Safety of the Intended Functionality (SOTIF) for Automotive Professionals

ISO 21448 and ISO/TR 4804 - 1 day

Date/Time Location Language
Upon request   English/German

Ensuring the safety of a driving automation system encompasses two aspects, namely
(1) the avoidance of unreasonable risk caused by malfunctioning behavior of the system as well as
(2) the avoidance of unreasonable risk caused by hazards associated with the intended functionality and its implementation, e.g. due to performance limitations.

The first aspect - known as functional safety - has been addressed by the industry for quite some time already and is described by the established ISO 26262 standard. The second aspect - referred to as safety of the intended functionality (SOTIF) - however, is more of an emerging topic and corresponding standards are still under development.

If you are looking for an introduction to the topic of SOTIF and related standardization activities, namely ISO 21448, ISO/TR 4804 (formerly known as Safety First for Automated Driving, SaFAD), enroll in this one-day training class.

In this training class, we will compare and contrast functional safety and safety of the intended functionality, review the conceptual SOTIF framework and fundamental terminology, and provide an overview of activities and methods to achieve SOTIF.  The theoretical knowledge is supplemented by means of practical examples.

Target Audience

This training class is designed for automotive professionals (development engineers, engineering managers, quality and project managers) involved in the development of driving automation systems as well as other people interested in SOTIF.


  • Aspects of safety: functional safety vs SOTIF
  • SOTIF terminology: SAE driving automation levels, use case, scene, scenario,  and triggering event
  • Conceptual framework: the four scenario categories and their evolution
  • SOTIF activities and methods
  • Ongoing standardization activities: ISO 21448, ISO/TR 4804, ISO/TS 5083

★★★★★ Gökhan Özcelikoglu, Vice President Integration & Validation, EDAG Engineering GmbH

The training was very structured and gave my team a concise introduction to the topic of SOTIF. The fact that we received and were able to come up with numerous suggestions for the ongoing focus of our project business reflects how successful the training was. My whole team and I would like to thank the trainer and his team for this recommendable SOTIF excursion.”


Available in English and German


Icon On Site Training

Open-enrollment Trainings
at one of our locations

Icon Online Training

Virtual Classroom Trainings
wherever you are

Icon Inhouse Training

In-house Trainings
online or in-house

Terms & Conditions


Our Trainers


Day 1

Overview: Aspects of safety

  • What is SOTIF?
  • SOTIF vs. functional safety
  • Dependability domains
  • Standards and type approval regulations

Hands-on: SOTIF vs functional safety vs cyber security


  • SAE levels of driving automation
  • Sense plan act model and environmental perception

SOTIF conceptual framework

  • Introducing SOTIF terminology: use case, scene, scenario, …
  • Triggering conditions
  • Concept of SOTIF areas (known/unknown and safe/hazardous scenarios)
  • SOTIF lifecycle

Hands-on: Description of scenarios


  • SOTIF-related hazardous event model
  • Identification and evaluation of hazards caused by the intended functionality
  • Risk evaluation of the intended function

Evaluation of functional insufficiencies and triggering conditions

  • Identification and analysis of triggering conditions
  • Acceptance criteria

SOTIF verification and validation

  • SOTIF V&V strategy
  • Strategies for the evaluation of area 2 scenarios
  • Strategies for the evaluation of area 3 scenarios

SOTIF release and operation phase

  • Methodology for evaluating SOTIF for release
  • Objectives to meet

Summary and outlook

  • Evolution of SOTIF related standards
  • Possible interaction between ISO 26262 and ISO 21448