Safety Manual

Reading time: 5 minutes - Difficulty: medium
The Safety Manual is a mandatory document required by IEC 61058:2 and IEC 61508:3 that the manufacturer must draw up and make available for its user, together with the SIL certified device.

What is a Safety Manual?

The safety manual is a document required for any system or product certified according to IEC 61508:2 and IEC 61508:3 where it is indicated as a mandated document to be made available by the manufacturer together with any SIL device.

The purpose of the safety manual is to provide all the information relevant to functional safety to those who will take care of its commissioning and use with the main objective of allowing them to maintain the reliability and safety performance of the device over time as the day it left the chain of production.
The safety manual is therefore of fundamental importance, as it constitutes, together with the functional safety assessment report, the documentation attesting to the conformity of the product to IEC 61508:1-7, and the SIL level that can be reached.

Precise regulatory references on the contents of the safety manual can be found in appendix D of IEC 61508:2, where the information to be provided by the manual to the user is explained. Additional information about software must be provided, as described in appendix D of IEC 61508:3.


Recommended in-depth study:


Some of the mandatory contents refer to:

  • Identification of supported versions of the product and skills required by the operator to use the product;
  • A clear description of the safety functions that can be performed and their input/output interfaces;
  • Special instructions and limitations in product configuration for safety applications;
  • Limitations on the use of the compliant product and/or assumptions on which the behavior analysis and reliability parameters are based;
  • Random failure rates (hardware), classified as safe/dangerous and detected/undetected;
  • Hardware fault tolerance and product type (A or B);
  • The value of Systematic capability (from 1 to 4) taking into account the procedures followed during the realization of the product to prevent systematic failures;
  • Maintenance requirements and procedures;
  • Requirements, timing and procedures for the execution of the Proof Test, i.e. the complete and voluntary execution of the safety function in order to detect possible failures in the SIS that could affect the safety of the system being checked;
  • Information on possible external diagnostic solutions to be implemented by the system.
  • Recommendations for software configuration.
  • Compatibility with a previous software release.
  • Guideline for software updates.


The safety manual, therefore, makes it possible to combine all the information necessary for the end-user in a single document in order to integrate a component, even a complex one, into an instrumented safety system. In addition, any device that is not accompanied by this manual can be defined as not complying with the minimum requirements applicable to any SIL level required by IEC 61508 and its application standards (e.g. EN 62061, EN 61511, ISO 26262, etc.).


Recommended in-depth study:


The analysis of the contents of the safety manual shows its importance as a closing element of the certification process since all the information and data on the reliability and safety parameters contained therein are derived from technical documentation drawn up during the certification process (i.e. FMEDA and evaluation on systematic capability); only in the presence of a safety manual is it, therefore, certain that the product has been certified.


Do you want to learn more about Functional Safety?

What does HARA mean for ISO 26262?

The HARA method The HARA method aims at identifying and categorizing hazardous events of items, and also at specifying safety goals according to ISO 26262 and ASILs (Automotive Safety Integrity Levels) related to the prevention or mitigation of the associated hazards in order to avoid unreasonable risk. This means that the combination of a hazard […]

Read more

A brief introduction to ISO 26262

ISO 26262 Standard Application It covers the implementation of functional safety through electrical and/or electronic (E/E) systems, and presents a specific lifecycle for items used in the automotive sector. Thus, it provides a reference for the automotive safety life cycle and supports the adaptation of activities to be performed during the lifecycle phases, i.e. development, […]

Read more
Byhon Logo bianco

Subscribe to our newsletter to stay up to date on Functional Safety and Industrial Cyber Security news and events

Send this to a friend