Field Evidence

Where the problems were real.
So were the results.

Every case below is a program we were embedded in — not a reference project or a pilot. The challenges are structural: multi-domain complexity, organizational inertia, resource gaps at critical path. The outcomes are measured, not estimated.

Automotive ISO 26262 · ASIL D Oct 2021 – Present
ASIL D Active Safety — Global Tier 1, Active/Passive Safety Platform
Michigan USA · Paris France · Multi-year engagement
+
The Problem
  • Safety management was fragmented across system, hardware, and software teams with no unified tracking — planning gaps were discovered only at milestone gates.
  • Hardware component qualification (MCU Infineon / NXP) had no established process; qualification evidence was incomplete ahead of confirmation review.
  • Safety analysis (FMEA, FTA, DFA) was performed ad-hoc without moderation, producing inconsistent assumptions and traceability gaps that triggered re-review loops.
  • The organization had no structured safety concept — engineers were building to requirements not grounded in a coherent ASIL-level safety argument.
  • Cyber Security management was running in parallel with no integration into the safety planning structure.
Our Approach — Expert + AI Accelerator
  • 01Took over interim Safety Management: structured planning, tracking, and monitoring across all three engineering domains simultaneously.
  • 02Built the safety concept from scratch using a coaching-by-hands-on approach, working directly with system and SW architects as domain owners.
  • 03Moderated FMEA, FTA, DFA across all domains — driving analysis quality by facilitating domain-expert input rather than working around it.
  • 04Led MCU qualification reviews for Infineon and NXP; introduced a repeatable qualification framework adopted across the product line.
  • 05Escalated to Confirmation Measures role (I3): responsible for final safety case review and release recommendation across the full Airbag organization.
  • 06Applied AI-assisted consistency checking across safety plan, impact analysis, and safety case documents — catching traceability gaps before formal assessment.
Outcomes
69%Analysis Efficiency Gain
3yr+Ongoing Engagement
↓↓Re-verification Review Count
ASIL DRelease Cleared
"Overall analysis efficiency improved by 69.1%. The number of Re-Verification Reviews was significantly reduced. Overall consistency increased, while the number of engineering work products and findings decreased."
Safety Lead · ASIL D Products · 2025
Safety PlanSafety CaseFMEA · FTA · DFA MCU Qualification (Infineon / NXP)Confirmation Review (I3) Impact AnalysisCyber Security Integration
Automotive ISO 26262 Oct 2023 – Jun 2024
Autonomous Braking HARA — AI-Assisted Hazard Analysis at Scale
Global Tier 1 · South Korea · Levels 2–5 Autonomous Braking
+
The Problem
  • Hazard analysis for Level 2–5 autonomous braking required evaluating thousands of scenario combinations across multiple regions — manually infeasible at the required objectivity and speed.
  • S/E/C assignments were made subjectively, without data-driven grounding — producing ASIL results that could not withstand assessment scrutiny.
  • The safety goal hierarchy was ad-hoc: goals accumulated over project iterations, creating gaps and redundancies that undermined the safety argument.
  • Exposure data needed to reflect real regional variation (China, Europe, North America) including weather and roadway conditions — not generic estimates.
Our Approach — Expert + AI Accelerator
  • 01Deployed NLP-based AI tooling to generate and moderate diverse hazard scenario sets automatically — ensuring coverage without subjective curation bias.
  • 02Integrated vehicle dynamics simulation (Δ-speed based) to calculate quantitative severity values rather than relying on engineering judgement alone.
  • 03Collected and analyzed real exposure data across three regions incorporating statistical weather and roadway condition distributions.
  • 04Senior FuSa expert validated all AI-proposed S/E/C values and ASIL assignments before finalization.
  • 05Restructured the safety goal hierarchy from scratch into a systematic, traceable framework aligned to the braking safety argument.
Outcomes
70%HARA Efficiency Gain
ASIL↓Objectively Justified Reduction
3Regions Covered (CN / EU / NA)
"Heebeom and his team developed a highly practical semi-automated hazard analysis tool powered by AI. By integrating NLP techniques and vehicle dynamics, the tool enabled us to analyze a wide range of hazardous situations with greater speed and objectivity."
Senior Functional Safety Engineer · Korean major Tier 1 Supplier · 2025
HARA (AI-assisted)Safety Goals (restructured) ASIL Assignment (quantitative)Exposure Data Analysis Vehicle Dynamics IntegrationNLP Scenario Generation
Automotive ISO 26262 · ASPICE Apr 2023 – Oct 2024
Radar Safety Engineering — Full-Stack Analysis from Concept to FMEDA
Global Tier 2 · South Korea · Radar System Development
+
The Problem
  • No established safety concept or requirement structure at program start — engineers building radar software without a defined safety architecture.
  • System-level safety analysis (FMEA, FTA, DFA, FMEDA) had never been performed internally; the organization lacked both process and competence.
  • MCU (NXP) qualification had no defined process — component selection lacked documented safety argumentation for ISO 26262 Part 5 compliance.
  • ASPICE process compliance was required by the OEM but not yet established, creating a dual burden simultaneously.
Our Approach — Expert + AI Accelerator
  • 01Developed the full safety concept and requirement chain using a structured coaching approach — building internal competence in parallel with deliverable production.
  • 02Moderated System Safety Analysis (FMEA, FTA, DFA) hands-on with domain owners — capturing real system behavior rather than templated assumptions.
  • 03Applied AI-accelerated FMEDA pipeline: BOM extraction, FIT rate calculation (IEC 62380), Safety Mechanism mapping, DC coverage initialization — expert-validated before release.
  • 04Led MCU NXP qualification and introduced ASPICE process framework alongside safety activities.
Deliverables
Safety Concept (System)Safety Requirements FMEA · FTA · DFAFMEDA (AI-automated pipeline) MCU Qualification (NXP)ASPICE Process Introduction
Automotive ISO 26262 Aug 2021 – Dec 2022
OTA / Integral Coding / AutoPilot Parking — German OEM Supplier Strategy
German Auto Manufacturer · München · System & Vehicle Level
+
The Problem
  • Three distinct feature domains (OTA updates, Integral Coding, Autopilot Parking) required simultaneous functional safety coverage — demanding highly efficient analysis workflows.
  • No defined strategy existed for monitoring and controlling Tier 1 supplier safety activities — supplier quality was assessed reactively, not managed proactively.
  • Vehicle-level and system-level testing concepts were undefined, with no specification structure to guide integration test planning across the supply chain.
Our Approach — Expert + AI Accelerator
  • 01Created HARA, FSC, and TSC for all three feature domains — establishing the safety argument foundation across parallel development tracks.
  • 02Performed system safety analysis and DFA across vehicle integration boundaries — identifying cross-domain interference risks.
  • 03Developed vehicle and system level testing concepts and specifications — providing the OEM's integration test teams a structured, traceable test basis.
  • 04Designed a Tier 1 supplier monitoring and controlling strategy — giving the OEM a proactive governance model rather than gate-based assessment.
Deliverables
HARAFunctional Safety ConceptTechnical Safety Concept System Safety Analysis · DFAVehicle-Level Test Concept Tier 1 Supplier Governance Strategy
Automotive · AI SW ISO 26262 · SOTIF Jan 2021 – Jul 2021 · Aug 2023 – Apr 2024
Camera AI / Deep Learning SW Safety — Autonomous Driving Application
ISO 26262 + SOTIF · Deep Learning Process Analysis
+
The Problem
  • Deep learning applied to safety-relevant camera perception without a defined safety concept for the AI component — a gap between ML development practice and ISO 26262 / SOTIF requirements.
  • Management including C-level had no structured understanding of functional safety obligations in an AI-driven product — creating governance blind spots at program decision points.
  • The deep learning development process had never been analyzed for functional safety compliance — process gaps were unknown and unquantified.
Our Approach — Expert + AI Accelerator
  • 01Developed the Technical Safety Concept for camera system including the deep learning SW component — defining safety mechanisms applicable to ML-based perception.
  • 02Performed Deep Learning SW Safety Analysis — identifying failure modes specific to neural network inference in safety-relevant driving contexts.
  • 03Executed Deep Learning Process Analysis against ISO 26262 and SOTIF — producing a gap report that prioritized process changes by risk impact.
  • 04Delivered functional safety management coaching to C-level and safety management — building governance capability at the leadership layer.
Deliverables
Technical Safety Concept (Camera + DL SW)Deep Learning Safety Analysis DL Process Gap AnalysisISO 26262 + SOTIF Compliance Report C-Level Safety Coaching
Railway EN 50126 · EN 50128 · EN 50129 Jan 2025 – Dec 2025
KTCS Railway Control System — AI-Driven SW Safety for RBC & EVC
Korean Train Control System · SIL 4 · RBC + EVC Architecture
+
The Problem
  • SW Architecture and SW Unit Specifications for SIL 4 railway control systems were authored manually — too slow and inconsistency-prone for the required EN 50128 compliance level.
  • Development teams lacked SW Safety Analysis capability; FMEA and FTA were not integrated into the development workflow, creating compliance gaps late in the lifecycle.
  • The 2oo2 (Dual-Channel) redundant architecture for RBC and EVC required System FMEA at a depth that manual methods could not sustain across both channels simultaneously.
Our Approach — Expert + AI Accelerator
  • 01Developed and delivered an AI-based SaaS tool to automate generation of SW Architecture and SW Unit Specifications — directly improving EN 50128 compliance documentation quality and speed.
  • 02Conducted SW Safety Analysis (FMEA, FTA) using a hands-on moderation approach — coaching development teams in real-time to build internal SIL 4 analysis capability.
  • 03Performed System FMEA for the 2oo2 dual-channel architecture, analyzing failure propagation across both channels for both RBC and EVC simultaneously.
Deliverables
AI SaaS — SW Architecture GeneratorSW Unit Spec Automation SW FMEA · FTA (SIL 4)System FMEA (2oo2 Architecture) EN 50128 Compliance DocumentationTeam Coaching (SIL 4)
Robotics ISO 13849 · ISO 12100 Nov 2024 – Mar 2025
Robotics Safety Standards Transfer — ISO 13849 for Local Engineering Teams
Germany · Local Engineering Organization · Standards Introduction
+
The Problem
  • Local engineering teams in Germany were developing robotics systems without structured knowledge of ISO 13849 and ISO 12100 — creating compliance risk that would surface only at certification.
  • Standards interpretation varied across the team, producing inconsistent safety argumentation and design decisions that could not be consolidated into a coherent safety case.
Our Approach
  • 01Delivered structured ISO 13849 and ISO 12100 consulting directly to local engineering teams — translating standard requirements into actionable design guidance specific to their product architecture.
  • 02Established a common standard interpretation baseline across the team — aligning safety argumentation and design decisions to a shared framework.
Deliverables
ISO 13849 Standards Consulting ISO 12100 Risk Assessment Guidance Team Standards Alignment
AI / SaaS ISO 26262 · IEC 61508 Jan 2024 – Present
SaferEngineer Accelerator Platform — AI-Driven Functional Safety SaaS
Delaware, USA · Autonomous Driving · EV · Global Deployment
+
The Problem We Designed Around
  • Generic LLMs fail at cross-file consistency and audit-level precision — organizations attempting to use off-the-shelf AI for safety documentation produce outputs requiring more re-work than starting from scratch.
  • Functional safety analysis preparation (BOM extraction, FIT calculation, failure mode generation, consistency checking) consumes 80% of expert time before any real safety judgment begins.
  • Confirmation review and assessment workflows always risk last-minute overload — manual cross-document verification at release week is a structural failure, not an execution failure.
What We Built
  • 01Designed and delivered an AI-driven FuSa SaaS platform to automate FMEA, FTA, and HARA — with interactive ISO 26262 confirmation review and assessment workflows built in.
  • 02Integrated a cloud-based RAG / LangChain pipeline for document ingestion, automated failure-mode generation, and safety-case reporting — trained on real safety engineering patterns.
  • 03Expert-in-the-loop architecture: AI handles coverage and first-pass analysis; a senior FuSa expert reviews every output and delivers audit-defensible conclusions.
  • 04Secured U.S. customers in autonomous-driving and EV domains — validating the platform against production program requirements.
Platform Capabilities
AI FMEA GenerationAI FTA Generation AI HARA / ASIL AssignmentAutomated FMEDA Pipeline Confirmation Review AutomationRAG Document Ingestion LangChain Safety Case ReportingISO 26262 Interactive Assessment