Eventually, the time for the projects to be released for production has come, the development team did all that was planned, every deadline was met, the customer is more than happy and has no objections. Everyone did their job perfectly, everything is in its exact place, all documentation is prepared and each step of each relevant process is followed and documented. There is nothing to fix, there are no gaps identified and the team can move to other exciting activities. 

Sounds a little like a fantasy? That’s because the above situation is…  never the case.  

In today’s interconnected world, functional safety (FuSa) is more critical than ever. Projects, especially those that are system-of-systems – incorporating multiple suppliers across different locations – bring their own set of challenges. And when deadlines approach, issues such as organisational differences, varying work cultures, and time-zone differences can intensify the pressure.

For industries like automotive, where safety-critical systems are at the core of all road vehicles, ISO 26262 provides a global standard for ensuring that systems meet rigorous safety requirements. This is especially true in systems that integrate both hardware and software, where the risk of failure can have devastating consequences. Verifying that an automotive application, a specific device or solution is fully reliable and compliant is crucial for protecting the life and health of users.

The real pressure point often arises when the project is nearing its final stages, and the critical tasks such as the “ISO 26262 Audit,” “Assessment,” “Safety Case Delivery,” or “FuSa Release Report” appear on the calendar. It’s at this point that the project and FuSa management team must reassess their approach to Functional Safety (FuSa).

Why is an assessment needed at all? What is the goal?

A Functional Safety (FuSa) assessment, audit, or safety case isn’t just a formality. It’s necessary to certify the compliance of safety-critical systems with the ISO 26262, a global standard for automotive safety. Without proper evidence, arguments about safety are weak, and without clarity, they are ineffective.

Presenting safety arguments in an organised manner, with all assumptions, limitations, and potential risks considered, is critical. Without reaching a consensus between stakeholders on the safety of the product, the risks remain unaddressed.

This is where preparation becomes key. Think of it as a marathon, much like the famous Ancient Greek race – there are no shortcuts. Every step, every piece of documentation, and every safety-related component must be in place to ensure success.

Audit & Assessment process 

The process of preparing for an ISO 26262 assessment (FuSa assessment) is a systematic one. While this article provides an overview, for more details on the standard itself, see our guide to ISO 26262.

Remember that the scope of the assessment may vary. In many cases, the development area might be limited (e.g., software development and testing lifecycle). The key to passing any assessment, however, lies in well-documented project materials.

Many projects falter due to poor or neglected documentation. You can’t avoid preparing bulletproof, robust, and diligent project documentation, as it can be the deciding factor in keeping up with the project schedules and passing or failing the assessment.

Want to learn more about ISO 26262?

Read our guide

How to prepare for a FuSa assessment 

“By failing to prepare, you are preparing to fail”Benjamin Franklin 

Preparation is everything. Like any battle, an assessment should not be faced without thorough planning. Below are a few common steps which might seem trivial but often trip up even the most experienced teams as an Achilles’ heel in the entire assessment process.

Is the assessment agenda known to all involved parties?

Do we have a specific slot to discuss a given topic, and is each relevant team member aware of it? Ensure that all subject matter experts know the assessment topics and are ready to present their arguments or findings.

Are assessment items assigned to a specific person? 

Identify clear ownership of each document and ensure that responsible experts are assigned specific tasks. Not sure who in your organisation should own which responsibilities? Here’s who should handle Functional Safety.

Is there proof of specific activities, and is it well-documented?

For software development, especially when using strongly typed languages like C or C++ for embedded systems, ensure that coding guidelines are followed and documented. Tools like static code analysis should provide proof that guidelines are being adhered to.

Is the proof up to date?

Confirm that all safety analyses and documentation reflect the latest project version and include recent developments. Remember that e.g. safety analysis performed on the initial architecture might not consider safety-related components that were implemented in the latest release – assess if it is all up-to-date.

Is there a “repair plan” for identified gaps?

If gaps are discovered during the assessment, track and resolve them systematically. Establish clear deadlines and responsibilities for any missing documents or incomplete tasks. If the Software Qualification Report is missing for a specific development tool, how is such a task tracked? Who is responsible for it? What is the deadline?

Functional Safety assessment best practices

When preparing for a FuSa assessment, be sure to keep the following points in mind:

  • Compliance and documentation: Ensure that all relevant documentation, such as the safety plan, safety case, and hazard and risk analysis (HARA), is current and meets ISO 26262 requirements.
  • Clear roles and responsibilities: Ensure clear ownership for every safety-critical task, including coding guidelines, tool qualification, and safety analysis reviews. It will simplify the process, not only by helping to reduce the risk of overlooking an important step, but also by allowing each task owner to take care of it in a comprehensive way.
  • Verification and validation: Confirm that all safety-related work products, including those from ASIL B projects, are reviewed using appropriate methods such as technical reviews, walk-throughs, or inspections. Reviews should consider the required level of independence and the relevant technical roles, and be verified by qualified independent technical experts

Closing words: Achieving ISO 26262 certification with expert support 

Your project’s release for production depends on the outcome of the FuSa assessment. If you’re unsure where to start or how to prepare for the assessment, consider a pre-assessment evaluation. This process can help you identify potential issues and address them proactively.

Our Spyrosoft Functional Safety team has hands-on experience in preparing and passing assessments for various major OEMs. We understand the complexities of FuSa and, based on our expertise, can provide guidance to ensure that your project meets all ISO 26262 standard compliance requirements.

For more info, visit our site and contact us.

FAQ

A FuSa assessment is an independent evaluation that determines whether a system meets the requirements of ISO 26262. It typically includes a review of documentation, development processes, and risk analysis, ensuring that safety objectives for automotive systems are met.

Ideally, you should begin preparing early in the project lifecycle. Waiting until the release phase often leads to delays, as documentation gaps, missing safety analyses, or tool qualification issues can be time-consuming to resolve.

Some of the most frequent blockers include:
• Incomplete or outdated safety documentation
• Lack of evidence for coding guidelines or tool qualification
• Missing or weak traceability
• Undefined responsibilities for safety-related activities
• Gaps in verification or confirmation reviews
These can all be avoided with clear roles, early planning and regular internal reviews.

Functional Safety is a shared responsibility across multiple roles in the organisation. Typically, the Functional Safety Manager oversees the safety process, ensuring all requirements are met. The System Architect integrates safety features into the design, while Software and Hardware Engineers ensure compliance with safety standards. Safety Engineers conduct hazard analyses, and Verification and Validation Teams ensure safety measures are correctly implemented. Ultimately, the Project Manager coordinates these efforts, ensuring deadlines and safety milestones are met.

While both involve evaluating compliance, an assessment focuses on whether the product meets ISO 26262 objectives for Functional Safety. An audit usually checks if processes and procedures are followed. The assessment is the step that supports the safety case and the product release decision.

Typical deliverables include:
• Safety plan
• Safety case
• Hazard and risk analysis (HARA)
• Functional and technical safety concepts
• Verification and validation plans and reports
• Tool qualification plans and reports
• Confirmation review records
Each must be current, traceable, and tailored to the project scope.

If any gaps are identified, they must be tracked, prioritised, and resolved. A strong repair plan with clear responsibilities and deadlines is crucial. In many cases, a pre-assessment or internal dry run helps uncover and address issues earlier. You can also explore Spyrosoft’s Automotive Functional Safety Analysis support offer.

About the author

Piotr Peret

Piotr Peret

Functional Safety Engineer