Category Archives: DO-178C

Why are you born? Meaning of safety requirement existence

If some requirement are regarded as safety attribute, it means that in-achievement of safety requirement leads to threaten safety.

The rationale is explained in the somewhere. I believe that system FTA or system FMEA are proper means of why they are born.

After they are identified, safety engineers shall suggest methods how to handle them. Their suggestions are called safety mechanisms in ISO standard.

Sometimes, engineers forget this simple principle. So non-safety related requirements are mis-perceived as safety requirements.

All safety requirements have birth-registered? Unregistered has a potential to threat safety. Don’t forget to register. It is natural like happened in our society.


Identifying safety requirement

My main job is to review all kinds of functional safety documents. Although I don’t know much detail of products, I can help engineers to make our products more safer.

Identifying safety requirement is a 2nd step of functional safety activity. Of course, 1st step is safety planning, and it is very important but many people don’t realize its importance.

Anyway, when I review requirements that regards as ‘safety’, I always ask this question to engineers;

“If this requirement doesn’t meet, it directly leads to violate safety goal?”

If it is safety requirement, it shall be always “yes”, but I experienced to get an answer “no” in many cases.  Then it is not real safety requirement.

Engineers seem to have a custom to identify them as ‘safety requirement’ which look ‘critical’.

For system which control vehicle, it is critical not to ‘sleep’. But not always for system which report to system which has a responsibility to control.

For control system, detecting who is liar is very important because it directly leads to incorrect decision, which results to control unsafely. Of course ‘not to sleep for a long time’ is also important.

But these principles are not always applicable to “reporters”. To tell a lie is worst. To tell nothing is better.

So, “to be honest” is a very important characteristic for “Subordinates”

To summarize, ask this question always. Do Not determine it with your custom.

the question is “If this requirement doesn’t meet, it directly leads to violate safety goal?”


What are meaning to make plans in the project which is required functional safety ?

I’ve seen many project that initiated without in depth plan. They acted as if they are ready. But it was not.

They almost have various kinds of troubles as time pass by.

They are apt to out of control and behind of schedule.

Persons involved in the project fight each other because of responsibility.

They recognize that they should have do some activities several months ago.

They always regret.

I hope that project will begin when conditions are ready.

otherwise it is easily anticipated as if we know what happens after 10 seconds when person jumps forwards on the bridge.

So that is why I emphasize that process is very important.

To appeal that our safety engineering is good, compliance for functional safety process is basic. It won’t work without it.