Better safe than sorry: The importance of functional safety in embedded systems

Embedded systems are electronic software and hardware solutions that are integrated into devices to make their functioning more intelligent. Nowadays, embedded systems are all around us. They make our tools smarter, more efficient and better suitable to our precise needs and comfort. Doing so, they also make our lives a lot easier.

Meanwhile embedded systems also pose a risk to us. As we let computer programs manage more and more aspects of our daily lives we also hand over more responsibility to them, meaning we have to be able to rely on these systems. This is the domain of functional safety. 

Functional safety is the part of a system’s built-in protection that sees to the proper functioning of automated processes and responds adequately to errors that might disrupt it. Simply said, it protects humans from technology. And as a result of the ever-growing presence of technology in our lives, the demand for skilled functional safety engineers is peaking. In this article we take a look at what functional safety engineers can do to ensure your safety standards are met. 

Risks of embedded systems

Embedded systems are in our smartphones, our houses and our vehicles, but also in our shops and our streets, our production lines and our medical machines. Meanwhile, the automated systems that surround us in our daily lives are becoming increasingly complex, taking on more important decisions for us.

Twenty years ago, the first cars came out with parking sensors, not long after that, backup cameras were introduced and now we have self-parking cars. We also have lane-assist, and within the next 10 to 15 years, we will likely see the introduction of fully self-driving cars that require no human interaction to get us from A to B.

These advanced systems will undoubtedly save us incredible amounts of time that we can now focus on more meaningful tasks, but as embedded systems take on a bigger role in our lives, the consequences of possible error are also aggravated. If your parking sensor fails, you might bump into a car while parking, if your self-driving car has an error, you will likely crash. In general, the bigger the role of technology, the more damage it can inflict as well.

Embedded systems use measurement and control equipment to make estimations and then choose follow-up actions based on those estimations. A small miscalculation in the programming or design of a system can thus have big consequences. Computers have the potential to overcome many human errors, however, we need to keep in mind that bugs still exist and embedded systems are still programmed by human beings, operating in an unpredictable world that is also inhabited by human beings. 

What is functional safety?

To ensure that these interactions between systems and humans don’t go wrong, embedded systems are equipped with functional safety measures. These functions are implemented to make sure that technology operates as it should, and if it doesn’t, that it fails in a safe manner. 

A very simple example of a functional safety system is the barrier at a railroad crossing that is automatically lowered when it detects an approaching train. Another one is the heating platform of a smart coffee maker that automatically switches off if the temperature of the coffee gets too high. In both examples, relatively simple systems are implemented to oversee situations that could otherwise have major consequences (e.g. a train crash or a house fire).

To ensure that all embedded systems are safe, a number of international safety standards are set that have to be met before a product can enter the market. The foundational code of functional safety is called the IEC 61508. It consists of a number of prescriptions on how automatic protection systems must be applied, designed, deployed and maintained.

To achieve functional safety, new systems usually have to go through an extensive process of screening, deploying, and monitoring. 

• First the potential hazards of a system have to be identified to determine where safety functions are required.

• Then the risks need to be assessed. To what degree have they be diminished and what is an acceptable risk. In the case of the railroad barrier, for example, it needs to be determined how long before the train arrives, the barrier should be lowered. Closing it earlier might be safer, but it might also unnecessarily halt the traffic flow.

• Then the safety measures themselves need to be checked. Do they function as they were intended? Does the coffee maker indeed turn off automatically if the coffee gets to hot, even if it is disrupted by external factors or system failure.

• Then again, the system needs to be verified. Are all safety bases sufficiently covered, is the designed safety system suitable for systematic use, and what are the chances of dangerous failure. 

• Finally, functional safety system need to be inspected regularly to ensure that the system keeps functioning according to safety standards throughout it’s life cycle. 

An embedded system is considered functionally safe if all hazards are eliminated by the implementation of the appropriate safety functions and all of these meet the required safety standards.

What does a functional safety engineer do?

The execution of the process above, and consequently, the correct implementation of the appropriate functional safety measures, is in the hands of functional safety (FuSi) engineers. It’s their job to ensure that the highest safety standards are met to prevent any human, environmental and also financial damage. 

They have to be able to identify risks and dangerous situations to determine which measures are required to adequately deal with those situations. Therefore, the job of a FuSi engineer also asks a lot of ingenuity from candidates to find solutions to the variety of challenges that need to be taken into account when designing automated systems. 

Furthermore, FuSi engineers are responsible for monitoring and assessing the safety functions that are implemented into embedded systems. Therefore they need excellent analytical and critical skills, but they also need to be resolute when it comes to decision making. Their decisions can carry a lot of weight and small missteps can have big consequences. Therefore they need to be sure of what they're doing and always put safety first.

What to look for in a functional safety engineer?

Some people are better for some jobs than others. Just as a creative function might call for a free thinker that colors outside the lines to realize his wildest imaginations, a regulatory job like that of a functional safety engineer calls for someone who is almost the complete opposite of that description. A FuSi engineer needs to stick to the rules and be fully aware of the importance of his role and the weight of his decision making.

When your looking for a FuSi engineer, you want to look for someone that knows every paragraph of the relevant safety standards. But more importantly, a FuSi engineer also needs to know why these standards are set, where they came from and what their objective is. A skilled FuSi engineer shouldn’t only execute safety measures because standards say so, but also because they are imbued with the fact that they are necessary for our safety.

Furthermore, safety standards can vary across fields. What may be an acceptable risk in an electric bike might be catastrophic in an airplane. Therefore, hiring an engineer typically requires some job-specific training. However, the basis of all quality standards is the same across industries. Namely, the need to prevent damage and keep the interaction between technology and humans safe. 

Therefore, there is no need to limit your functional safety engineer to one industry or one standard. It’s more important that someone has experience in the general field of functional safety and has displayed an understanding of what safety entails and why it matters.