Category Archives: DO-278A

If I were in the OEM’s side, I’ll manage functional safety project as follows

Management of functional safety process is so important not only in the supplier’s side but also in the OEM’s side.

In the standard, there is two type of faults. One is systematic fault and the other is random hardware fault. While random hardware fault is engineering aspect and can be treated by engineering decision, but systematic fault is not in just engineering aspect.

Let’s assume that a OEM auditor finds that supplier has random hardware faults and systematic faults. After audit, what corrective actions needs to be done?

To eliminate random hardware fault, supplier has to design and implement again. But sometimes it need not take too much time compared to the systematic fault.

To treat systematic fault, what are required?

What do you think?

Ideally speaking, all work products cannot be trusted and all activities are required to do again from beginning. But I’m not sure such an extreme approach can be happened in the automotive industry. It surely impact to lag project timing.

Then, supplier’s risk is moved to OEM’s side.

In order not to happen in this undesirable situations, what OEM have to do?

Let assume that there are two options to conduct audit.

  1. Audit once at the end of the project.
  2. Audit multiple times at the important timings.


It would not be difficult problem. You already know the answer, and may understand what my point is.

Let me simplify my point; Bothering supplier multiple times will help not only OEM but also supplier. To do this, OEM has to be diligent.


Is it hard to defense against functional safety audit?

In general, plan for functional safety audit is sent to supplier. In the plan, checklist is open. Then what supplier has to do is to prepare how to answer this question and what to produce evidences. So, it is like acting according to the written script. But there seem to be hard to defense against it. Why ?

In order for drama to be successfully, all actors have to keep in mind their script and be ready how to act. If your organization has a trouble with defensing against functional safety process audit, it can be a cause for many people involved in the project don’t know what to do, how to do it.

In fact, it is required to continuous process activity in order to be considered as a process compliant. It cannot be done just at once. Have you ever written a one-month diary within two days? Can you keep a consistency in that diary? The weather is really correct? It is similar.

Everything should be recorded, and the recording can be supported as a process evidence. It is a kinds of drama for showing. You have to really be reborn as a actor.

For functional safety manager, the person should be director, not a actor. He or she has to see overall scope not a specific scope. And it is necessary to be a director to do this. It might not be easy to handle this as a actor.

Audit plan is open, so as a director consider it deeply what can impress on auditor. It needs to be considered what activities and what evidence can be regarded as process compliance.

By the way, do you know this consideration(plans) shall be done prior to start project? It sounds common sense in the drama. But what about engineering? Are we the masters of impromptu acting? Absolutely not. That is why many project have failed.

Don’t feel negative because of my expression “acting”. I don’t intend “cheating”. I believe that performance of “Showing” is a really indicator of process compliance. It is quite different to make fraud.



Functional safety specific process(Not harmonized project process)

When I was a functional safety consultant, I saw my customer’s processes are disjoint, not harmonized. In some ways, it could be comfortable for involved persons. If some process are added and the process are not related to a person, then he/she can ignore them.

But when independent auditor visits my customer’s site, and ask questions, he seemed to think the process are not well established. It was long time ago, and I confess it was not good result.

Actually there was a general development process and functional safety process. Every people don’t understand both. some people are involved in general development process, while the others are in functional safety process.

It surely gives merit to all engineers except functional safety manager and project manager. Can they control project with these processes ? What do you think?

If I join the company as a functional safety manager position, I will have a trouble with understanding the process. I may try to synchronize processes and get sick. I can surely tell a truth that I will lose control functional safety process because I’m not clear.

Because leader cannot tell where is goal and what we should do at the proper time, the other persons also have no idea and will kill the time. And the project will lag required document delivery timing.