Functional safety

Background and meaning

Anyone who puts products into circulation that are potentially hazardous to safety - this naturally includes vehicles for public road traffic - has a particular interest in minimising liability risks. Product liability already gives rise to an interest in taking into account not only standards with qualitative specifications but also those that are specifically aimed at functional safety issues. Within Europe, the ECE homologation process - or more precisely, the approval process for electronic components in the braking and steering systems of vehicles - also requires compliance with normative requirements with regard to functional safety. The ISO 26262 series of standards is a derivative of the IEC 61508 series of standards, which represents the industry-specific requirements of electrical and/or electronic systems in road vehicles. The standard applies to all activities during the safety lifecycle of safety-relevant systems consisting of electrical, electronic and software components.

With the trend of increasing technological complexity - which is very much driven by ambitious goals in the areas of automated and autonomous driving as well as alternative drives - the risks of systematic failures and random hardware failures are increasing. Both failure modes are taken into account in the context of functional safety. At the same time, proof must be provided that the functional safety objectives are met. The ISO 26262 series of standards contains instructions for reducing these risks by providing suitable requirements and processes for development.


Achievement of functional safety

ISO 26262 defines a reference for the life cycle of vehicle safety and allows the adaptation of the activities to be carried out during the life cycle phases, i.e. development, production, operation, maintenance and decommissioning. In accordance with the automotive-specific, risk-based approach for determining the "Automotive Safety Integrity Level" (ASIL), measures are implemented to control risks from systematic and random failures. The successful implementation of the safety measures is verified by auditing the processes and a final design review before the start of production in the so-called "Functional Safety Assessment".


What areas are affected by the norm?

Among other things, ISO 26262 makes requirements for:

the management of functional safety in the company


the draft


the relationships between customers and suppliers


the validation


the verification of the implementation


the implementation


The shaded "Vs" show the connections between the phases concept, system engineering, hardware engineering, software engineering, production, operation, service and end-of-life (EOL).


With experience and method to success

For the experts of eXinel, safety engineering is an integral part of the daily work on projects in the fields of automated and autonomous driving, safety monitoring of fuel cells, industrial sensor technology and more.

Our approach is to define safety objectives from the beginning of the project, to differentiate these from quality objectives and to ensure that the required evidence is provided by implementing appropriate design and verification measures.

We are happy to support our customers in defining a sensible safety process. The tasks of safety manager and system architect can also be taken over by eXinel. A careful, structured approach right from the beginning saves time and money. We also advise our customers in the selection of suitable tools. Thereby we attach importance to a sense of proportion. Our goal is to ensure that the development team is able to perform its respective tasks as efficiently as possible.

The safety plan defines the phases and milestones required to ensure functional safety as well as the responsibilities with regard to strategies and activities, interface coordination with suppliers, supporting processes, development and implementation of safety requirements, verification and validation and documentation.

In addition, interfaces and documents between customers and suppliers have to be defined. eXinel is happy to support you in this process. The so-called Development Interface Agreement (DIA) serves this purpose. This is a multi-page agreement that serves as the core document for the cooperation between the vehicle manufacturer and several suppliers for one system. Among other things, it regulates the following:

  • The appointment of the safety managers of the customer and the supplier,
  • the joint adaptation of the safety life cycle in accordance with ISO 26262-2:2011, 6.4.5
  • the activities and processes to be performed by the customer and the activities and processes to be performed by the supplier,
  • the information and the work products to be exchanged,
  • the target values derived from the system-level security objectives to the supplier's single point defect and latent defect metrics; and
  • the supporting processes and tools, including interfaces, to ensure compatibility between customer and supplier

The key to end-to-end traceability of design decisions lies in top-down requirements management, which provides the best possible basis for providing proof of product safety.


Special strength of eXinel is the implementation of architectures in hardware designs. Besides extensive experience from numerous automotive projects, you as a customer benefit from significantly increased efficiency, when our team with its experience from the system engineering of your project takes over the transfer into the hardware design and in the next step, verification and documentation such as error analysis, FMEDA, HSI, V-Plan, etc.

eXinel meets the quality management requirements of the automotive industry, including IATF 16949 and ISO 9001, which are required as a basis for achieving functional safety.


Any Questions? Please contact us!