The goal of functional safety is to create a safety net that monitors and controls machinery to prevent a hazardous situation to people and property if the machinery malfunctions. From an equipment manufacturer's perspective, the machine must perform its intended function and must operate in a safe manner. From a functional safety perspective, it is about maintaining a safety net (also known as a safety function) that mitigates the hazards of the machine it is monitoring. For the safety net to be effective, it must have a low probability of failing, and upon failure, will report it so that the equipment it is monitoring can transition to a safe operational state.
When designing a product for functional safety, depending on what type of machinery it is monitoring and where it is deployed, the product might need to be assessed for compliance to a functional safety standard. These functional safety standards, such as IEC 61508, ISO 13849, and ISO 26262, are international in scope where the quality of the product meets a proscribed requirement based on that standard.
Based on the standards, the quality of a component or element used for functional safety can be broken down into two aspects. The first aspect is a formal design process that promotes a systematic capability that drives the mitigation of human introduced bugs. Achievement of systematic capability is accomplished by following a proscribed set of process steps with evidence to show compliance. The second aspect is the random hardware failure rate of the logic devices with the ability to detect and announce that a failure has occurred. In the art of functional safety, there is a saying that it is all about diagnostics. The focus of this white paper is this second aspect and the ability to detect unintended operation.