According to IEC 61508, any responsibility in functional safety management must be reported into the Functional Safety Management System (FSMS).
What the FSMS aims at
The first objective of the requirements in IEC 61508-1 clause 6.1.1 is to specify the responsibilities in the functional safety management of those in charge of an E/E/PE safety system or one or more phases of the overall lifecycle of an E/E/PE system and the safety software.
The second objective of the requirements in IEC 61508-1 clause 6.1.1 is to specify the activities to be performed by those responsible for functional safety management.
All individuals, departments, and organisations responsible for carrying out activities in the E/E/PE system or safety software lifecycle phases (including individuals responsible for functional safety verification and assessment and, where appropriate, licensing authorities or safety regulatory bodies) must be identified and their responsibilities must be thoroughly and clearly communicated to them.
Competence adequately matched to responsibility/role must also be demonstrated.
How to manage Functional Safety
An organisation responsible for an E/E/PE safety system, or for one or more phases (e.g. a supplier) of the overall E/E/PE system or safety software lifecycle, must appoint one or more individuals to take overall responsibility for:
- system and lifecycle phases
- coordinating the safety activities carried out in these phases
- the interfaces between these phases and the other phases carried out by other organisations
- fulfilling requirements 6.2.2 to 6.2.11 and 6.2.13 of IEC 61508-1
- coordinating functional safety assessments (see IEC 61508-1 6.2.12 b and clause 8) – in particular when those carrying out the functional safety assessment differ between phases – including communication, planning and integration of documentation, judgments and recommendations
- ensuring that functional safety is achieved and demonstrated in accordance with IEC 61508 objectives and requirements
The policy and strategy to achieve functional safety must be specified, along with the means to assess their achievement and the means by which they are communicated within the organisation.
Suppliers providing products or services to an organisation that has the overall responsibility for one or more phases of the overall lifecycle, E/E/PE system or safety software (see IEC61508-1 clause 6.2.1) must provide products or services as specified by that organisation and must have an appropriate quality management system.
The manufacturer must take any action necessary to monitor the supplier’s performance (periodic audits, incoming tests).
Safety management activities
Functional safety management consists of several activities:
- Planning, including the definition of responsibilities, organization, applicable directives
- Documentation, i.e. the set of documents that must be prepared
- Personal skills, such as the required level of expertise to manage the project
- Evaluation, consisting in verifying compliance with the specifications for the design and test phases, after commissioning, and during modifications
Recommended in-depth study:
Specifically, among evaluation activities, verification refers to checking applications that are still under development to ensure they meet these specifications. These checks could be as simple as reading the specifications and comparing them to code logic to make sure they match.
The verification process includes activities such as code reviews, analysis, inspections, intermediate tests.