8 min read

What is FMEDA?

By Steven Lu on Aug 29, 2022 5:28:43 PM

Topics: ISO 26262 FMEDA
FMEDA

What is FMEDA?

Today’s modern products are incredibly complex and becoming more so by the day. At the same time, a greater emphasis is being placed on achieving the comprehensive, functional safety of the product in all applications and operational scenarios. Managing these considerations and requirements is no easy task. As this realm increases in complexity, the sheer number of data points that must be tracked and measured increases exponentially. Thus, the tools and processes for managing this data must also evolve and mature.

New call-to-action

One of the key processes for successfully performing this work is FMEDA an acronym that stands for Failure Modes, Effects, and Diagnostic coverage Analysis. It utilizes systematic analysis to determine the failure rates of a product and its components, the modes in which they fail, and the diagnostic capability of the systems that monitor those components.

FMEDA is an evolution of earlier processes resulting from lessons learned and their resulting improvements. It is also being driven by the ever-increasing complexity of modern systems. As products and systems become more complex, the design, development, and safety validation processes that govern the development of these products must also evolve.

What is the FMEDA process?

The FMEDA process is thorough and exhaustive, encompassing hardware, software, the environments in which they are put to work, and the manners in which they interact with and impact each other. It examines all the elements utilized in the design of a product… every system, subsystem, component, and part. It examines the true real-world functionality of the product, performed by each hardware part, the modes in which each hardware part fails, the effect that each hardware part failure mode has on the overall functionality of the product (intended or not), the ability of any automatic diagnostic capabilities in the system to detect the failures, the strength of the design in terms of safety factors and the ability to degrade a system incrementally rather than just shutting it down for less critical failures, and the environmental stress factors inherent in the overall operational profile.

What is the difference between FMEA, FMECA, and FMEDA?

FMEA (Failure Mode and Effects Analysis), FMECA (Failure Modes, Effects, and Criticality Analysis), and FMEDA (Failure Modes, Effects, and Diagnostic coverage Analysis), may at first glance appear to be the same, but there are important differences that highlight how the overarching concepts came into being, and how they have developed and matured over the years:

  • FMEA (Failure Mode and Effects Analysis): FMEA is a bottom-up, inductive analytical method that may be performed at either the functional or piece-part level at different product development stages in Functional Safety Lifecycle. It was one of the first highly structured, systematic techniques for failure analysis. It was developed by reliability engineers to study problems that might arise from malfunctions of military systems. It has been around in one form or another since the 1950s and was first formalized in the 1970s with the development of US MIL-STD-1629/1629A.

    At first, its use was limited to select applications and industries where the cost of failure was particularly high. An FMEA is a qualitative analysis, that assigns RPN (Risk Priority Number) based on failure mode failure effect, its severity, probability of occurrence, and detectability, to prioritize design improvement. An FMEA is often the first step of a system reliability study.

  • FMECA (Failure Modes, Effects, and Criticality Analysis): Introduced to address a primary barrier to effective use of the detailed FMEA results by the addition of a criticality metric, FMECA is used to chart the probability of failure modes against the severity of their consequences. This allows teams to quickly focus on the most important failure modes and effects in terms of risk, thus driving improvements based on cost/benefit comparisons. FMECA may be performed at the functional or piece-part level. It has found preference in the aerospace industry, and North Atlantic Treaty Organization (NATO) military applications.

    Strengths that have been cited for FMECA include its comprehensiveness, the systematic definition of relationships between failure causes and their effects, and its ability to point out individual failure modes for corrective action in design. FMECA is predominantly required by aerospace and defense industries. While similar to quantitative analysis, FMEDA is predominantly used by the automotive industry.

  • FMEDA (Failure Modes, Effects, and Diagnostic coverage Analysis): The FMEDA technique was developed in the late 1980s and refined in the 1990s by adding two additional pieces of information to the FMEA analysis process:
    • quantitative failure data (failure rates and the distribution of failure modes) for all hardware parts being analyzed, and
    • the probability that the system or subsystem will be able to detect internal failures via automatic online diagnostics.


These elements of information are crucial to evaluate Single Point Fault Metrics (SPFM) and Latent Fault Metrics (LFM) against target values for potential safety goal violation based on each safety goal’s ASIL (Automotive Safety Integrity Level) rating, to ensure that sufficient Functional Safety has built into the design. It is imperative to be able to measure automatic diagnostic capability for many reasons, the most predominant being that in a complex system, so much more of the workload must be placed in the automatic diagnostic system due to the sheer volume of work and the speed in which it must be performed correctly. Therefore, its trustworthiness must be measurable and verifiable.

New call-to-action

 

What is the difference between IEC 61508 and ISO 26262?

The world of safety standards can be overwhelming and confusing to the uninitiated. Where does the scope of one standard end and the next begin? That depends on many factors, two of the most important being the type of product, and the way that product will be used. For example, an automobile is a vastly different product than an airplane or a forklift, yet each also shares fundamental objectives when it comes to their safe operation, and they might even share a few components such as controls and actuators, and wiring. It is this overlap among different products, that can be a source of great confusion.

One overarching safety standard, covering every type of product in every conceivable application, would be far too ponderous to be practical. Therefore, several different standards are utilized related to product safety. Some are defined by the type of product being produced. Others are scoped towards specific processes that define and quantify what safety is, regardless of the product and its use.

For example, in the automotive realm, ISO 26262, titled "Road vehicles – Functional safety", is an international standard for functional safety of electrical and/or electronic systems that are installed in certain production road vehicles. It is a qualitative risk-based standard that is focused on the unique demands of automotive product development and is used extensively in automotive manufacturing. But that alone is not enough. Manufacturers also need a systematic, quantitative means of identifying, measuring, and analyzing the components and parts that go into a machine, and how they interact and perform under given conditions. Being able to measure failure modes mathematically, forms the engineering foundation of corrective action, improvement, and risk reduction for a product. This is where the FMEDA process comes in.

Two standards are commonly utilized in the FMEDA process:

  • IEC 61508 is an international standard published by the International Electrotechnical Commission. It details methods that describe how to apply, design, deploy and maintain automatic protection systems called safety-related systems. It is titled “Functional Safety of Electrical/Electronic/Programmable Electronic Safety-related Systems (E/E/PE, or E/E/PES)”. IEC 61508 is a basic functional safety standard applicable to all industries. It defines functional safety as: “part of the overall safety relating to the EUC (Equipment Under Control) and the EUC control system which depends on the correct functioning of the E/E/PE safety-related systems, other technology safety-related systems, and external risk reduction facilities.” The fundamental concept is that any safety-related system must work correctly or fail in a predictable (safe) way.

    IEC 61508 is utilized for systems with a LOW demand rate, i.e., less than once-per-year.

  • ISO 13849 is a safety standard that applies to parts of machinery control systems that are assigned to providing safety functions (called safety-related parts of a control system). ISO 13849 is simplified for use in the machinery sector. The standard has two parts:
    • ISO 13849-1, Part 1: General principles for design, provides safety requirements and guidance on the principles of design and integration of safety-related parts of control systems (hardware or software).
    • ISO 13849-2, Part 2: Validation, specifies the procedures to be followed for validating by analysis or tests, the safety functions of the system, the category achieved and the performance level achieved.[2]


ISO 13849 is designed for use in machinery with high to continuous demand rates. A high rate is defined as once or more per year of operation; a continuous demand rate is much more frequent than a high rate.

My project (17)

Evaluating FMEDA efficiently with the help of LHP

The purpose of an FMEDA is to evaluate the parts in the whole system and analyze how their failures can impact safety at the system and vehicle level. This is a quantitative analysis conducted for each potential safety goal violation. A staggering number of calculations are involved. For example, determining the failure rate for each hardware part on a circuit board can be a challenge due to the sheer complexity of so many different parts being integrated into one module or system.

Generic failure rates cannot be used, because the failure rates highly depend on what environment the part is being subjected to, how it is being used in the circuit, the thermodynamic stresses and electrical stresses, and the mechanical stresses it endures. All those factors determine the failure rates. The same hardware part will have different failure rates if it is being used differently, or in a different environment, or a different application. It will not be one size fits all. Every circuit board is different. Every design is different. Every application is different.

LHP’s FMEDA tools help simplify this complex process without sacrificing accuracy

The purpose of an FMEDA is to evaluate the parts in the whole system and analyze how they will be used. It is a significantly complex puzzle to solve. Many questions need to be answered, and this is where LHP’s FMEDA tools can help. Can a part have the same failure rate if it is being used differently in various applications? How can you view the failure rate model to calculate the failure rate? These are a few of the common pain points, and it can be very labor-intensive to determine the failure rates for these parts using manual methods.

For example, imagine that you want to use a spreadsheet to compile your FMEDA. There will be a lot of intensive engineering hours involved to build the load calculation formula. Once the calculation formula is done, you can only use it one time, when you put in a given parameter, because if you use it another time, either you will have to copy and paste the formula into another cell, or you will change a parameter that overwrites the information you entered before. The process is clunky, slow, prone to human error, and the history is not being captured.

However, using LHP’s FMEDA tool is much like using a lookup table. The model is already built and resides within a library. The models are linked to manufacturer part numbers with rated and manufacturing parameters, based on the manufacturer data sheets, stored in the model. And every time that the same part number is being used in your circuits, you can just import your Bill of Material (BOM) into the tool, and the tool will pull out the matching model, and you don't have to do the research again. So, in just that part alone, you will save many engineering hours. And the savings will multiply every time the process is repeated. Whenever the same hardware part is being used, the same model will be pulled out with common parameters already stored in the library, only requiring a change the environment and electrical parameters that are specific to your application and how the part is to be used in your design.

Today’s products are increasing in complexity at a significant rate. The FMEDA process is a critical part of designing and building safe and reliable products. LHP’s FMEDA tools are practical, highly useful, and can streamline the FMEDA process, increasing the trustworthiness of your analyses by utilizing real-world data for each unique instance, and doing so in a way that is cost-effective and saves you a lot of time.

 

Interested in learning more about FMEDA for your organization? Contact our team today!

CONTACT US

 

Steven Lu

Written by Steven Lu

Steven joined LHP in 2016 as a consultant and is now a full time Principal Safety engineer in Mount Holly, North Carolina. He has extensive aerospace experience from component level all the way to craft level, covering both mechanical and electronics equipment. Steven also developed the LHP training for Medini software for Functional Safety and Hardware Architectural Metrics applications. Before coming to LHP, Steven spent 16 years in the aerospace and defense industry with specialty in Reliability, Maintainability, System Safety, and Human Factor Engineering. As a Reliability Engineer at Chemring Sensor and Electronics Systems, he was responsible for leading Reliability, Availability, Maintainability (RAM) and Integrated Logistic Support (ILS) programs for all three variants of Next Generation Chemical Detector (NGCD). Steven was a Principal Reliability Engineer at Textron where he built and lead a Reliability, Maintainability, Safety (RMS) team to provide RMS support and inputs to influence product design, during which he was certified by NAVSEA for Reliability Centered Maintenance (RCM) Level II while working on US Navy next generation Landing Craft Air Cushion, the Ship to Shore Connector (SSC). As a Project, Reliability, and Safety Engineer at Meggitt Airdynamics, Steven led a reliability and system safety program, performed Reliability Prediction, Functional Hazard Assessment (FHA), FMECA, FTA, and Common Mode Analysis (CMA) on Pneumatic Pressure and Temperature Control System for Embraer Legacy 450/500 Jet and provided support to Embraer for ARP4754, DO-178, and DO-254 certifications. In a similar position at BAE Systems, he produced reports on Reliability Prediction using MIL-HDBK-217 model and Relex Software; FMECA using MIL-STD-1629; Maintainability Prediction using MIL-HDBK-470; System Safety Assessment (SSA), including FTA, BIT Coverage Analysis (BCA), and CMA, using MIL-STD-882 and SAE ARP4761. In this role, Steven also documented traceability to achieve successful FAA Technical Standard Orders (TSO) Certification on Integrated Sensor Unit and intensively researched reliability data to coordinate the improvement of calculation method and increased Mean Time Between Failures (MTBF) accuracy bringing RAH-66 Flight Control Computer (FCC) MTBF into compliance. Steven attended California State Polytechnic University in Pomona and has a Bachelor’s degree in Electrical Engineering.