Standards

NVIDIA built a safety island. Is it independent — or fate-sharing?

2 min readMati Melchior
NVIDIA built a safety island. Is it independent — or fate-sharing?

Yesterday NVIDIA shipped a hardware safety layer for robots. It deserves credit: the IGX Thor module includes a functional-safety island — an independent safety processor with its own cores, power and clock, isolated from the main AI compute and engineered toward ASIL D / SIL 2. That is a real improvement over software-only safety, where the monitor and the monitored share one stack and fail together.

But functional-safety engineers have asked the same question for fifty years, and it applies here: independence is not the same as isolation. A safety monitor that shares a chip, a vendor and a design team with the system it watches shares fate with that system. Aviation, nuclear and rail each concluded that the highest integrity levels demand diversity — different teams, different substrates, different failure modes — not simply a fence drawn on the same silicon.

IEC 61508 even has a number for it: β, the common-cause factor (Annex D). β is the fraction of failures that defeat a "redundant" architecture by taking out the channels together. A low β is engineered independence; a high β is a redundancy claim with nothing behind it. Knight and Leveson showed back in 1986 that even deliberately diverse software fails to achieve true independence — and a shared physical substrate is a stronger coupling than shared design.

So the right question for any physical-AI safety architecture — NVIDIA's included — is not "is there a safety layer?" Soon everyone will have one. The question is: what is your β? What is genuinely separated — power, clock, silicon, supplier, design team — and what is quietly shared?

This is also where the open lane sits. A safety layer welded to a single vendor's compute is a powerful start, not the finish. The highest-assurance robots — and the bodies that will certify them under the EU Machinery Regulation in January 2027 — will want an independent, vendor-neutral channel that does not share fate with the AI it is judging. That layer does not have an owner yet.

Ask for the β. It is the one number that separates engineered safety from branded safety.

Share

Physical AI Safety Dispatch

Monthly analysis. No spam. One exclusive insight per issue.

One issue per month. Unsubscribe in one click from any email. Privacy policy.

We use cookies

This site uses essential cookies to function and, with your consent, analytics cookies (Google Analytics) to understand how the site is used. Learn more.