Safety and Reliability EngineeringPart 9: Fault Tree and FMEA

Prof. Dr.-Ing. Stefan Kowalewski

Chair “Informatik XI”, Embedded Software LaboratoryRWTH Aachen University

Summer term 2006

Organizational Issues

Slide “Register for Seminars and laboratory course”Slide “Wahlen zum Studierendenparlament”No lecture on 28.06.2006 because Prof. Kowalewski is involved in the UMIC projectNext lecture on 05.06.2006 (last lecture)“EvaSys” survey.Please fill in the questionnaireNext exercise course is tomorrow the 29.06.2006Written examination on 12.06.2006 in AH III

Agenda

Reminder for the fault tree basics

Introducing new Fault tree elements

Introducing of FMEA

Examples for Fault tree and FMEA

Reminder: Fault Tree Analysis

Fault Tree Analysis (FTA) is a top-down approach to failure analysis Analysis proceeds by determining how a undesirable event can be caused by individual os combined lower level failures or eventsLogical connection between the events e. g. AND-gates and OR-gatesFTA is often used in praxis for risk and reliability studiesFTA is a method for analyzing causes of hazards(not identifying hazards)

Fault Tree Repesentation

Top event

Basic events

Intermediate events

Exercise Last Lecture 1/2

1

2

53

4

Minimal cut sets:•Failure of components 1 and 2

• Failure of components 3 and 4

• Failure of components 1, 5 and 4

• Failure of components 2, 5 and 3

RBD:

Exercise Last Lecture 2/2

Minimal cut sets:

•Failure of components 1 and 2

• Failure of components 3 and 4

• Failure of components 1, 5 and 4

• Failure of components 2, 5 and 3

Fault Tree:

Fault Tree Example

Determine a Fault Tree for a patient monitoring system.

Suggestions?

Resulting Fault Tree

More Elements

Up to now we saw AND-gates and OR-gates

There are a lot of other gates in Fault Tree Analysis which are use to express different things.

Can you imagine one?

New Elements

Voting OR:The output event occurs if k or more of the input events occur

Inhibit:The input events occurs if all input events occurs and an additional conditional event occurs

Priority AND:The output event occurs if all input events occur ib a specific sequence

XOR:The output event occurs if exactly one input event occurs

Example for the new elements 3/3

Priority AND: Fault Tree

Basic Event Block in FTA

Basic Event:Basic initiating fault

External Event:(House Event) Event with probability 0 or 1

Undeveloped Event:Event that does not need further development

Conditioning Event:condition that con be applied to any gate

Introduction FMEA

Failure Modes and Effects Analysis (FMEA)

Uses Forward search

Initiating events: failures of individual components

Developed by reliability engineers

FMEA perform a Qualitative Analysis

Example for a FMEA

…

FMEA Main Components

Initial:Individual componentsFunction:Analyze all functions of the componentFailure: Analyze the failure possibilitiesAnalyze the effect of the failureAnalyze the cause for the failureRisk evaluation:Estimation of the effect of the failureEstimation of the probability of the failureEstimation of the probability to detect the failure

FMEA Table 1/3

1. No.: Unique Number2. Component / Process: Name of analyzed component,

process or function3. Function: All list here all function of the component from

2. for the analyzed system (black-box-function)4. Failure Kind: For all functions form 3. list all possible

failure which can appear

No.Component /

Process Function Failure KindFailure Effect

Failure Cause

Failure Avoidance

Failur Detection B A E RPZ Measures

1 2 3 4 5 6 7 8 9 10 11 12 13

Quality AssuranceFMEA (Failure Modes and Effects Analysis) Page:

Department:FMEA-No.:Date:

FMEA Table 2/3

5. Failure Effect: List for all failures the consequences for other components and the over all system

6. Failure Cause: List the possible reasons for the failure7. Failure Avoidance: List all possibilities to avoid the

failure8. Failure Detection: List the possibilities to detect the

failure

No.Component /

Process Function Failur KindFailure Effect

Failure Cause

Failure Avoidance

Failur Detection B A E RPZ Measures

1 2 3 4 5 6 7 8 9 10 11 12 13

Quality AssuranceFMEA (Failure Modes and Effects Analysis) Page:

Department:FMEA-No.:Date:

FMEA Table 3/3

9. B: Number between 1 and 10 which denote the impact of the failure. (1 no impact; 10 great impact)

10. A: Number between 1 and 10 which denote the probability that the failure occurs (1 very unlikely; 10 very likely)

11. E: Number between 1 and 10 which denote the probability to detect the failure (1 very unlikely; 10 very likely)

12. RPZ: Risk Priority Number R=B*A*E13. Measure: Things that can be done to lower the RPZ.

No.Component /

Process Function Failur KindFailure Effect

Failure Cause

Failure Avoidance

Failur Detection B A E RPZ Measures

1 2 3 4 5 6 7 8 9 10 11 12 13

Quality AssuranceFMEA (Failure Modes and Effects Analysis) Page:

Department:FMEA-No.:Date:

Create a FMEA

First get all ComponentsDenote all function, failures, failure effects and failure reasonsAnalyze the possibilities to avoid the failure and to detectthe failure Decide the Numbers for A, B and ECompute the RPZ – Number.Analyze the Number with rules like:A, B and E should be lower 7RPZ should be lower than 125…If necessary do measures to lower A, B or E

Kinds of FMEA

There are often different kinds of FMEAs.Example : FMEA for System AnalysisFMEA for Construction AnalysisFMEA for Process AnalysisOften different tables and different meanings of the numbers

FMEA Example 1/2

FAILURE MODE AND EFFECTS ANALYSIS (FMEA) Page 3 of 3Subsystem/Name: DC motor P = Probabilities (chance) of OccurrencesFinal Design: 31/5/2000Model Year/Vehicle(s): 2000/DC motor S = Seriousness of Failure to the Vehicle Prepared by:

D = Likelihood that the Defect will Reach the customer

R = Risk Priority Measure (P x S x D) Reviewed by: Chris

FMEA Date (Org.): 27/4/2000 (Rev.) 31/5/2000)1 = very low or none 2 = low or minor 3 = moderate or significant4 = high5 = very high or catastrophic

Example FMEA 2/2

Durability test on leadsQC checkedIncreased staff in inspectionSet up customer complain department

60100

45

55

34

Unstable control loopEndanger operatorsSerious damage Customers complain Faulty products are identified

Faulty leadsIncorrect motion

Signal lossDefects in products

Provides voltage signalProduce final product

Motor3

RDSP

Action(s)Taken

RecommendedCorrective Action(s)

P.R.A.CurrentControl

Effect(s)Of Failure

Mechanism(s) & Causes(s) of Failure

FailureMode

FunctionPart Name

Part No.No.

Conclusion

Fault Tree Analysis is a top-down approach.There are a lot of elements to describe the reasons and connection which cause the failure

FMEA is an bottom-up approach.FMEA can be applied during the design processFMEA is structured process to analyze qualitatively failures and their effect on the system