Safety and Reliability Engineering

Part 9: Fault Tree and FMEA

Prof. Dr.-Ing. Stefan Kowalewski

Chair Informatik XI, Embedded Software Laboratory
RWTH Aachen University

Summer term 2006

Organizational Issues
Slide Register for Seminars and laboratory course
Slide Wahlen zum Studierendenparlament
No lecture on 28.06.2006 because Prof. Kowalewski is
involved in the UMIC project
Next lecture on 05.06.2006 (last lecture)
EvaSys survey.
Please fill in the questionnaire
Next exercise course is tomorrow the 29.06.2006
Written examination on 12.06.2006 in AH III

Agenda
Reminder for the fault tree basics
Introducing new Fault tree elements
Introducing of FMEA
Examples for Fault tree and FMEA

Reminder: Fault Tree Analysis

Fault Tree Analysis (FTA) is a top-down approach to
failure analysis
Analysis proceeds by determining how a undesirable event
can be caused by individual os combined lower level
failures or events
Logical connection between the events e. g. AND-gates
and OR-gates
FTA is often used in praxis for risk and reliability studies
FTA is a method for analyzing causes of hazards
(not identifying hazards)

Fault Tree Repesentation

Top event
Intermediate
events

Basic
events

Exercise Last Lecture 1/2

RBD:
1

3
5

Minimal cut sets:

Failure of components 1 and 2
Failure of components 3 and 4
Failure of components 1, 5 and 4
Failure of components 2, 5 and 3

Exercise Last Lecture 2/2

Minimal cut sets:
Failure of components 1 and 2
Failure of components 3 and 4
Failure of components 1, 5 and 4
Failure of components 2, 5 and 3

Fault Tree:

Fault Tree Example

Determine a Fault Tree for a patient monitoring system.

Suggestions?

Resulting Fault Tree

More Elements
Up to now we saw AND-gates and OR-gates

There are a lot of other gates in Fault Tree Analysis which

are use to express different things.
Can you imagine one?

New Elements
Voting OR:
The output event occurs if k or
more of the input events occur

Inhibit:
The input events occurs if all input
events occurs and an additional
conditional event occurs

Priority AND:
The output event occurs if all input
events occur ib a specific sequence

XOR:
The output event occurs if exactly
one input event occurs

Example for the new elements 3/3

Priority AND: Fault Tree

Basic Event Block in FTA

Basic Event:
Basic initiating fault

External Event:
(House Event) Event
with probability 0 or 1

Undeveloped Event:
Event that does not need
further development

Conditioning Event:
condition that con be applied
to any gate

Introduction FMEA
Failure Modes and Effects Analysis (FMEA)
Uses Forward search
Initiating events: failures of individual components
Developed by reliability engineers
FMEA perform a Qualitative Analysis

Example for a FMEA

FMEA Main Components

Initial:
Individual components
Function:
Analyze all functions of the component
Failure:
Analyze the failure possibilities
Analyze the effect of the failure
Analyze the cause for the failure
Risk evaluation:
Estimation of the effect of the failure
Estimation of the probability of the failure
Estimation of the probability to detect the failure

FMEA Table 1/3

Page:
Department:
FMEA-No.:
Date:

FMEA (Failure Modes and Effects Analysis)

Quality Assurance

No.
1

Component /
Function Failure Kind
Process
2

Failure
Effect

Failure
Cause

Failure
Avoidance

Failur
Detection

B A E RPZ
9 10 11

12

Measures
13

1. No.: Unique Number

2. Component / Process: Name of analyzed component,
process or function
3. Function: All list here all function of the component from
2. for the analyzed system (black-box-function)
4. Failure Kind: For all functions form 3. list all possible
failure which can appear

FMEA Table 2/3

Page:
Department:
FMEA-No.:
Date:

FMEA (Failure Modes and Effects Analysis)

Quality Assurance

No.
1

Component /
Function
Process
2

Failur Kind

Failure
Effect

Failure
Cause

Failure
Avoidance

Failur
Detection

B A E RPZ
9 10 11

12

Measures
13

5. Failure Effect: List for all failures the consequences for

other components and the over all system
6. Failure Cause: List the possible reasons for the failure
7. Failure Avoidance: List all possibilities to avoid the
failure
8. Failure Detection: List the possibilities to detect the
failure

FMEA Table 3/3

Page:
Department:
FMEA-No.:
Date:

FMEA (Failure Modes and Effects Analysis)

Quality Assurance

No.
1

Component /
Function
Process
2

Failur Kind

Failure
Effect

Failure
Cause

Failure
Avoidance

Failur
Detection

B A E RPZ
9 10 11

12

Measures
13

9. B: Number between 1 and 10 which denote the impact of

the failure. (1 no impact; 10 great impact)
10. A: Number between 1 and 10 which denote the probability
that the failure occurs (1 very unlikely; 10 very likely)
11. E: Number between 1 and 10 which denote the probability to
detect the failure (1 very unlikely; 10 very likely)
12. RPZ: Risk Priority Number R=B*A*E
13. Measure: Things that can be done to lower the RPZ.

Create a FMEA
First get all Components
Denote all function, failures, failure effects and failure
reasons
Analyze the possibilities to avoid the failure and to detect
the failure
Decide the Numbers for A, B and E
Compute the RPZ Number.
Analyze the Number with rules like:
A, B and E should be lower 7
RPZ should be lower than 125

If necessary do measures to lower A, B or E

Kinds of FMEA
There are often different kinds of FMEAs.
Example :
FMEA for System Analysis
FMEA for Construction Analysis
FMEA for Process Analysis
Often different tables and different meanings of the
numbers

FMEA Example 1/2

FAILURE MODE AND EFFECTS ANALYSIS (FMEA)
Page 3 of 3
Subsystem/Name: DC motor
P = Probabilities (chance) of Occurrences
Final Design: 31/5/2000
Model Year/Vehicle(s): 2000/DC motor
S = Seriousness of Failure to the Vehicle
Prepared by:
D = Likelihood that the Defect will Reach the
customer
R = Risk Priority Measure (P x S x D)
Reviewed by: Chris
FMEA Date (Org.): 27/4/2000 (Rev.) 31/5/2000)
1 = very low or none
2 = low or minor
3 = moderate or significant
4 = high
5 = very high or catastrophic

Example FMEA 2/2

Function

No
.

Part
Name
Part No.

Motor

Provides
voltage
signal
Produce
final
product

Failure
Mode

Signal loss
Defects in
products

Mechanism(s)
& Causes(s)
of Failure

Effect(s)
Of Failure

Faulty leads
Incorrect
motion

Unstable
control
loop
Endanger
operators
Serious
damage
Customers
complain
Faulty
products
are
identified

Current
Control

P.R.A.
P

3
4

5
5

4
5

60
10
0

Recommended
Corrective
Action(s)

Durability test
on leads
QC checked
Increased staff
in inspection
Set up
customer
complain
department

Action(s)
Taken

Conclusion
Fault Tree Analysis is a top-down approach.
There are a lot of elements to describe the reasons and
connection which cause the failure
FMEA is an bottom-up approach.
FMEA can be applied during the design process
FMEA is structured process to analyze qualitatively failures
and their effect on the system