Functional Safety Assessment phases

Reading time: 6 minutes - Difficulty: advanced
According to IEC61508-4:2010, 3.8.3, Functional Safety Assessment (FSA) is an investigation, based on evidence, to judge the functional safety achieved by one or more E/E/PE safety-related systems and/or other risk reduction measures.

What the FSA aims at

Functional Safety Assessment consists of three phases:

  • Detailed review of hardware and software design, where auditors review the product design against functional safety requirements together with the manufacturer’s designers;
  • Revision of the development of the Functional Safety Management System, which aims to verify the presence and applicability of a management system for the fulfilment of functional safety requirements;
  • Quality constraint audit, which aims to verify the implementation of the quality requirements of IEC 61508 in the manufacturer’s quality management system.


Functional Safety Assessment (FSA) is a survey to support the decision to move to the next phase of the lifecycle or to remain in the same phase until all the necessary measures have been put in place.


For further information:


Further, the FSA aims at determining whether the safety function being studied achieves the required level of functional safety. The work usually involves verification of the processes and procedures in place to ensure compliance with IEC61508 requirements, including verification for each phase of the lifecycle and validation of the complete safety requirements.

This will form the basis of the “Move on” or “Not ready yet” to move on to the next phase of the lifecycle.

funciontal safety assessment phases

Download Infographics

Do you want to contribute to our page? Follow us on Linkedin


More information about the Functional Safety Assessment

Prior to the SIL certificate issue, several activities take place:

  • Detailed hardware/software analysis

The detailed analysis of hardware and software design is based on relevant product design documentation (detailed hardware schematics, device datasheet, software code, etc.) to identify safety-relevant subsystems and components and define their functional architecture (presence of any redundant elements).


  • GAP Analysis

If gaps are identified during the design review with respect to the requirements of IEC 61508, they are documented through an analysis (GAP Analysis), in which the indications for the correction of these gaps in terms of design, documentation, etc. are reported.



FMEDA analysis (analysis of the effects and diagnostics of product failure modes) is based on a systematic analysis and breakdown of the product into its safety-relevant components, in order to identify the failure rates (safe/dangerous and detected/undetected) and potential failure modes of each component.


Recommended in-depth study:


  • Systematic assessment of HW/SW capacity

The systematic capability provides a quantitative estimate of the robustness of the system with respect to systematic failures resulting from project management, documentation quality, control requirements, structured design, etc.


  • Functional safety validation tests

The objective is to demonstrate that the product meets the specifications for the general requirements of the safety functions and the general integrity requirements.


  • Functional Safety Assessment Report

The Functional Safety Assessment (FSA) report is included in the SIL Certificate and contains the results of the assessment according to IEC 61508 requirements, together with the results of each step of the certification process.


  • Revision of FSMS

Analysis of the relevant documentation for the implementation of the customer’s functional safety management system (FSMS) as policies and procedures that specify the organizational policy and strategy to achieve functional safety.


  • Quality constraint audit

During this phase, the presence of a quality management system is verified to ensure the manufacturer’s ability to maintain functional safety certification in all products manufactured with the validity of the certificate.


In the end, the SIL certificate issue confirms compliance with IEC 61508 requirements and contains references to the FSA report and safety manual of the article.


For more information or to request a quote

What does HARA mean for ISO 26262?

The HARA method The HARA method aims at identifying and categorizing hazardous events of items, and also at specifying safety goals according to ISO 26262 and ASILs (Automotive Safety Integrity Levels) related to the prevention or mitigation of the associated hazards in order to avoid unreasonable risk. This means that the combination of a hazard […]

Read more

A brief introduction to ISO 26262

ISO 26262 Standard Application It covers the implementation of functional safety through electrical and/or electronic (E/E) systems, and presents a specific lifecycle for items used in the automotive sector. Thus, it provides a reference for the automotive safety life cycle and supports the adaptation of activities to be performed during the lifecycle phases, i.e. development, […]

Read more
Byhon Logo bianco

Subscribe to our newsletter to stay up to date on Functional Safety and Industrial Cyber Security news and events

Send this to a friend