FMECA

FAILURE MODES EFFECTS & CRITICALITY ANALYSIS (FMECA)

AIM

The aim of a Failure Modes Effects & Criticality Analysis (FMECA) is to:

	Identify the failure modes within a system;
	Trace forward the effect of each failure mode on the system or its function;
	Identify the most significant failure modes.

APPLICABILITY

FMECA is a very useful technique for the identification of failure modes and the resultant system effects. The technique can be used for all types of system and at all levels of system design:

	At a function level a functional FMECA may be used to determine or apportion the safety requirements.
	As a high level assessment (PHA) of systems.
	At Subsystem or component levels, failure modes can be analysed to determine their effect upon failure on sub-assemblies.

DESCRIPTION

Before starting an FMECA, the physical boundaries of the system and the aim of the analysis need to be defined. For example, whether the aim is to identify failures leading to safety hazards or to assess overall system performance. The system also needs to be well understood, as it is the knowledge of failures and error modes that will lead to the development of the FMECA.

Firstly, the system is divided into separate sub-systems (or "Nodes") for individual analysis. This must be done carefully and the correct level of sub-division chosen. The correct level depends on the requirements of the study and the knowledge of the failure modes of the subsystems. Each of the nodes is considered in turn, and each possible failure mode assessed. This is done to determine the effect of each failure mode at some level of concern, which may be the next higher level in the system (local effects) or the total system function (system effects).

FMECA is therefore a 'bottom up' technique. Analysis starts for each element at a level at which some knowledge of failure modes, and in some cases failure rates, is available.

From there it works towards the determination of the effect(s) at higher levels. The results of the analysis are usually recorded in a tabular format such as that shown in Table 1 of the example. The FMECA recording system can be as simple or as complex as required, and might include equipment failure rates apportioned to failure modes or consequence categories. Once failure modes and effects have been determined, the critical failure modes (i.e. the most important due to severity, frequency or both) can be identified. This identification process is carried out by assigning a probability and consequence (severity) to each of the failure modes, and ranking the modes on a Criticality Matrix. The specification of consequence categories and their severity level will differ from system to system. A sample Criticality Matrix is shown in Figure 1 of the example.

The matrix is a useful aid in identifying the critical components or sub-systems and hence the areas that may require some re-design or further assessment.

CONDITIONS

To use the FMECA technique:

	The system and all sub-systems must be definable, and all interactions between the sub-systems must be understood;
	The effect of a failures on higher levels of the system must be understood;
	The assumed environment and operating conditions to which the FMECA applies must be defined.

ADVANTAGES

	Sets down, systematically, the logical cause to effect relationships, whilst allowing flexibility of approach - functional or hardware or a combination of both.
	Analysis can begin at the earliest stage in the design, before equipment has been specified, by adopting a functional approach. Analysis can then progress along with the design, and help the designers to produce the most cost-effective solution.
	Critical areas of the system can be identified at an early stage in the design, enabling a more detailed study to be concentrated in those areas.
	Depending on how structured the FMECA has been, it may be possible for a model for subsequent quantification to be obtained from FMECA. FMECA provides basic failure modes of the system, together with sequences of events that can cause them, which can be incorporated in a Fault Tree Analysis.

DISADVANTAGES

	Tends to generate many failure scenarios that prove to be insignificant.
	Can be extremely time-consuming and laborious.
	Can miss 'inter-system' effects and has difficulty in dealing with time sequences, restoration processes and environmental conditions. An FMECA analysis can therefore fail to identify dependent failure events.

STANDARDS

	"Reliability of Systems, Equipment and Components" BS5760.
	"Safety Management Requirements for Defence Systems Containing Programmable Electronics", DEF STAN 00-56 (Draft).
	"Procedures for Failure Modes Effects Analysis", IEC 812.
	"MOD Practices and Procedures for Reliability and Maintainability, Part 4: Reliability Engineering", DEF STAN 00-41.
	"Procedures for Performing a Failure Mode, Effects and Criticality Analysis",
	US Military Standard, MIL-STD-1629A.

Decreasing Frequency

Occasional			A3
Rare	A4	A1
Exceptionally Rare			A2
	Hazard	No Power	Reduced Power

Increasing Consequence

FIGURE 1: EXAMPLE CRITICALITY MATRIX