, sensing, actuating hardware, wiring and cable, or a failure to follow instructions,
  • but could be other sources of harm, such as the COVID-19 virus or other natural phenomena,
  • or in the development of software (bugs), or those instructions.

As opposed to safety in design and construction, which is:

  • safety of parts, components, and assemblies, and
  • the devices, products equipment, machinery, and facilities made from them,
  • ensured primarily by considering carefully the characteristics of materials used,
  • in order to safely accommodate their strengths and weaknesses.

Techniques and methods for ensuring safety in design and construction are associated with, and specifically taught to students of, traditional engineering disciplines including civil, mechanical, electrical and electronic engineering. Practitioners within these disciplines inherently study failure conditions, failure modes and mitigation of failures as a core part of their curriculum.

Those for ensuring safety in execution have traditionally as well — until the advent of software. This is because software never fails, i.e. it always executes the instructions it captures precisely and identically each time, and never fails to do so. Because of this software engineers, and those who create work instructions, are often not adequately trained in how to handle failures, and how to anticipate, to detect, and to compensate for them.

For this reason Functional Safety is a necessary and useful concept in safety analysis, and the development and deployment of safety solutions.

International Standard ISO-26262 encapsulates an approach for designing and deploying Functional Safety in electronics used in Automotive applications. There are also several others which cover Off-Highway, Aerospace, Rail and Consumer Products. All have been written to help keep people safe.

Managers and executives have many responsibilities, the most important of which, on a day-to-day basis, is ensuring that their products and/or services do no harm when accessed, or are in use, by their customers.

However just as fundamental is the responsibility to ensure that all people are safe, not just customers and clients but a company’s staff and personnel, associates, suppliers, and visitors, and many, many more. In the end a safe business is a viable one.

Although safety is a special case of quality, unlike quality safety does not return dividends in immediate and obvious ways, unless you take the time to study the implications of not being safe. Accountants usually consider it to be an insurance policy, without which the prospect of litigation, and large payouts is significantly more likely. We agree, but it’s also much, much more.

It’s a critical responsibility for managers and executives, and a task requiring the help of professionals, because of the magnitude of the implications of falling short. We can help you deliver safety — safe products, safe services, safe equipment, safe facilities, safe processes, and, most importantly, safe people.

Stay safe!

Keeping people safe in an increasingly autonomous world

Autonomous conveyances, including but not limited to Automobiles, Other On-Road or Off-Road Vehicles, Vessels, Railway or Transit Vehicles, Aircraft, Drones, or Spacecraft, Transport Machines or Apparatus, are usually considered safety-critical because they are intended to operate in environments containing, and in doing so closely interacting with, humans, pets, other animals, and expensive infrastructure, vehicles or equipment, all of which must not be harmed as these conveyances operate.

It’s important therefore that a thorough safety analysis be completed for each autonomous control system design, and every design update, to ensure that safety is always fully present, that is, that all possible safety hazards that will be encountered are uncovered, considered and mitigated in that design.

We have many years of experience helping product development organizations with safety as prescribed under international standards such as ISO-26262, IEC-61508, MIL-STD-882, ISO-25119 and others. Autonomous control places additional requirements above and beyond these for consideration when designing an autonomous control system for these kinds of applications.

We have the experience to help. We can answer your questions about safety, how it applies, and how to ensure that it’s always present, no matter what unexpected situation your autonomous conveyance encounters.

Let’s talk.

Many safety challenges are seemingly beyond the ability of current methods to resolve, primarily because technologies to mitigate them have not yet been developed, are only now being conceived of, or are currently infinitely expensive. One important way to deal with these is to sneak up on them.

Sneaking up involves understanding the odds of hazards turning into disaster in detail (statistically), and driving them down to their lowest possible value. Mathematically there is still tiny risk that someone will be hurt, but practically — in the real world — it doesn’t happen because the circumstances for most disasters are so rare that they don’t come to pass over the time period being managed.

This only works if continuous improvement is foremost in the plans for the future. Successive design upgrades are required, each pushing safety a little further forward. Non-stop incremental improvement is critical to staying ahead. Without this push, if progress stagnates, statistics will catch up and a disaster will eventually occur.

It’s very important to stay ahead of the curve. It can be done most efficiently by improving a little at a time.

The world has changed, very suddenly. How do we handle it?

For many of us it’s asking a lot for us to join the effort to help subdue the coronavirus. Not just medical professionals, or first responders or supply chain specialists in the transportation of groceries — every retailer, restaurant owner, baker, manufacturer, hair stylist, farmer, and undertaker also needs to put in extra effort for it to be successful as well.

You’re probably saying to yourself “I didn’t sign up for this when I started this business (or, when I took this job)”. “How do I handle something so very foreign to what we normally do around here?“

This guide will help you. It’s designed to bring you peace of mind. In return however you’ll have to supply, and work with, more details than you’ve ever encountered before.

Always keep one thing in mind: Safety isn’t simply filling out a form, or checking a few boxes. Safety is buried in those details, every last one of them. So, it’s very important to understand exactly where things are going well, and where they’re not, before filling out the form or checking the boxes. The very smallest detail, if it’s not considered correctly, could hurt someone; and it often does.

We’re committed to helping sort out the details, finding the holes, making sure that you don’t miss any (not one), creating your plan for closing them, executing it successfully, publishing a COVID-19 Preparedness and Response Plan document if required, and oh yes, filling out and submitting the forms.

COVID-19 Preparedness and Response Planning is being seen as critical by the U.S. Occupational Safety and Health Administration (OSHA), and many state governments, prior to businesses and organizations beginning a Return-to-Work transition. Many third-party templates are being circulated as starting points for formal plans detailing this work.

Unfortunately most of them are lacking in the fundamental technical details of safety. As a consequence firms that use them as-is are taking on additional risk, technical, financial and legal.

Our introductory webinars provide a detailed overview of the technical foundations of safety analysis and safety solutions, as they apply to COVID-19 Return-to-Work. Consider attending one in the near future to bolster your confidence in your plan and the planning process that created it. And as always, consult your attorney for additional details on the legal aspects of COVID-19 Preparedness and Response Plans and Planning.

See our Webinars page for related upcoming events: https://intelligentdynamics.com/upcoming-webinars/.

How can we apply a safety standard intended for the development of electronics and control systems on automobiles to the creation of safety solutions that will ensure that customers, associates and personnel can return to work safely?

Here’s how:

Aspect of ISO-26262ISO-26262 as normally employedISO-26262 as applied to COVID-19 Back-to-Work
Quality Control as a foundationCommitment to Total Quality Management (TQM) ensures that products and systems are consistent across all production and deliver predictable, identical performance.Predictable, identical performance by customers, associates and personnel is required to ensure safety (no holes, omissions, or oversights) as they go about their business.
Platform upon which the safety solution is built (interfaces)Applies to hardware used in safety-critical systems within automobilesThink of facilities, parking lots, rest rooms, cafeterias, coffee stations, equipment, workstations and desks as ‘infrastructure and interface hardware’.
Platform upon which the safety solution is built (control)Applies to hardware used in safety-critical systems within automobilesThink of people as the ‘control hardware’ that execute the instructions ensuring safety (the ‘software’, see below).
Instructions for creating and maintaining safetyApplies to software running on the hardware used in safety-critical systems within automobilesThink of the instructions that customers, associates and personnel must follow to ensure safety as ‘software’. (Remember that all software is simply a set of instructions. Thus instructions given to people for successfully avoiding COVID-19 infection are merely another form of ‘software’.)

Because a pandemic is not a common occurrence there are no existing international standards for creating plans, approaches and solutions that ensure the safety of customers, associates and personnel as they return to work. Thus we turn to those that do exist, looking for direction.

International standard ISO-26262, covering automotive functional safety, and its fellow industry-specific standards for functional safety are all largely derived from generic functional safety standard IEC 61508. As a result they share a common core consisting of:

  • Conducting a Hazard Analysis and Risk Assessment (HARA)
  • Generation of Safety Goals for the required solution
  • Elicitation of Safety Requirements
  • Design of a safety solution to delivery these requirements and ensure that the Safety Goals are never violated.
  • Evaluation of the relative success of several possible solutions in meeting the requirements when compared to each other and other alternatives.
  • Verification that the final chosen solution meets its intended requirements.
  • Validation to ensure that situation into which the final chosen solution is delivered is covered completely and successfully addressed by the solution.
  • Assessing the solution to confirm that it delivers the intended safety.

We’ve elected to use the automotive standard because it’s the most detailed and comprehensive of the set, has successfully generated the most successful solutions because of the size of the automotive business, and has the most experience behind it, with tens of millions of vehicles developed under it and safely travelling the roads.

ISO-26262 also features one additional important step that the others do not:

  • Auditing the solution to confirm that the process of creating it was executed correctly.

All of these steps, as captured within ISO-26262, are critical to the delivery of safe COVID-19 Back-to-Work plans, approaches, and solutions.

In the current situation with COVID-19 federal and regional governments have imposed a number of generic safety requirements, but have provided no specific details for organizations attempting to implement them. This leaves most people responsible for implementation bewildered as to how to make it happen where it counts, in the restaurant, the factory, the warehouse, the school, the hair salon, etc.

Safety Analysis fills the gap. Much work that is currently not well defined because of this uncertainty needs to take place at the level of the facility, by people who have first-hand knowledge, in detail, of:

  • The facility itself, i.e. its layout, including the position of everything inside, rooms, equipment, storage tanks, supplies, etc.
  • The customers, associates and personnel who will be within it when work resumes.
  • The means of getting them, supplies, and finished goods in and out of the facility, as well as through it, e.g. parking lots, doorways, hallways and corridors, etc.
  • The nature of the work that will take place there.
  • The interaction that typically takes place between customers, associates and other personnel as that work is conducted.

Of paramount importance in all of this is the idea that things, and often people too (we call them customers, clients, patients, etc.), get processed as work is conducted. Raw materials enter a plant and are refined, parts are joined into assemblies, whole chickens are broken down into portions, cars are serviced, and customers come into a shop and are accommodated,. Work flows as these things take place. A chain of people, usually with machines mixed in among them, each add a little more value what traverses the flow as they execute their work. Out of the end comes a product or service that ideally meets its needs perfectly.

Safety Engineering is the process of capturing and studying this flow of work, and generating a way in which to make it work safely, by generating a plan for ensuring that it never, ever hurts anyone, either as they execute the process, or use the product or service that comes out the end.

This plan captures the low-level details that are missing in the directions from above. It is important that, as they are filled in, they must mesh fully with those requirements put forth by the authorities.

Think of the result as a large ‘tree’, with many branches, each of which describes how to achieve safety in a greater level of detail. To the implementer this tree is oriented upside-down with its trunk pointed upward. In Safety Analysis we capture safety requirements in such trees, however we call them by the fancy name ‘requirements hierarchies’. Each high-level safety requirement

Careful management of Safety Requirements is important. It is the most detailed and benefits greatly when persnickety people conduct it. Why is this? The devil is in the details. Once a complete set of safety requirements is in hand it is imperative that every last one be met — missing even the smallest detail means that someone will get hurt, if not immediately then eventually.

It’s quite easy to design solutions to problems, even very tough ones, but it’s difficult to know when you’ve completed the task optimally. Even novices can come up with excellent solutions — they might not be elegant, or simple, or efficient but they will usually serve the purpose. How do you know when you have the optimal solution?

One step in the process of developing a solution that is most often overlooked is what we call Analysis of Negatives. Many people can generate a solution, or less often a handful of them from among which to pick the best. Most often they skip the next step, which is to study the ways in which those solutions might come up short. This usually happens only in specific situations, and in conjunction with a hardware failure, or with unanticipated conditions.

The tiniest overlooked detail, if it’s not prepared for, could easily hurt someone. Analysis of Negatives is our technique for finding the weak links, especially down to the very smallest.

We leave no stone unturned. This is a business for problem-solvers who are obsessed with details. When people’s lives, health or welfare are at stake the one you miss WILL come back to haunt you.