Huld

Bold Ideas with a Human Touch

Home / Insights / Understanding IEC 61508: The Foundation of Functional Safety 

Understanding IEC 61508: The Foundation of Functional Safety 

Functional Safety Safety and Security

Written by Anton Alexeev
Competence Lead

Jump to
Functional Safety Safety and Security

IEC 61508 is the primary basic standard for Functional Safety across industries. Although it is not harmonized under any EU directive, it is widely recognized and used especially in the development of complex, high criticality safety-related software and electronics. Read our Functional Safety expert Anton’s insight on how the standard shapes real-world safety systems. 

Components developed in accordance with IEC 61508, often referred to as “compliant items”, can be reused across different sectors. These items are frequently subjected to third-party assessments by organizations such as the TÜVs, a process sometimes referred to as safety certification. 

Why IEC 61508 Is Being Updated 

The current version, Edition 2, was released in 2010. While the core principles of Functional Safety have remained largely unchanged, technological advancements over the past decade have introduced new challenges and opportunities. Many of these developments are already reflected in domain-specific standards like ISO 26262:2018 (Automotive) and, to a lesser extent, EN 13849:2023 (Machinery), prompting the need to revise IEC 61508 to stay relevant and aligned with sectoral standards. 

Edition 3 is currently under development. Some parts, such as IEC TR 61508-3-3:2025 (object-oriented software guidance), have already been published. Main parts of the standard are currently under deliberation, which is a heavy process. Currently it seems that the main parts of IEC 61508 Edition 3 are likely to be official in 2027. 

Key Improvements in Edition 3 

  1. Support for Object-Oriented Programming 
    IEC TR 61508-3-3:2025 finally provides concrete recommendations for using object-oriented languages (for example C++) in safety-critical systems. This TR does not replace the normative requirement of IEC 61508-3; rather it formalizes best practices that many developers had already been using. 
  1. Improved Diagnostic Requirements 
    Diagnostics are mechanisms for detecting and managing faults. Edition 3 clarifies how to handle dormant failures in diagnostics. It is hoped that these clarifications will put a stop to discussions about “diagnostics of diagnostics” that are frequently encountered during 3rd party assessments. 

Additionally, Edition 3 requires that software safety requirements explicitly address software fault detection and annunciation. This is an activity that is in practice supported by Software FMEA. 

Other significant changes 

  • Data Communication Requirements 
    The “black channel” approach for data communication is now integrated into IEC 61508, rather than being covered in separate standards. 
  • Development Tool Qualification 
    Requirements for tool design and qualification are made more explicit. This aims to reduce project-specific effort in tool selection, classification and qualification or validation. 

Topics in Common with ISO 26262:2018 

Many readers of IEC 61508 Edition 3 will recognise the topics which are already covered in ISO 26262:2018, for example: 

  • New guidance is provided for FPGAs and System-on-Chip devices, following approaches similar to ISO 26262. 
  • Techniques for ensuring Freedom From Interference between software elements on the same hardware are updated. 
  • Guidance is provided for handling soft or transient errors (i.e. bit flips). 

One other topic which is of great practical relevance is the possibility of re-use of ISO 26262 components. Machinery domain, particularly mobile machinery, suffers from lack of availability of IEC 61508-compliant complex sensors (for example 3D LiDARs) and computation platforms. Edition 3 begins to address how complex equipment developed under ISO 26262 can be adopted in e.g. mobile machinery. This will eventually include guidance on architectural constraints and safety justification.  

Non-Deterministic Algorithms, AI/ML 

Unlike the current IEC 61508 Edition 2, Edition 3 makes some provision for non-deterministic algorithms for use in safety-critical applications. Understandably Edition 3 does not go into detail on this topic, which is currently still some way from what could be described as full maturity.  

In the opinion of the author of this article, this topic would be considered ‘ready’ about the same time as there is a reliable AI-based app for determining which mushrooms are edible and which are poisonous. Another related area, which is currently still quite open, is statistical-based testing of non-deterministic algorithms: exactly how much testing is sufficient? 

Read also the previous blog about utilisation of IEC 61508 in the nuclear domain.  

Contact us