What is SOTIF?

SOTIF stands for Safety of the Intended Functionality and is defined by ISO 21448. SOTIF addresses the absence of unreasonable risk due to hazards resulting from functional insufficiencies of the intended functionality or reasonably foreseeable misuse by persons. Unlike traditional functional safety (ISO 26262), which focuses on risks from system malfunctions or failures, SOTIF covers hazards that arise when a system behaves as designed but the design itself is insufficient to ensure safety in all scenarios.

SOTIF is especially relevant for advanced driver assistance systems (ADAS), autonomous vehicles, and other complex systems where safety depends on correct interpretation of sensor data and environmental conditions. SOTIF analysis involves identifying potential functional insufficiencies, defining “feared events” (hazardous outcomes), analyzing triggering conditions, and developing mitigation strategies. The process includes verification and validation activities such as scenario-based testing, fault injection, and statistical analysis to ensure that the system remains safe throughout its operational design domain (ODD), even in the absence of hardware or software faults.