What is functional safety?

In many automation setups, safety still operates on a simple on/off binary—either the machine is running or it isn’t. This means when human operators need access to the space around the machine, power is completely cut and all motion comes to a halt until they leave again and the system is reset.

This approach is obviously effective, but it can also be limiting. In applications where operators need to regularly interact with machines for tasks like loading, inspection, cleaning or adjustment, these repeated full stops reduce throughput and increase wear.

As automation systems become more capable and more closely integrated with human activity, there is growing interest in functional safety, which allows controlled operation rather than complete shutdown. This works by defining how machines should behave under fault conditions or when people are present, rather than treating safety as an all-or-nothing state.

Functional safety as engineered behavior

Traditional safety measures are easy to understand and easy to audit. Fences, interlocks and emergency stops remove risk by removing motion entirely. The problem is that idle machines stop production every time an operator needs to step in.

Functional safety reframes the problem. Instead of asking whether a machine should run or stop, engineers ask how it should behave when conditions change. Can an axis slow to a safe speed? Can movement be limited to a defined range? Can a motor be held safely at standstill while remaining energized and controllable?

Standards such as IEC 61508 formalize this thinking. Through a structured risk assessment, hazards are identified and rated according to severity and exposure. From there, it’s possible to define a required safety integrity level (SIL). The machine’s safety functions must then meet that level with predictable, verifiable behavior.

In practice, this means, instead of stopping all movement, machines may reduce speed, limit position or hold axes safely at standstill while control remains active. Importantly, these behaviors are not improvised or reliant on guesswork. Instead, they are explicitly defined, tested and validated as part of the safety concept.

The practical advantage of functional safety is that it allows machines to keep working safely, rather than stopping by default.

Functions such as applying a safe limited speed, safe operating stop or safe position monitoring make it possible to carry out manual tasks without shutting everything down. This means that, for example, an operator might be able to safely load material while a particular axis moves slowly or service a machine while drives remain enabled but tightly constrained.

Over time, these small differences begin to matter. Reduced downtime, smoother workflows and fewer full restarts can all add up to tangible performance gains. Safety remains non-negotiable, of course, but with the right planning, equipment and software, it no longer has to come at the expense of output.

Why feedback matters

Achieving this balance, however, depends on how reliably the system can monitor and control motion. Many safe motion functions rely on knowing exactly where an axis is and how fast it is moving. If that information is wrong, the safety function itself becomes ineffective, with potentially devastating consequences.

For this reason, safety-rated feedback devices play a central role. Unlike standard encoders, they include internal diagnostics that continuously check for faults. If a problem is detected, the system can move to a defined safe state, rather than continuing to operate on unreliable data.

This dependence on feedback accuracy becomes more pronounced as machines move into higher-performance territory. Linear motors, precision printing systems and direct-drive applications all demand tighter control, even when operating under safety constraints.

Matching safety integrity to real risk

A key principle of functional safety is recognizing that not every machine requires the highest possible safety rating. In many common industrial applications, a SIL 2 solution is sufficient, providing an appropriate balance between risk reduction and system complexity.

Higher integrity levels, such as SIL 3, are reserved for situations where the potential consequences of failure are severe and exposure is continuous. Stage lifting systems are a fairly clear example of this: heavy loads move above people who are present for extended periods, requiring every part of the safety chain, from drive to feedback device, to meet the same safety integrity level.

Get your subscription to Control Design’s daily newsletter.

From a design perspective, flexibility is essential. Engineers need to be able to implement the level of safety integrity demanded by the application without overengineering the entire system. Incremental developments in safe motion capabilities, such as aligning drive-level safety with higher-rated feedback options, help support this proportional approach.

This need for proportionate, standards-based safety design also explains why functional safety has moved beyond its original regulatory roots. While EU legislation played a key role in driving early adoption, over the past years functional safety has become a global baseline rather than a regional extra.

This trend is also being driven by customer expectations. Workplace accidents carry not only a very real human cost, but also come with serious legal, financial and reputational consequences. Even in regions with less prescriptive regulations, there is growing demand for documented, standards-based safety products that can be applied consistently across markets.

Designing safety in, not adding it on

The most effective functional safety is integrated from the outset. Drives with built-in safe motion functions reduce the need for external hardware, simplify validation and make system behavior easier to understand.

Configuration tools play an important role here. Graphical setup environments allow safety functions to be configured, tested and documented as part of the overall machine design, helping engineers verify correct behavior early in the process. When updates are required, such as adding support for new feedback technologies or higher safety integrity levels, these changes can often be introduced through software updates rather than extensive hardware redesign.

This is where recent developments in safe motion software are most valuable. Rather than representing radical change, they address practical requirements emerging from modern machine design, extending functional safety concepts to a wider range of applications while preserving established workflows.

A practical view of safe automation

Safety is sometimes viewed as a constraint on productivity, but, in practice, functional safety increasingly acts as an enabler. By allowing machines to behave safely rather than simply stop, it supports closer interaction between people and automation, without compromising compliance or protection. As automation systems become more capable and more widely deployed, this ability to manage risk through controlled behavior is becoming essential.

The challenge for engineers is not to maximize the number of safety features, but to apply the right ones in proportion to real risk. That means understanding the application, selecting appropriate safety functions, and integrating them cleanly into the motion system.