Failure Modes, Effects, and Diagnostic Analysis (FMEDA) is an advanced, systematic approach used in functional safety analysis to evaluate the reliability and diagnostic capabilities of hardware elements. This method is a crucial part of the safety assessment process and helps ensure that safety goals are met according to industry standards such as ISO 26262 for automotive applications or IEC 61508 for other sectors. FMEDA is particularly critical in hardware design and development stages where detailed implementation information is available.
1. Inputs Required for FMEDA
Before performing an FMEDA, several key inputs are needed:
- Hardware Elements: FMEDA is most effective when close to hardware implementation. All components, such as microcontrollers, sensors, and actuators, should be identified and analyzed.
- Failure Rate Data: Accurate failure rate information is essential. These values can come from historical data, reliability databases, or manufacturer specifications.
- Catalog of Failure Modes: A comprehensive list of potential failure modes for each hardware element must be defined. For instance, common failure modes might include short circuits, open circuits, and signal deviations.
- Safety Goals/Requirements: Clearly defined safety goals and requirements aligned with the system’s functional safety plan are necessary. These goals determine the safety performance and integrity level required.
- Safety Mechanisms & Diagnostic Coverage (DC): The available safety mechanisms and their diagnostic coverage levels should be detailed. These mechanisms, such as redundancy checks and error-detection algorithms, are key to managing faults and maintaining system safety.
2. FMEDA Process
The FMEDA process is structured around evaluating the failure modes, their effects on the system, and the effectiveness of diagnostic measures. Here’s how it typically unfolds:
- Identify Failure Modes: Each hardware element’s failure modes are identified and categorized based on their potential impact on the system.
- Assess Effects: The impact of each failure mode is evaluated to determine if it could lead to a violation of the safety goal. This step involves understanding how the failure mode affects the hardware’s function and the overall system.
- Apply Safety Mechanisms: Safety mechanisms are allocated to detect or mitigate the identified failure modes. The level of coverage they provide (i.e., the Diagnostic Coverage or DC) is measured to determine their effectiveness.
- Classify Faults: Faults are classified into different categories:
- Single Point Faults (SPF): Faults that directly lead to the violation of a safety goal without any form of detection.
- Latent Faults (LF): Undetected faults that could combine with other faults to result in a hazardous event.
- Calculate Metrics: Important safety metrics are calculated based on these classifications:
- Single Point Fault Metric (SPFM): Measures the percentage of single point faults that are detected or mitigated by safety mechanisms.
- Latent Fault Metric (LFM): Evaluates the percentage of latent faults that remain undetected.
- Probabilistic Metric for Hardware Failures (PMHF): Assesses the probability of dangerous failures per hour.
- Determine Safety Integrity Level (SIL/ASIL): The calculated metrics are then compared with the target safety goals. The system’s safety integrity level (ASIL in automotive or SIL in other industries) is confirmed based on these results, either directly or in combination with other analyses.
3. Outputs of FMEDA
The FMEDA process provides several key outputs:
- Single Point Fault Metric (SPFM): Indicates the robustness of the system against single point faults.
- Latent Fault Metric (LFM): Provides insight into the system’s capability to detect and manage latent faults.
- Probabilistic Metric for Hardware Failures (PMHF): Reflects the overall hardware reliability and the likelihood of failure during operation.
- Safety Goal Confirmation: Confirms whether the safety goals and the associated ASIL level have been achieved.