What is it? What do you need to know?

Any manufacturer of heavy duty or specialty vehicles in Europe must implement a safety strategy that governs how subsystems and electronic components interact, whether the vehicles operate on-road or off-road. Defining a safety level for each critical application is essential to ensuring functional safety across the entire supply chain, and this is achieved through structured risk analyses aligned with relevant standards. As a trusted partner, EAO places strong emphasis on functional safety in every customer engagement, recognizing the significant benefits it delivers for both users and manufacturers.

Traditional mechanical solutions are increasingly being replaced by intelligent electronic systems, with smart technologies now taking over functions once handled by mechanical actuators and indicators. CAN (Controller Area Network) bus systems enable communication between more than a hundred devices over shared wiring, reducing cabling, weight, and cost. At the same time, these systems enhance vehicle capabilities for operators and users. However, added complexity also introduces new risks, as even a minor data error, such as a single bit changing during transmission, can lead to unintended system behavior. This can have serious consequences, particularly when safety-related components are involved. Functional safety addresses these risks, not only for highly complex systems but also for simple applications such as window controls or lighting functions.

 Immediate system response to random errors

 In mechanical systems, robust development processes are essential to prevent systematic errors. As electronics become more complex, systems must also be continuously monitored during operation so that random faults can be detected. These faults may result from external factors such as radiation, magnetic interference, or the natural ageing of electronic components. When such issues arise, the system must respond immediately, for example by transitioning the vehicle into a safe state. This may involve shutting the system down or alerting the operator through a warning indicator.

Although functional safety cannot eliminate all malfunctions, it plays a critical role in minimizing their impact. At its core, functional safety is about reducing risk to an acceptable level. This is achieved through established standards that govern development and manufacturing processes, define monitoring requirements, and specify safe system behavior. These standards also provide a framework of protection for manufacturers of safety components, subsystems, and complete vehicles. Comprehensive documentation and certification further demonstrate that products meet safety expectations and can be trusted in real-world applications.

 Who absolutely needs to address functional safety?

 Put simply, manufacturers are responsible for ensuring their products do not cause harm. The European General Product Safety Directive mandates that all products sold in the EU must be safe, becoming legally binding once incorporated into national laws. As a result, manufacturers must follow relevant standards or maintain state-of-the-art practices, including the application of functional safety. One key standard is ISO 26262, which applies to vehicles with safety-related electronics and was expanded in its second edition in December 2018 to cover all road vehicles. Machinery and vehicles are treated as separate applications, each requiring specific technical standards. Today, compliance with functional safety standards is often scrutinized in legal contexts. Failure to meet these requirements may be considered gross negligence, making manufacturers liable for injuries. Neglecting functional safety puts both users and the company at significant risk.

Addressing the issue of functional safety is a corporate obligation.

Special-purpose vehicles and their components that lack functional safety present significant risks to users, the environment, and manufacturers alike. In contrast, implementing functional safety helps protect manufacturers from legal and financial consequences. Liability may extend beyond the company to individuals, such as development managers held responsible for failures, with penalties ranging from compensation claims to criminal charges. Inadequate safety measures can also lead to expensive product recalls and lasting reputational damage. For this reason, addressing functional safety is a fundamental corporate responsibility. It requires manufacturers to establish a strong safety culture that extends into management and support functions through structured functional safety management. At the same time, complying with relevant standards and certifications offers benefits beyond risk mitigation, enhancing overall product quality. For example, in actuators and indicators, this results in improved switching performance and greater operational reliability.

 Having a safety strategy allows manufacturers to take responsibility.

When it comes to functional safety for end users, responsibility ultimately rests with the company that brings the product to market. This means manufacturers must rely on components that are designed and validated to prevent harm.

To ensure this, companies must conduct a comprehensive risk analysis of the entire system and determine the appropriate safety level. Relevant standards define these levels as Safety Integrity Levels (SIL) or Performance Levels (PL) for machinery applications. Each component and its specific use must then be evaluated individually, allowing clear requirements to be set for suppliers. The required safety level for the same component may vary depending on the application, as it is always defined by the specific use case. For this reason, a well-defined safety strategy is essential.

Manufacturers of heavy duty and specialty vehicles must assess which components require specific safety levels and determine how each should respond to random faults. In some cases, it may be sufficient to notify the operator that maintenance is required. In others, an emergency response must be activated, such as limiting vehicle operation to reduced speed. For critical failures, the system may need to bring the vehicle to a complete stop to ensure safety.

For every application the safety level must be determined.

Standards guide manufacturers in achieving Safety Integrity Levels (SIL) and establish the parameters for risk classification. This classification is based on key questions, including the severity of potential consequences, the likelihood of occurrence, and how effectively the situation can be controlled. The answers to these factors determine the overall risk level. Each application must be evaluated individually; for example, a complete braking system typically requires a higher safety level than one of its subsystems, such as an anti-lock braking function.

Risk assessments are generally categorized into levels from 1 to 4, although terminology varies depending on the specific standard. For instance, the EN ISO 13849 standard for machinery uses Performance Levels ranging from a toe, while ISO 26262 for automotive applications defines Automotive Safety Integrity Levels (ASIL) from A, the lowest, to D, the highest. Depending on the assigned safety level, validation may require independent testing or formal assessment procedures to ensure compliance.

Example: Determining the safety level (ASIL) for a vehicle application

What injuries (S for Severity) will an error cause?

S0: none

S1: mild to moderate

S2: severe, survival likely

S3: very severe, survival unlikely

How likely is it (E for Exposure) that the error will occur?

E1: very low probability

E2: low probability

E3: medium probability

E4: high probability

How easy is the error to control (C for Controllability)?

C0: controllable in general

C1: easy (99 % of drivers)

C2: normal (90 % of drivers)

C3: difficult (by under 90 % of drivers)

Discipline-specific standards serve as the basis.

Functional safety and its associated standards require structured management systems with clearly defined development processes. The V-model is commonly used to organize these processes into distinct phases, beginning with risk analysis. Compared to conventional development, functional safety demands more comprehensive and detailed evaluations, such as fault tree analyses (FTAs), which assess system reliability and the probability of failure, forming the foundation of the overall safety strategy. Verification, documentation, and traceability are equally rigorous, requiring companies to demonstrate full compliance with all requirements through detailed records of every step.

IEC 61508 serves as the foundational standard for functional safety, with sector-specific standards derived from it. ISO 26262 applies to road vehicles and safety-related electronic systems, while ISO 13849 focuses on machinery functions such as tipping systems, compactors, and lifting equipment mounted on vehicles.

Functional safety is not a new concept and has long been considered in mechanical design, where achieving safe states has always been essential. With the growing adoption of electronic systems such as CAN bus technology, awareness and implementation of functional safety practices have become increasingly important. At EAO, functional safety is embedded into product development through intelligent components designed to meet defined safety levels. As customer demand for certified, safety-focused solutions continues to grow, EAO remains committed to supporting its customers with expertise that prioritizes safety, reliability, and risk awareness.

Series 09 Rugged CAN Keypads for applications with functional safety

The Rugged CAN Keypads feature high reliability and are designed for functional safety in accordance with the EN ISO 13849 PL d and ISO 26262 ASIL B standards. These robust control units with flexible illumination are ideally suited for use in heavy duty and special vehicle applications.

Further information is available at www.eao.com/09

EAO Corporation One Parrott Drive Shelton, CT  06484

203 951 4600

sales.eus@eao.com