Functional Safety Design Packages

To ease certification of embedded systems with functional safety requirements many vendors of MCUs provide “Functional Safety Design Packages” (e.g. SafeTI of Texas Instruments, STMicroelectronics).

These design packages contain:

• SW/hardware abstraction libraries (HAL) for the MCU
• documentation about the design (basis for certification(s) of “design package”), e.g. refer to Functional Safety Design Patterns
• “design package” certification document(s) (to justify suitability for system integration of the “design package”)
• documentation about “Failure Mode and Effects Analysis” (FMEA) and “Failure Modes, Effects and Diagnostic Analysis” (FMEDA) to ease certification of the overall system

The same approach used by these vendors on the MCU/HAL level could be adapted to ROS2 on various levels as well. E.g. H-ROS system components, higher level application SW components, etc.

Adopting a “design package” approach would help to:

• save vendor specific resources
• enable acceptance of ROS2 in the industry
• establish ROS2 as a standard in robotics with broad acceptance (not limited to research and low risk domains and applications but higher risk domains and applications as well)

Hi @fkromer , this is very interesting .. I was searching for any references with regards to functional safety in ROS. It seems there isn’t much discussion about Functional Safety in ROS due to many of project are leveraging ROS for prototyping and then move to something else when the need rises for safety critical applications. I only came through few instance where developers were trying to leverage ROS in these safety critical environments.

I am not sure if you are still involved in this domain but would love to know if you learned of any developments about this within the ROS ecosystem. Anyone else have thoughts on this are welcome to share.

In our systems we don’t consider ROS part of the safety system. The ROS system sits on top of a safety certified PLC.