Functional Safety: What Is It and What Do OEMs Need to Know?

A safety strategy for reliable components

January 10, 2023
EAO Corporation
Functional safety is a critical component of equipment and component manufacturing.
Functional safety is a critical component of equipment and component manufacturing.
EAO Corporation

Anyone producing heavy-duty or special vehicles in Europe needs a safety strategy for interaction between the subsystems and the electronic components. This is true for on-road or off-road vehicles. Designating a safety level for each safety-relevant application will enable you to ensure functional safety right across your supply chain—and the key to doing this lies in risk analyses that are performed in accordance with the appropriate standards.

Traditional mechanisms are increasingly being replaced by smart electronics, and smart solutions are even replacing mechanical actuators and indicators in heavy-duty and special vehicles. CAN bus systems connect hundreds of bus participants with one another. Data and information are sent across shared cables, reducing the number of wiring harnesses and their associated weight and costs.

At the same time, these data buses expand vehicles’ technical capabilities to the benefit of their users and operators. The downside is that the increasing the complexity of these electronics can cause new types of malfunctions. All it takes to distort the intended information is for a bit to flip from zero to one during digital data transfer, possibly switching the application to an unintended state—with potentially devastating consequences when safety components are affected. This is where functional safety comes in. Highly complex applications can benefit from this. Simple or seemingly non-critical ones, such as window openers or light switches, can as well.

Immediate System Response to Random Errors

Functional safety reduces unacceptable risks caused by random electronic system errors to a level that is acceptable. The risks in question are those that may cause injury to personnel, not damage to property. Functional safety means applying and observing certain standards to ensure that the correct operation of safety functions is monitored. In the event of an error, the system will respond and switch the application to a safe state—for example by stopping it or by alerting the operator.

When it comes to mechanics, it is important to apply appropriate development processes to prevent systematic errors. Increasingly, complex electronics also require the systems to be monitored when in use—and random errors must be detected during this process.

Random errors may be caused by external influences such as radiation, magnetic fields or simply the aging of the electronics systems. In the event of malfunctions like these, the system must respond immediately, for example by switching a vehicle into a safe state. In these situations, systems switch themselves off or warn the driver, for example by causing a monitoring lamp to flash.Emergency components help operators control equipment particularly if an alert message of a failure is received.Emergency components help operators control equipment particularly if an alert message of a failure is received.EAO Corporation

Although functional safety cannot prevent malfunctions, it can significantly reduce the potential damage they may cause. In summary, functional safety means limiting risks to a level that is acceptable. To this end, specific standards define development and production processes, regulate the monitoring of electronics and define what a safe state is. These standards also ensure the necessary protection for manufacturers of safety components, subsystems or entire heavy-duty or special vehicles. The extensive documentation and certification relating to functional safety provides OEMs with proof that they are supplying their customers with “safe” products. These are the methods for error prevention:

For mechanisms and electronics, prevent systematic errors through defined processes in concept phase, during product development and manufacturing.

For electronics, detect random errors through monitoring during use and respond to random errors with safe states during operation.

In Addition to the Machinery Directive, Specific Standards May Apply

Who absolutely must address functional safety? To put it simply: all manufacturers are responsible for ensuring that nobody comes to any harm because of their products. The European Directive on general product safety requires that all products sold on European Union (EU) markets must be safe. This EU Directive will become binding in the corresponding countries when it is transposed into national product safety legislation. Accordingly, product manufacturers must comply with specific standards or uphold the state of the art in their products. This includes the principle of functional safety. The ISO 26262 standard is one of the standards that applies to vehicles containing safety electronics.

This standard was expanded to explicitly include all road vehicles in its second edition in December 2018. Machinery and vehicles should be considered separate applications, and specific technical standards must be considered. Functional safety matters, or rather, the currently applicable standards in this area are often the subject of legal disputes.

Anyone who fails to respect them may be found to have acted in gross negligence and is therefore liable if people are injured. If an OEM neglects functional safety, personnel on the team are putting their company at great risk, not to mention the users of the vehicles and their components.

Addressing the Issue of Functional Safety Is a Corporate Obligation

Special purpose and other vehicles and components of vehicles that do not ensure functional safety pose a big risk to their end users and their environment as well as their manufacturers. Conversely, functional safety in vehicles protects manufacturers from legal ramifications and financial damages. In this respect, it is not just companies that may be prosecuted, but also employees, such as a development manager deemed responsible for a failure. Lawmakers provide for compensation payments or even prison sentences in such cases. Products with insufficient functional safety may result in costly recalls, while reputational damage will inevitably cause long-term financial losses.

Addressing the issue of functional safety is therefore a corporate obligation. For OEMs of safety applications, this means developing a safety culture that also intervenes in management and support processes: functional safety management. At the same time, applying the relevant standards and certifications presents an opportunity that goes beyond product safety and avoiding legal ramifications: the application of the relevant standards increases the quality standards. In actuators and indicators, for example, this affects their switching safety and reliability.

Having a Safety Strategy Allows Manufacturers to Be Responsible

Functional safety with respect to end users is the responsibility of the company that brings a product to the market. The company is therefore dependent on using components that will not cause injury.

The task of such companies is to perform a risk analysis for their overall product as a whole and determine the necessary safety level for it. To this end, the relevant standards define what are known as Safety Integrity Levels (SIL) or Performance Levels (PL) for machine applications (see box on page 2). The safety level must be broken down for each individual component and its respective application. Specific requirements for supplier components can then be derived accordingly. The safety level required for the same component from a supplier for customer A may differ from that for customer B. In each case, the application determines the safety level. For this reason, a safety strategy is required. All manufacturers of heavy duty and special vehicles must determine the following: Which components require which safety level? How do they need to respond to random errors? For some applications it is sufficient to inform the user that a workshop visit is necessary – for other applications, an emergency strategy is implemented in parallel. In other cases, a response must be triggered. This response will then ensure, for example, that a heavy duty or special vehicle can then only be maneuvered at a limited speed. In the case of particularly critical errors, it may even be necessary to stop the vehicle moving altogether.

For Every Application, the Safety Level Must Be Determined

Standards show manufacturers how to achieve the Safety Integrity Levels (SIL) and define risk classification parameters. Risk classification focuses on the questions: How serious are the consequences of the various errors? How often do these errors arise? How successfully can they be managed? The answers to these questions determine the “severity” of the risk classification (see Table 1).

QuestionsResponses
          What injuries (S for severity) will an error cause?        
  • S0: none
  • S1: mild to moderate
  • S2: severe, survival likely
  • S3: very severe, survival unlikely        
          How likely is it (E for exposure) that the error will occur?        
  • E1: very low probability
  • E2: low probability
  • E3: medium probability
  • E4: high probability        
          How easy to control (C for controllability) is the error?        
  • C0: controllable in general
  • C1: easy (99% of drivers)
  • C2: normal (90% of drivers)
  • C3: difficult (by under 90% of drivers)        

Table 1. Determining the ASIL for a vehicle application

As mentioned above, each application must be considered separately; for example, the braking system will have a high safety level, while a different safety level may be adequate for one of its subsystems, such as the anti-locking system. The risk assessment covers Levels 1 to 4, and the designations may differ slightly depending on the standard being applied. For example, machinery standard EN ISO 13849 defines performance levels, classified from A to E. Meanwhile, the ISO 26262 standard, applicable to vehicles, has Automotive Safety Integrity Levels (ASIL) ranging from A as the lowest safety level to D as the highest (see Table 2). Independent test laboratories or other assessment procedures are prescribed depending on the safety level.Table 2. Risk tableTable 2. Risk table

Discipline-Specific Standards Serve As the Basis

Functional safety and the related standards require management systems with defined development processes. The verification and validation model can be used to organize these processes into different phases­—starting with risk analysis. In this respect, functional safety requires further-reaching, more laborious analysis than conventional development processes: fault tree analyses assess the reliability of technical systems and the likelihood that they will fail and form the basis for the safety strategy.

The inspection and documentation of the processes is equally labor intensive: a company must be able to prove that it has implemented all the requirements. This means that all steps must be traceable in detail.

IEC 61508 is the basic functional safety standard, and discipline-specific detailed standards have since been derived from it for different sectors. The ISO 26262 standard focuses on road vehicles (automotive norm) and components that control driving functions. ISO 13849, on the other hand, applies to machine functions such as tippers, compactors and turntable ladders, which are mounted on vehicles.

Related
Adobe Stock 71388636
Off-Road Zero Emission Requirements Are Deploying Faster Than Expected
February 20, 2023
Dc Hydra Force Visual For Social Media
Bosch Rexroth Acquires HydraForce
February 7, 2023
Soncebonz
Technology for Electric and Hybrid Equipment Discussed by Sonceboz Experts
January 13, 2023
Cover 1122
OEM Off-Highway State of the Industry 2022
December 5, 2022
Recommended
The Port of Baltimore is used by many of the largest construction machinery manufacturers.
What Effects Will the Baltimore Bridge Collapse Have on US Imports/Exports of Agricultural & Construction Machinery?
Following the collapse of the Baltimore Bridge and the suspension of traffic through the Port of Baltimore, construction and agriculture vehicle supply chains will be affected but the question is: How much?
April 11, 2024
New Final
Call for Products: OEM Off-Highway's 2024 Product Showcase
If you manufacture cutting-edge solutions for the mobile equipment industry, we want to see them — and so do our readers. Submit your product(s) for a chance to be featured in our comprehensive pictorial guide packed with industry-leading offerings.
April 1, 2024
Adobe Stock 204293849
March 2024 Equipment Market Outlook
January's U.S. heavy-duty truck production was 2.6% above the year-ago level, though growth is slowing. Experts say further decline is likely, given general decline in wholesale trade coupled with waning revenue within the truck transportation sector.
March 20, 2024
Latest
091322 Agco Pontiac No 18186 (1)
AGCO Launches PTx Precision Ag Portfolio
The move aims to facilitate the growth of AGCO’s technology transformation and support the future development and distribution of next-generation ag technologies for farmers and OEMs.
April 8, 2024
Adobe Stock 225106727
Agriculture’s Merge Into the New Road Safety
Understanding the connected capabilities of interoperable vehicle-to-everything (V2X) technologies and the need for standardization.
April 8, 2024
Modern Cockpit with well-positioned multifunctional controls
6 Ways Operator Cockpit Designs Impact End-User Efficiency
From comfort and ergonomics to cutting-edge technology, learn how the cab is becoming a key differentiator in the off-road vehicle market.
April 5, 2024
Agco Trimble Id Ee44ea16f98c Logo
AGCO & Trimble Close Joint Venture, Form PTx Trimble
PTx Trimble combines Trimble's precision agriculture business and AGCO's JCA Technologies to form a new company that will serve farmers with factory fit and retrofit applications in the mixed-fleet precision agriculture market.
April 4, 2024
2480x750 Jcb Lgs Pr
JCB & Leica Geosystems Partner on 2D & 3D Semi-Automated Excavator Controls
The INTELLIGRADE solutions will be available initially on the JCB 220X tracked excavator in the UK before being offered across the whole JCB X Series range in additional regions.
March 27, 2024
Elevat Io T Logo
Elevāt & Superior Broom Announce Strategic Partnership
The move aims to provide road construction and street-sweeping equipment end-users with enhanced fleet management options, preventive maintenance and data-driven insights.
March 26, 2024
The CAN Actuator is a drive-by-wire alternative to the typical push/pull cable mechanical shifter to rotate the shift shaft on a variety of on- and off-highway vehicle transmissions, with this next generation technology developed to be easily adapted for transmissions from other OEMs.
Curtiss-Wright Unveils Updates & New Offerings at INTERMAT 2024
At the April trade show, the company aims to highlight its continued development of vehicle controllers, introduce updated sensor solutions and promote vehicle electrification with its eMobility Solutions portfolio.
March 25, 2024
HED Inc. has expanded its vehicle control system portfolio with the introduction of the CL-640 HVAC Panel.
HED Inc. Introduces the CL-640 HVAC Panel
The completely customizable CL-640 is designed for rugged applications to control and adjust temperature effectively inside on- and off-highway vehicles.
March 25, 2024
APEX display
APSCO Releases Interactive Dump Truck Controls, Electric Over Air Actuator & Integrated Reservoir Systems
The company expands its footprint across multiple applications with the announcement of four new product lines — the APEX, ARIS, ATAS and EDM Series.
March 18, 2024
Te Off Highway Agriculture
Navigating the Modern Productivity & Connectivity Obstacles of Off-Highway Applications
Learn what's amplifying equipment performance and reliability needs at the component level and how OEMs are rising to meet the challenge.
March 11, 2024
Septentrio Anta Rx Si3 Gnss Ins Smart Antenna Receiver Imu All In One
Septentrio Introduces AntaRx-Si3 Inertial GNSS Smart Antenna
The new GNSS/INS receiver uses FUSE+ technology to combine high-accuracy GNSS positioning with an IMU in the same enclosure as the GNSS antenna.
February 13, 2024
Picture11
Is it Finally Time to Switch?
Take a look at the industry's migration from electromechanical to digital switch technology in the cab and learn why it's important for engineers to weigh the benefits of both switch types.
February 5, 2024
Br82 Ks 01 00509
EAO Releases New Rugged Push-Button HMIs With Integrated Cables & Rear Sealing
EAO’s latest Series 82 devices are R118 certified for automotive applications and feature M12 connectors for enhanced operational reliability.
February 1, 2024
The PatriotPro features the rugged design and feel of the legacy Patriot product, and now boasts a new look and an advanced, future-ready technology platform.
Cattron Introduces Remtron PatriotPro Industrial Remote Control System
The operator control unit, which features a 600-foot operating range, is available in standard configurations and can be engineered to meet specific application requirements.
February 1, 2024
Eao Opc
EAO Introduces New Online Product Configurator
The interactive 3D tool gives engineers and designers the control to configure, compare and purchase modular products that meet their individual requirements.
January 23, 2024
Photo Hd Hyundai Google Gloud
HD Hyundai Teams Up With Google Cloud to Accelerate AI Innovation
The collaboration will introduce generative AI across Hyundai's core businesses, including its shipbuilding and construction machinery businesses in Korea.
January 18, 2024
Continental and Aurora reach partnership milestone by finalizing design of world’s first scalable autonomous trucking system.
Continental & Aurora Finalize Design of World’s First Scalable Autonomous Trucking System
The companies have finalized the design and architecture of the future fallback system and hardware of the Aurora Driver – an SAE Level 4 autonomous driving system – that Continental plans to start production of in 2027.
January 15, 2024
Coop Dt Torc Aev 240108 2 (1)
Daimler Truck, TORC Robotics & Aeva Partner on Series-Production Autonomous Trucks
The multiyear collaboration begins in the first quarter of 2024 with Aeva’s start of production by 2026 and Daimler Truck’s production ramping up by 2027.
January 10, 2024
The CP150 compact controller with newly developed standby mode: The wait for the electronics to start up again is com-pletely eliminated allowing the machine to be ready for operation more quickly
B&R Releases Standby Mode on X90 CP150 Compact Controller
As the first B&R controller with this newly developed standby mode, this release provides the option of restarting a machine or vehicle immediately after the engine was shut down for a short time.
January 8, 2024
Adobe Stock 250938892
State of the Industry 2023
Get seven professional perspectives and predictions about what's shaping the 2024 OEM landscape.
December 1, 2023
Agco+pr+ +agco+opens+acceleration+center+in+scottsdale+az+ +12 2023 56f2ba0f 0bf5 45a9 8abc Bebd8c968d69 Prv
AGCO Opens Acceleration Center in Scottsdale, Arizona
The center is dedicated to software and electronics development in the areas of autonomy, precision ag, artificial intelligence and digital products, and aims to deliver new, value-added precision ag technologies for farmers.
December 14, 2023
Hd Hyundai Xite Transformation Booth Image[1]
HD Hyundai Brings Xite Transformation to CES 2024
At the upcoming electronics trade show, the company plans to expand on its vision to now include transformative land infrastructure ideas, showcasing Future Xite, Twin Xite and Zero Xite.
December 20, 2023
Fort Safe Remote Control Pro Resized
FORT Robotics Introduces Safe Remote Control Pro
The rugged gaming-style controller can be paired with up to 30 machines, used with robots in warehousing and manufacturing, and also in heavy machinery in agriculture, construction, mining and more.
December 8, 2023
Cedrik Neike, CEO of Digital Industries and board member for Siemens AG and Keyvan Esfarjani, chief global operations officer for Intel Corp. pose for a photo to mark the signing of a memorandum of understanding by the companies to advance global manufacturing efforts. The deal was signed in Santa Clara, California, in December 2023.
Siemens & Intel to Collaborate on Advanced Semiconductor Manufacturing
The partnership will focus on driving digitalization and sustainability of microelectronics manufacturing and advancing future efforts, evolving factory operations and cybersecurity, and supporting a resilient global industry ecosystem.
December 5, 2023