Publication

This paper outlines a business model for selling safety-related components. The goal is protection of the suppliers' intellectual property whilst providing confidence, to the customer, that the component is safe. The ideas in this paper are based on the Safety Element out of Context-concept as given in ISO 26262. To this we add ideas from IEC 61508-(a safety manual), and also describe a procedure to establish a safety certificate resulting from a third-party assessment. The ideal business model is contrasted with a fictitious inferior model that is based on experience in the industry. 2 Introduction This paper outlines a business model for selling safety-related components. The goal is protection of the suppliers' intellectual property whilst providing confidence to the customer that the component is safe. The actors, e.g. supplier, customer etc., and their roles in the business model are described and explained. The business model is described in an ideal scenario. Commentary is given where ideal assumptions differ from reality e.g. as found from experience. As this is an ideal model, it may require effort (and expense) to use in a real scenario. However, it allows deficiencies in current practices to be highlighted and at least discussed. The business model assumes the use of a safety manual, in the interface to the customer; in the scope of components that are developed according to ISO 26262. Although this concept is not new (it is found in IEC 61508), it is not currently specified in ISO 26262. The ideal business model is contrasted with a fictitious inferior model that is based on experience in the industry. The background is the following: A supplier develops and offers a safety component. The offer is found by a potential customer through marketing, and negotiations leading to a purchase are initiated. The material used for marketing the component is based on properties from the development of the component. The customer requests a specification of the component (beyond initial marketing material), e.g. it's interface, properties, and evidence of conformance, e.g. to applicable safety standards. Since much of this data (specification sand evidence of conformance) is found in supplier documentation that also contains other information that the supplier should not expose, a challenge in this relationship is to control the exposure of the supplier's intellectual property to the customer. In the proposed business model this exposure is avoided by using a clear interface definition (a safety manual) and third-party certification, of product conformance and safety, to gain the customer's confidence without compromising the supplier intellectual property. Traditionally, system safety analysis started with the complete systems in scope, i.e. not components. Functional safety standards (a subset of system safety) originated from this complete systems approach. For example, in aerospace, process and nuclear industry there is a long-standing tradition to estimate system reliability, to analyse faults and to mitigate failures by system engineering. In the wake of several catastrophic incidents like the Seveso disaster in 1976 and the Bhopal disaster in 1984 (Seveso disaster, Bhopal disaster), the need for an industrial standard to assess functional safety became priority. In 1998 the IEC 61508, the first international functional safety standard, was published and helped raise awareness of functional safety in the industry. Its lifecycle approach to functional safety (design, 1 Corresponding author: carl.bergenhem@qamcom.se 2 This article is available at arxiv.org