fmeca
TRANSCRIPT
FMECAFMECA
Failure Modes, Effects and Failure Modes, Effects and Criticality AnalysisCriticality Analysis
Mehmet YILMAZMehmet YILMAZ
May 2009May 2009
FMECAFMECA
What is FMECA?What is FMECA?
WhyWhy to perform to perform FMECA? FMECA?
How to perform FMECAHow to perform FMECA??
ConclusionsConclusions
FMECA FMECA DefinitionDefinition
Failure Failure MModesodes = = Incorrect behavior of a subsystem or Incorrect behavior of a subsystem or component due to a physical or procedural malfunction. component due to a physical or procedural malfunction. Effects Effects == Incorrect behavior of the system caused by a Incorrect behavior of the system caused by a failure.failure.Criticality = Criticality = The combined impact ofThe combined impact of
– The probability that a failure will occurThe probability that a failure will occur
– The severity of its effectThe severity of its effect
Failure Failure MModes odes EEffects and ffects and CCriticality riticality AAnalysis (FMECA) nalysis (FMECA) = = a step-by-step approach for identifying all possible a step-by-step approach for identifying all possible failures in a design, a manufacturing or assembly failures in a design, a manufacturing or assembly process, or a product or service. process, or a product or service.
Evolution of FMECAEvolution of FMECA
FMEA was originally developed by NASA FMEA was originally developed by NASA to improve and verify the reliability of to improve and verify the reliability of space program hardware.space program hardware.
MIL-STD-1629 establishes requirements MIL-STD-1629 establishes requirements and procedures for performing FMECAand procedures for performing FMECA
Purpose of FMECAPurpose of FMECA
Select the most suitable design with high reliability and high safety potential in the design phases.List potential failures and identify the severity of their effects in the early design phases.Develop criteria for test planning and requirements.Provide necessary documentation for future design and consideration of design changes.Provide a basis for maintenance management.Provide a basis for reliability and availability analyses.
Basic Questions of FMECABasic Questions of FMECA
Why failures will happen (Failure mode)?
What is the consequence when the failure occurs (Failure effect)?
Is the failure in the safe or danger direction (Failure Criticality)?
How to remove the failure or reduce its frequency?
Benefits of FMECABenefits of FMECA
FMEFMECCA is one of the most important and most A is one of the most important and most widely used tools of reliability analysis.widely used tools of reliability analysis.The FMECA facilitates identification of potential The FMECA facilitates identification of potential design reliability problemsdesign reliability problems– Identify possible failure modes and their effectsIdentify possible failure modes and their effects– Determine severity of each failure effectDetermine severity of each failure effect
FMECAFMECA help helpss– removing causes removing causes of of failuresfailures– developing systems that can mitigate the effects of developing systems that can mitigate the effects of
failures.failures.– to to prioritize and focus on high-risk failuresprioritize and focus on high-risk failures
Benefits of FMECABenefits of FMECA
It provides detailed insight It provides detailed insight aboutabout the systems the systems interrelationships and potentials interrelationships and potentials ofof failure failuress..
Information gained by performing FMECA can be used Information gained by performing FMECA can be used as a basis foras a basis for– troubleshooting activitiestroubleshooting activities– maintenance manual developmentmaintenance manual development– design of effective built-in test techniques.design of effective built-in test techniques.
The results of the FMECAThe results of the FMECA
Rank each failure mode.Rank each failure mode.
Highlight single point failures requiring Highlight single point failures requiring corrective actioncorrective action
Identify reliabilityIdentify reliability and and safety critical safety critical componentscomponents
FMECA TechniquesFMECA Techniques
The FMEA can be implemented using a The FMEA can be implemented using a hardwarehardware (bottom-up) (bottom-up) or or functionalfunctional (top- (top-down)down) approachapproach
DueDue to system complexity, to system complexity, it isit isperformed performed as a combination of the two methods.as a combination of the two methods.
FMECA TechniquesFMECA Techniques
Hardware Approach :Hardware Approach :– The bottom-up approach is used when a
system design has been decided already.– Each component in the system on the lowest
level is studied one-byone.– Evaluates risks that the component incorrectly
implements its functional specification.
FMECA TechniquesFMECA Techniques
Functional Approach :Functional Approach :– ConsidersConsiders the function of each item. Each function the function of each item. Each function
can be classified and described in terms of having can be classified and described in terms of having any number of associated output failure modes. any number of associated output failure modes.
– The functional method is used when hardware items The functional method is used when hardware items cannot uniquely identifiedcannot uniquely identified
– TThis method should be applied to when the design his method should be applied to when the design process has developed a functional block diagram of process has developed a functional block diagram of the system, but not yet identified specific hardware to the system, but not yet identified specific hardware to be used. be used.
FMECA ProcedureFMECA Procedure
FMECA pre-requirements
System structure and failure analysis
Preparation of FMECA worksheets
Team review
Corrective actions to remove failure modes
FMECA PrerequisitesFMECA Prerequisites
Define the system to be analyzed– System boundaries.– Main system missions and functions.– Operational or/and environmental conditions.
Collect available information that describes the system functions to be analyzed.Collect necessary information about previous and similar designs.
Functional Block DiagramFunctional Block Diagram
FunctionalFunctional block diagram show block diagram showss how the different how the different parts of the system interact with parts of the system interact with each othereach other..It is recommendedIt is recommended– to break the system down to different levels. to break the system down to different levels. – to to review schematics of the system to show how review schematics of the system to show how
different parts interface with one another by their different parts interface with one another by their critical critical supportsupport systems to understand the normal systems to understand the normal functional functional flow requirementsflow requirements. .
– to to list all functions of the equipment before examining list all functions of the equipment before examining the potential failure modes of each of those functions. the potential failure modes of each of those functions.
– to include operating to include operating conditions (such as; temperature, conditions (such as; temperature, loads, and pressure), and environmental conditions in loads, and pressure), and environmental conditions in the components list.the components list.
Functional Block DiagramFunctional Block Diagram
Rate the Risks RelativelyRate the Risks Relatively
A systematic methodology is used to rate A systematic methodology is used to rate the risks relative to each other. The Rthe risks relative to each other. The Risk isk PPriority riority NNumberumber is the critical indicator for is the critical indicator for each failure mode. each failure mode.
RPN = Severity rating X Occurrence rating RPN = Severity rating X Occurrence rating X Detection rating X Detection rating – The RPN can range from 1 to 1,000 The RPN can range from 1 to 1,000 – Higher RPN Higher RPN = = higher priority to be improved.higher priority to be improved.
Severity ClassificationSeverity Classification
A qualitative measure of the worst A qualitative measure of the worst potential consequences resulting from potential consequences resulting from aa function failure.function failure.
It is rated relatively scaled from 1-10.It is rated relatively scaled from 1-10.
Severity ClassificationSeverity Classification11 Failure would cause no effect.Failure would cause no effect.
22 Boarderline pass but still shippable.Boarderline pass but still shippable.
33 Redundant systems failed but tool still works.Redundant systems failed but tool still works.
44 Would fail manufacturing testing but tool still functions with degraded Would fail manufacturing testing but tool still functions with degraded performance.performance.
55 Tool / item inoperable with loss of primary function. No damage to other Tool / item inoperable with loss of primary function. No damage to other components on board. Failure can be easily fixed (for example, socketed DIP chips).components on board. Failure can be easily fixed (for example, socketed DIP chips).
66 Tool / item inoperable with loss of primary function. No damage to other Tool / item inoperable with loss of primary function. No damage to other components on board. Failure cannot be easily fixed (true if not field repairable).components on board. Failure cannot be easily fixed (true if not field repairable).
77 Tool / item inoperable, with loss of primary function. Probably cause damage to Tool / item inoperable, with loss of primary function. Probably cause damage to other components on board or system.other components on board or system.
88 Tool / item inoperable with loss of primary function. Probably scraping one or more Tool / item inoperable with loss of primary function. Probably scraping one or more PCBAs.PCBAs.
99 Very high severity ranking. A potential failure mode affecting safe tool operation Very high severity ranking. A potential failure mode affecting safe tool operation and/or involves noncompliance with government regulation with warning.and/or involves noncompliance with government regulation with warning.
1010 Very high severity ranking when a potential failure mode affects safe tool operation Very high severity ranking when a potential failure mode affects safe tool operation and/or involves noncompliance with government regulation without warning.and/or involves noncompliance with government regulation without warning.
Probability of OccurrenceProbability of Occurrence
Probability that an identified potential Probability that an identified potential failure mode will occur over the item failure mode will occur over the item operating time.operating time.
It is rated relatively scaled from 1-10.It is rated relatively scaled from 1-10.
Occurrence ClassificationOccurrence Classification
1010 >= 50% (1 in two)>= 50% (1 in two)
99 >= 25% (1 in four)>= 25% (1 in four)
88 >= 10% (1 in ten)>= 10% (1 in ten)
77 >= 5% (1 in 20)>= 5% (1 in 20)
66 >= 2% (1 in 50)>= 2% (1 in 50)
55 >= 1% (1 in 100)>= 1% (1 in 100)
44 >= 0.1% (1 in 1,000)>= 0.1% (1 in 1,000)
33 >= 0.01% (1 in 10,000)>= 0.01% (1 in 10,000)
22 >= 0.001% (1 in 100,000)>= 0.001% (1 in 100,000)
11 Almost NeverAlmost Never
Detection ratingDetection rating
A numerical ranking based on an A numerical ranking based on an assessment of the probability that the assessment of the probability that the failure mode will be detected given the failure mode will be detected given the controls that are in place.controls that are in place.
It is rated relatively scaled from 1-10.It is rated relatively scaled from 1-10.
Detection ratingDetection rating11 Detected by self test.Detected by self test.
22 Easily detected by standard visual inspection or ATE.Easily detected by standard visual inspection or ATE.
33 Symptom can be detected. The technician would know exactly what the source of the Symptom can be detected. The technician would know exactly what the source of the failure is.failure is.
44 Symptom can be detected at test bench. There are more than 2-4 possible candidates Symptom can be detected at test bench. There are more than 2-4 possible candidates for the technician to find out the sources of failure mode.for the technician to find out the sources of failure mode.
55 Symptom can be detected at test bench. There are more than 5-10 possible candidates Symptom can be detected at test bench. There are more than 5-10 possible candidates for the technician to find out the sources of failure mode.for the technician to find out the sources of failure mode.
66 Symptom can be detected at test bench. There are more than 10 possible candidates for Symptom can be detected at test bench. There are more than 10 possible candidates for the technician to find out the sources of failure mode.the technician to find out the sources of failure mode.
77 The symptom can be detected, and it required considerable engineering The symptom can be detected, and it required considerable engineering knowledge/resource to determine the source / cause.knowledge/resource to determine the source / cause.
88 The symptom can be detected by the design control, but no way to determine the The symptom can be detected by the design control, but no way to determine the source / cause of failure mode.source / cause of failure mode.
99 Very Remote. Very remote chance the Design Control will detect a potential Very Remote. Very remote chance the Design Control will detect a potential cause/mechanism and subsequent failure mode. Theoretically the defect can be cause/mechanism and subsequent failure mode. Theoretically the defect can be detected, but high chance would be ignored by the operators.detected, but high chance would be ignored by the operators.
1010 Absolute uncertainty. Design Control will not and /or cannot detect a potential Absolute uncertainty. Design Control will not and /or cannot detect a potential cause/mechanism and subsequent failure mode; or there is no Design Control.cause/mechanism and subsequent failure mode; or there is no Design Control.
FMECA CASE STUDYFMECA CASE STUDY
Component = D1Component = D1
Function = Function = restrictrestrictinging the direction of the direction of currentcurrent
Failure = Failure = shortshort
Cause = Cause = Physical DamagePhysical Damage
Effect = Effect = Reverse currentReverse current
FMECA CASE STUDYFMECA CASE STUDY
SeveritySeverity = 7 = 7
OccurrenceOccurrence = 5 = 5
DDetectionetection = 9 = 9
RPN = 7*5*9 = 315RPN = 7*5*9 = 315
FMECA WorksheetFMECA Worksheet
Co
mp
on
ent
Co
mp
on
ent
Fu
nctio
nF
un
ction
Severity
Severity
Occu
rrence
Occu
rrence
detectio
nd
etection
RP
NR
PN
Failu
reF
ailure
Cau
seC
ause
Effect
Effect
Reco
mm
end
ation
Reco
mm
end
ation
D1D1restricts the restricts the direction of direction of
currentcurrent77 55 99 315315 shortshort Physical Physical
DamageDamageReverse Reverse currentcurrent
Change test Change test procedureprocedure
R41R41 Current limit Current limit for T1for T1 77 44 1010 280280 shortshort Standard Standard
DefectDefect
no no current current
limitlimit
Change test Change test procedureprocedure
U10U10 FPGAFPGA 77 1010 44 280280 shortshort Standard Standard DefectDefect
high high current current
drawdraw
Change Change ComponentComponent
Corrective ActionsCorrective Actions
RPN reduction: the risk reduction related to a corrective action.
FMECA ChecklistFMECA Checklist
System description/specificationSystem description/specificationGround rulesGround rulesFunctional Functional Block DiagramBlock DiagramIdentify failure modesIdentify failure modesFailure effect analysisFailure effect analysisWorksheet (RPN ranking)Worksheet (RPN ranking)Recommendations (Corrective action)Recommendations (Corrective action)ReportingReporting
SummarySummary
ReferencesReferences
MIL-P-1629 “Procedures for performing a failure mode, effects and criticality analysis
http://www.fmeca.com/