Malaysia Announces Draft IoT Functional Safety Requirements
The Malaysian Communications and Multimedia Commission (MCMC) has released a draft technical code proposing functional safety principles for Internet of Things (IoT) systems. This Regulatory Updates initiative invites public input on a framework that addresses systemic risks in connected environments. Rather than focusing on individual product types, the draft promotes broader system resilience across IoT applications.
Lifecycle-Based Functional Safety for IoT Systems
The document, titled MCMC MTSFB TC Gxxx:2025, adopts a lifecycle approach, guiding developers and system architects from initial design through to decommissioning. It introduces horizontal safety practices that apply across diverse industries such as healthcare, manufacturing, and consumer electronics. Consequently, organizations can apply consistent safety principles regardless of the application domain.
Global Framework Alignment
Additionally, the draft aligns with internationally recognized frameworks including IEC 61508 and ITU-T Y.4806. These standards offer structured methodologies for identifying, analyzing, and mitigating failure risks in complex systems. By aligning with these references, the Malaysian draft provides a familiar and credible foundation for industry stakeholders.
Cybersecurity and Functional Safety: A Combined Strategy
Importantly, the draft emphasizes the interdependence of cybersecurity and functional safety. It recommends incorporating secure over-the-air (OTA) updates, fail-safe software mechanisms, and secure data flows to ensure safe and predictable system behavior. These features are essential in today’s IoT environments, where connectivity can introduce new vectors of risk.
Moreover, the document distinguishes between functional safety and security, as highlighted in Table D.1. Functional safety focuses on preventing hazards caused by system faults, while security aims to protect against malicious or unauthorized access. Although the two disciplines serve different purposes, they increasingly overlap in connected environments. The draft urges developers to consider both simultaneously, recognizing that one can compromise the other if not addressed holistically.
By integrating both concepts, the draft guides organizations toward designing resilient systems that protect users, infrastructure, and data integrity.
Public Consultation Details
MCMC opened the public consultation on July 11, 2025, and will accept comments until August 10, 2025. Stakeholders including developers, manufacturers, and industry groups are encouraged to review the draft and provide feedback. Interested parties can submit comments through the official MTSFB Technical Code portal. Participating in this process allows stakeholders to influence how Malaysia shapes future IoT safety regulations.
Stay Informed with Our Services
Since this initiative pertains to Regulatory Framework & Compliance Requirements, we recommend our Global Regulatory Updates Service. This service helps companies stay informed and proactive in the face of evolving compliance landscapes. Learn more at our Global Regulatory Updates Service.
Impact Assessment
-
Technical Standards? ✅ Yes
-
Type Approval & Market Access? ❌ No
-
Imports, Customs, Trade, or Market Surveillance? ❌ No
-
Spectrum Management? ✅ Yes
