Functional Safety Solutions
In safety-critical environments, "reliable" is only the beginning. Conclusive Engineering provides the hardware architecture, software integrity, and rigorous documentation needed to meet the world’s strictest functional safety standards. We turn compliance from a bottleneck into a competitive advantage.
We work with innovators and Fortune 500 technology leaders
Zero Margin for Error - Total Peace of Mind
Whether you are building autonomous mobile robots (AMRs), medical devices, or industrial control systems, functional safety is about managing risk through disciplined engineering. We provide the expertise to help you achieve SIL or ASIL ratings without restarting your design from scratch.
Our Safety Standards Expertise
We navigate the "alphabet soup" of international safety standards so you can focus on your product's performance.
Our recent experience with industry standards includes (but is not limited to)
Our Safety Workflow
We have experience with supporting customers up to SIL-4 level.
For SIL-4 hardware, the design must ensure that no single credible hardware failure can lead to a hazardous condition and that faults are either prevented, detected, controlled, or driven to a defined safe state. This typically requires a fail-safe architecture, high diagnostic coverage, controlled interfaces, robust component selection, and systematic allocation of hardware safety requirements from the system hazard and risk analysis.
The implementation and verification of SIL-4 hardware rely on disciplined development practices, including FMEA/FMECА, fault tree analysis, derating, reliability prediction, worst-case analysis, environmental and EMC qualification, and traceable evidence that the hardware supports the required safety integrity.
SIL-4-oriented hardware design and implementation practices:
- selecting components for industrial standards with long-life production, and dedicated to the railway solutions
- architectures with redundancy or cross-monitoring to avoid single points of failure
- safe output states in case of processor, I/O, sensor, or power faults
- hardware-based diagnostics and self-monitoring, such as voltage monitoring, watchdogs, line checks, and memory integrity checks
- design measures against common cause failures, including segregation, diversity, and independent monitoring paths
- conservative design rules such as component derating, controlled thermal margins, and robust power supply supervision
- validated behavior under EMC, vibration, shock, temperature, and humidity conditions typical for railway onboard environments
- full traceability from hazard -> hardware safety requirement -> architecture -> detailed design -> verification -> safety evidence
For SIL-4 software, the design must minimize systematic faults and ensure that any credible failure leads to a defined and safe outcome. This usually means using a deterministic and fully traceable architecture, strict partitioning of safety-related functions, robust interface control, defensive programming, and carefully constrained use of language features, tools, and third-party components.
The implementation is supported by high-integrity development measures such as coding standards, static analysis, bidirectional traceability, unit/integration/verification testing, independence in reviews, and evidence that the software satisfies the safety requirements allocated from the system hazard analysis.
SIL-4-oriented design and implementation:
- separation between vital and non-vital software functions
- use of redundant input validation and plausibility checks
- transition to a safe state if inconsistent data, timing violations, or internal faults are detected
- watchdog supervision, memory checks, startup tests, and runtime diagnostics
- restricted use of dynamic memory, recursion, and other constructs that reduce predictability
- verified handling of communication errors, corrupted telegrams, or sensor disagreement
- code implementation with the MISRA rules and with static code analysis like PCLint, VectorCast
- code coverage with gcov
- full traceability from hazard -> safety requirement -> software requirement -> design -> code -> test -> evidence
Hardware and software design and implementation include not only safety standards but also Cybersecurity standards such as CRA or ISA/IEC 62443-2. The highest priority is functional safety, and where it is impossible to fully fulfil the CyberSecurity standard, we prepare the exported recommendation for the system.
Functional safety is a process not a feature. We integrate into your lifecycle at any stage:
Hazard & Risk Assessment (HARA)
We help identify potential failure modes and define the Safety Integrity Level (SIL) required for your specific application.
Functional safety requirements
We help analyze documentation standards to define the requirements for on-board hardware, ensuring safe behavior under normal and fault conditions, compliance with railway standards, robust diagnostic coverage, fail-safe architecture, and the evidence needed for efficient certification and approval. During this process, we also combine recommendations from cybersecurity standards such as CRA or ISA/IEC 62443-2. Help with deriving safety requirements from system hazards and operational scenarios.
Hardware with Integrity
We help with designing and implementing custom hardware for onboard railway systems by defining fail-safe and diagnosable architectures, allocating verifiable hardware safety requirements, and applying rigorous analysis and verification methods to ensure fault tolerance, safe-state behavior, environmental robustness, and compliance with the highest railway safety integrity expectations.
This includes:
-
Selecting components for industrial standards with:
- long-life production
- proven failure-rate data (FIT)
- from redundant power rails to ECC memory and specialized safety controllers
- dedicated to the railway solutions
- Support compliance with railway standards such as EN 50126, EN 50129.
- Allocate SIL-related requirements to hardware architecture.
- Perform or support hazard analysis, risk assessment, FMEA/FMECА, and fault tree analysis.
- Specify hardware needs for:
- fail-safe behavior
- fault detection and diagnostics
- redundancy / no single point of failure
- safe state transition
- power supply integrity
- environmental robustness for vibration, temperature, EMC, and shock
- reliability and availability
- maintainability and lifecycle support
Software that Doesn't Waiver
Our software team adheres to strict coding standards (like MISRA C/C++) and utilizes formal verification methods to ensure your software is as predictable as your hardware.
We support the team to development of software for safety functional systems where this process is performed in accordance with the principles of functional safety as defined by IEC 50128. We have experience in the areas where:
- The software typically operates within a dual-processor architecture, which together form a redundant and fault-tolerant system. Both processors execute equivalent or complementary logic and continuously monitor each other’s outputs and internal states in order to detect discrepancies and enforce a safe system state in case of faults.
- The software lifecycle is implemented according to a V‑model approach, in which each development phase is associated with a corresponding verification activity. The process begins with the definition of software requirements derived from system-level safety requirements. Particular attention is given to the definition of fail-safe conditions and the behavior of the system in degraded or fault scenarios.
- The software architecture is developed to ensure proper partitioning of functions and to support the dual-CPU safety concept.Mechanisms such as cyclic execution, deterministic scheduling, watchdog supervision, and cross-comparison of outputs are integrated at this stage. The design ensures that no single fault can lead to a hazardous situation and that any divergence between the processors leads to a transition into a safe state
We help with implementation of the software using a restricted subset of the programming language compliant with MISRA guidelines. These rules are applied to eliminate ambiguous constructs and ensure predictable execution behavior, which is essential for safety-critical systems. The code avoids unsafe features such as uncontrolled pointer arithmetic, dynamic memory allocation (unless strictly justified), and implicit type conversions. The objective is to achieve a high level of code reliability and maintainability.
During implementation, we are using the static analysis tools (commonly referred to as linting tools) to verify compliance with MISRA rules and to detect potential issues such as dead code, unused variables, or non-deterministic constructs. All violations identified by the analysis are either corrected or formally justified, ensuring that the final code base conforms to the required safety standards. In addition to automated analysis, systematic code reviews are performed to confirm that the implementation is consistent with the design and that all safety mechanisms are correctly realized.
Testing activities are performed at multiple levels to ensure the correctness and safety integrity of the software. Unit testing verifies that individual modules behave as specified, including their handling of boundary conditions and erroneous inputs. Integration testing validates the interaction between modules and ensures correct communication and data exchange. Special attention is given to synchronization mechanisms and consistency checks between the processors.
A critical part of the verification strategy is structural coverage testing. Depending on the Safety Integrity Level (SIL), coverage metrics such as statement coverage, branch coverage, and Modified Condition/Decision Coverage (MC/DC) are applied. These metrics ensure that all relevant parts of the code are exercised during testing and that no unverified logic remains.
We help with analysis of the coverage report which also includes verification of safety-related paths, particularly those handling fault detection and safe state transitions in the CROSS-CPU architecture. Where the Coverage is missing we analyse/review the code to fill the gaps.
The implemented code is prepared for the Cyber security standards to eliminate potential vulnerabilities and bottlenecks from the Functional Safety standards perspective. This process includes:
- Input validation - to verify fields and proper values in the packets that are sent by network.
- All external communication channels protected by the TLS encryptions and sessions management.
- Security Error Handling - The error syslog messages created where the software recognizes improper system behavior or content of the packets.
Documentation
We support the team in the creation of functional safety documentation for onboard hardware and software, ensuring that requirements, architecture, design decisions, analyses, verification results, and safety evidence are captured in a clear, consistent, and fully traceable manner. This includes documentation needed for the full safety lifecycle, from hazard analysis and safety requirements specification through design, implementation, verification, validation, and safety case support. I help customers produce documentation that is technically robust, audit-ready, and aligned with railway functional safety expectations for SIL-4 applications.
How we help with documentation:
- define the documentation structure for the safety lifecycle
- prepare safety plans, requirements specifications, and interface documents
- document hardware and software architecture and design rationale
- support hazard logs, risk analyses, FMEA, FTA, and safety analyses
- create and maintain traceability between hazards, requirements, design, code, tests, and evidence
- prepare verification and validation documentation, including test specifications and reports
- support the development of the safety case and evidence package for assessment
- improve document quality for clarity, consistency, completeness, and audit readiness
- root cause analysis - creating the reports for the assessors.
Certification Support
The "mountain of paperwork" is often the hardest part. We provide the technical files, FMEDA (Failure Modes, Effects, and Diagnostic Analysis), and safety manuals required for third-party certification (TÜV, UL, etc.).
We help prepare the safety case and evidence needed for assessment and certification. We also support the customer during the assessment process, e.g., by discussing technical details with assessors.
Ready to De-Risk Your Innovation?
Don't let certification hurdles delay your market entry. Partner with an engineering team that views safety as a fundamental architectural pillar, not an afterthought.
Contact Our Safety Engineering Team
Reviews and Testimonials
Customers value our services and here's proof.
“I strongly recommend Conclusive Engineering”
Conclusive's efforts provided the key integrated hardware and software platform that we used to deploy advanced biomanufacturing and tissue engineering equipment worldwide. I strongly recommend Conclusive Engineering as a reliable and experienced technological partner within the field of embedded software development and hardware design services
PhD SVP, Chief Scientist for Regenerative Medicine 3D Systems Corporation
“We found that they were very resourceful”
We found that they were very resourceful; they suggested improvements even though they didn't have expertise in our specific industry, which ultimately resulted in a product that exceeded our initial requirements.
VP of R&D, Dental Products & Services Company
“The team is flexible, responsive, communicative, and open to changes”
Conclusive Engineering has successfully delivered the entire components and designs the client required, marking the project's success. The team is flexible, responsive, communicative, and open to changes. Moreover, their willingness to suggest improvements has ensured a better result than expected.
Software Architect, Clevon AS
Updates & Communication
We get that good communication is the key to success. That’s why our engineers always stay in touch with your team to discuss the project.
We usually do the following for our clients:
- dedicated Slack channel,
- dedicated project supervisor,
- regular project updates,
- ability to work in the client’s time zone,
- on-site visits,
- and more.
Case Studies
Discover real-life examples of Conclusive Engineering at work.
5G Automotive Gateway with Advanced Connectivity Options
Conclusive Engineering develops the Clevon 5G Gateway, enhancing connectivity for autonomous vehicles with advanced, robust design.
Read more
Development of a Modern Dental Chair Control Board with IoT Capabilities
One of the flagship products of DENTALEZ is a high-end dental chair, the 6400 Dental Patient Chair. The product features a hydraulic cantilever mechanism and mechanical assistant instrumentation.
Read moreCooperation
Are you interested in working with Conclusive Engineering? We can offer different payment options, such as time and material, fixed price, or hybrid alternatives.
Read more about our cooperation schemes
Talk to Conclusive Engineering Experts
Submit your project details and a Conclusive Engineering expert will contact you soon to discuss how we can support your project.
Trusted partner by leading tech companies:
“We found that they were very resourceful; they suggested improvements even though they didn't have expertise in our specific industry, which ultimately resulted in a product that exceeded our initial requirements."
Robert Young
VP of R&D, Dental Products & Services Company
Talk to Conclusive Engineering Experts
Submit your project details and a Conclusive Engineering expert will contact you soon to discuss how we can support your project.