What is a Functional Safety Concept (FSC) in ISO 26262?

The Functional Safety Concept (FSC) is a key work product in ISO 26262 that bridges the gap between Hazard Analysis and Risk Assessment (HARA) and the Technical Safety Concept. It defines the functional safety requirements (FSRs) derived from safety goals, specifies safe states, warning and degradation concepts, and establishes the allocation of FSRs to preliminary architectural elements. The FSC is developed during the concept phase (Part 3) of the safety lifecycle.

What is the difference between FSC and TSC (Technical Safety Concept)?

The Functional Safety Concept (FSC) describes WHAT safety functions are needed at a functional level, while the Technical Safety Concept (TSC) describes HOW those functions will be technically implemented. FSC focuses on functional safety requirements, safe states, and fault tolerance strategies. TSC details the specific technical solutions, hardware/software architecture, safety mechanisms, and diagnostic coverage to realize the FSC requirements.

What are Functional Safety Requirements (FSRs)?

Functional Safety Requirements (FSRs) are requirements derived from safety goals that specify the necessary safety behavior at the functional level. Each FSR inherits the ASIL from its parent safety goal and must be traceable, verifiable, and allocated to architectural elements. FSRs define what the system must do to achieve or maintain a safe state, including detection, reaction, and transition requirements.

What is FTTI (Fault Tolerant Time Interval) in ISO 26262?

FTTI (Fault Tolerant Time Interval) is the time span from the occurrence of a fault to a possible hazardous event if the safety mechanisms do not respond. It is a critical timing parameter that determines how quickly faults must be detected and handled. FTTI = FDTI (Fault Detection Time Interval) + FRTI (Fault Reaction Time Interval). The FSC must ensure that all safety mechanisms operate within the FTTI budget.

What is a safe state in functional safety?

A safe state is an operating mode of an item without an unreasonable level of risk. Safe states can be achieved by transitioning to a degraded mode, shutting down the system, or activating backup functions. The FSC must define safe states for each safety goal, specify the conditions for transition, and ensure the system can reach and maintain the safe state within the required time (EOTTI - Emergency Operation Tolerance Time Interval).

How does the FSC relate to HARA (Hazard Analysis and Risk Assessment)?

The FSC takes safety goals defined in HARA as its primary input. Each safety goal from HARA is decomposed into functional safety requirements in the FSC. The ASIL assigned during HARA is inherited by the FSRs. The FSC must address all hazards identified in HARA by specifying appropriate detection, mitigation, and safe state transition strategies for each safety goal.

What is ASIL decomposition and when is it used?

ASIL decomposition is a technique that allows distributing safety requirements across independent architectural elements, potentially reducing the ASIL for individual elements. For example, an ASIL D requirement can be decomposed into two ASIL B(D) requirements if implemented by sufficiently independent elements. This is used when a single element cannot cost-effectively achieve the required ASIL, but must follow strict independence requirements per ISO 26262.

What are the key components of a complete FSC document?

A complete FSC document includes: (1) Functional safety requirements derived from safety goals, (2) Safe state definitions for each safety goal, (3) Warning and degradation concept, (4) Fault tolerance and fault avoidance strategies, (5) Timing parameters (FTTI, EOTTI), (6) FSR allocation to preliminary architecture, (7) Operating modes and state transitions, (8) Traceability matrix linking safety goals to FSRs, and (9) Verification criteria for each requirement.

Complete Learning Module

Functional Safety Concept

Master the art of translating safety goals into implementable functional safety requirements. This comprehensive module covers everything from HARA integration to complete FSR development with real-world ESC examples.

Chapters

Interactive Diagrams

ESC

Case Study

Video

Synchronized

Start Learning View Curriculum

What You'll Learn

Build complete competency in FSC development with practical skills you can apply immediately.

Derive FSRs from Safety Goals

Transform HARA-derived safety goals into complete, verifiable functional safety requirements.

Design Safe States

Define static and dynamic safe states with proper entry/exit conditions and timing constraints.

Apply Timing Models

Calculate FTTI, FDTI, FRTI, FHTI to ensure safety mechanisms respond within safe time windows.

Implement Redundancy

Design fault-tolerant architectures with functional redundancy and voting schemes.

Prevent Common Failures

Apply CCF prevention techniques and independence requirements for high-ASIL systems.

Ensure Complete Traceability

Establish bidirectional traceability from hazards through FSRs to verification evidence.

13 Comprehensive Chapters

From foundational concepts to advanced techniques, each chapter builds your FSC expertise systematically.

What and How to Develop a FSC

Understand FSC definition, purpose, key components, and its critical position in the ISO 26262 V-model lifecycle.

V-Model diagramFSC definitionKey components breakdown

Step-by-step Process

Follow a systematic, iterative process from safety goals to complete functional safety requirements.

Process flow diagramInput/output mappingIteration guidance

Technical Foundations

Master the ISO 26262 timing model including FTTI, FDTI, FRTI, FHTI, and EOTTI with interactive diagrams.

Timing model diagramOperating modesSafe state definitions

Fault Avoidance & Tolerance

Learn fault avoidance, fault tolerance, and fail-operational vs fail-safe strategies for safety-critical systems.

Redundancy patternsVoting schemesCCF prevention

Warning & Degradation Strategy

Design effective driver warning systems and graceful degradation strategies for fault conditions.

Warning levelsDegradation timelineDriver takeover

FSR Allocation & Architecture

Allocate functional safety requirements to system architecture elements with proper decomposition.

Architecture diagramASIL allocationInterface requirements

Traceability Matrix

Establish complete traceability from safety goals through FSRs to implementation and verification.

Traceability patternsCoverage analysisGap identification

External Measures & Technologies

Integrate external safety measures, SEooC interfaces, and technology-specific considerations.

SEooC integrationExternal dependenciesTechnology assessment

Verification & Validation

Plan and execute V&V activities to confirm FSC completeness, consistency, and correctness.

V&V methodsReview checklistsEvidence requirements

Common Pitfalls

Avoid common FSC development mistakes with real-world examples and corrective actions.

Anti-patternsCase studiesPrevention strategies

Best Practices & Tips

Apply industry best practices for efficient, compliant, and maintainable FSC development.

Pro tipsEfficiency techniquesQuality guidelines

Practical Example

Work through a complete ESC (Electronic Stability Control) system FSC example from start to finish.

ESC case studyComplete FSR setReal-world application

Expand Your Knowledge

Access related ISO 26262 processes, work product templates, and test your knowledge with exams.

Related processesTemplatesKnowledge tests

Interactive Learning

9 Interactive Diagrams

Learn complex concepts visually with clickable, animated diagrams that bring FSC to life.

V-Model Diagram

Interactive visualization showing FSC position in the ISO 26262 development lifecycle with clickable stages.

Timing Model Diagram

Animated FTTI, FDTI, FRTI, FHTI timeline with ESC example values and timing scenarios.

Operating Modes State Machine

Interactive state machine showing mode transitions: Initialization, Normal, Degraded, Emergency, Off.

Safe State Flow Diagram

Flowchart illustrating safe state transitions with static and dynamic safe state examples.

Functional Redundancy Diagram

Visual representation of redundant functional paths and single-fault tolerance architecture.

Architecture Diagram

System architecture view showing FSR allocation to elements and interface definitions.

CCF Prevention Diagram

Common Cause Failure analysis and prevention strategies visualization.

Degradation Timeline

Timeline showing graceful degradation sequence with warning escalation.

FFI Zones Diagram

Freedom From Interference spatial and temporal partitioning visualization.

Real-World Application

Electronic Stability Control (ESC) Case Study

Every concept is illustrated with a comprehensive ESC system example, showing you exactly how to apply FSC principles to a real safety-critical automotive system.

✓Complete Safety Goals derived from HARA
✓Full set of Functional Safety Requirements
✓Timing calculations with realistic values
✓Operating mode state machine
✓Safe state definitions and transitions
✓Redundancy and fault tolerance architecture

ESC System

Electronic Stability Control

SG-01: Prevent Unintended AccelerationASIL D

Unlock in course

Unique Feature

Synchronized Video Learning

Watch expert explanations synchronized with the content you're reading. As you scroll through chapters, the video automatically jumps to the relevant section.

Scroll Sync

Video follows your reading position automatically

Click to Jump

Click any sync marker to jump video to that topic

Chapter Navigation

Navigate chapters from video or content seamlessly

Bookmarks

Save important sections and resume learning anytime

Ready to Master the Functional Safety Concept?

Start your journey through 13 comprehensive chapters with interactive diagrams, video explanations, and practical ESC examples.

Start Learning Now

13 Chapters9 DiagramsVideo SyncESC Example