Category Archives: IEC

Functional safety manager can’t assure that this product is safe. instead, he/she knows that it is not safe.

There is saying about interview. An interviewer cannot make a interviewee be hired but can make him/her failed to be hired. I believe that this is true and a similar correspondence can be possible in the functional safety project.

I review functional safety documents frequently, and functional safety scope is too vast for one person to know everything fully so I sometimes conduct incomplete review. Incomplete review means that even though I approve it, it cannot be ensured that it is fully achieved.

Because I understand my weakness, I tried to find nonconformances in the documents. At least I’m first auditor in this project. And if I don’t agree, then it cannot be proceed. In the near future, I have to respond against customer auditor’s questions. There should be some layers of reviewers like me. They act as if ‘safety-nets’ in the project, and they protect systematic faults in the project.

Final reviewer shall be customer side auditors(or assessors). In some ways, customer have to not only have a deep knowledge about product knowledge but also have a deep technical functional safety knowledge. If a person does not have both, team has to be arranged. And who does not have a deep knowledge about the project but has a functional safety knowledge has to enough review experience whether the product under review is well documented or not. And he has to help a customer side product champion to determine whether supplier’s safety concepts or their approaches are good to satisfy their safety requirements.

But…. even though they conduct such audit or assess, they cannot ensure that safety is fully achieved.


Safety Case Development

Now I’m focusing on developing safety case. I’ve interested in development a little bit, but I’m realizing that it is very important thing.

Safety Case is a logical argument that product is safe. To show that it is convincing, it has to be considered in the early stage of project.

Safety case is managed in the item based, it means that both OEM and supplier has to make their logical structure. In this sense, it is better for OEM to have a concept of structure of safety case and to guide supplier to achieve their supporting evidence.

Let’s assume that peoples are not qualified in the early stage of the functional safety project, but qualified evidences are produced in the last stage. Is it convincing that product is safe?

Anyway, I’m gathering papers, reports from automotive and avionics domain and it will take time to have a concept.


I guess consideration of Safety Case as your sword may possible.

Link: Power of your words



Is it hard to defense against functional safety audit?

In general, plan for functional safety audit is sent to supplier. In the plan, checklist is open. Then what supplier has to do is to prepare how to answer this question and what to produce evidences. So, it is like acting according to the written script. But there seem to be hard to defense against it. Why ?

In order for drama to be successfully, all actors have to keep in mind their script and be ready how to act. If your organization has a trouble with defensing against functional safety process audit, it can be a cause for many people involved in the project don’t know what to do, how to do it.

In fact, it is required to continuous process activity in order to be considered as a process compliant. It cannot be done just at once. Have you ever written a one-month diary within two days? Can you keep a consistency in that diary? The weather is really correct? It is similar.

Everything should be recorded, and the recording can be supported as a process evidence. It is a kinds of drama for showing. You have to really be reborn as a actor.

For functional safety manager, the person should be director, not a actor. He or she has to see overall scope not a specific scope. And it is necessary to be a director to do this. It might not be easy to handle this as a actor.

Audit plan is open, so as a director consider it deeply what can impress on auditor. It needs to be considered what activities and what evidence can be regarded as process compliance.

By the way, do you know this consideration(plans) shall be done prior to start project? It sounds common sense in the drama. But what about engineering? Are we the masters of impromptu acting? Absolutely not. That is why many project have failed.

Don’t feel negative because of my expression “acting”. I don’t intend “cheating”. I believe that performance of “Showing” is a really indicator of process compliance. It is quite different to make fraud.