8/8/2019 lecture 25 2007 11 05
1/34
Lecture 25 2007 11 05
1
TOOLS IN DESIGN FOR RELIABILITY
Preliminary Hazard Analysis (PHA)
Fault Tree Analysis
Failure Mode And Effect Analysis (FMEA)
8/8/2019 lecture 25 2007 11 05
2/34
8/8/2019 lecture 25 2007 11 05
3/34
Lecture 25 2007 11 05
3
PRELIMINARY HAZARD ANALYSIS (PHA)
1. What is the subsystem or item under investigation?
2. What is the mode of operation?
3. What is the hazardous condition and why?
4. What event(s) triggers the hazardous condition?
5. What is the hazardous condition?
6. What event(s) triggers the potential accident?
7. What is the potential accident?
8. What is the possible effect(s) of the accident?
9. What is the classification of the severity of the hazard?
10. What measures are taken to contain or prevent occurences?
PHA is a broad study made in the early stages of design. The PHA consists of
breaking the engineering system down into subsystems or components, and for each
item answering the following questions:
8/8/2019 lecture 25 2007 11 05
4/34
Lecture 25 2007 11 05
4
PRELIMINARY HAZARD ANALYSIS (PHA)
Classic Hazard Level Matrix
safeware-eng.com
8/8/2019 lecture 25 2007 11 05
5/34
Lecture 25 2007 11 05
5
PRELIMINARY HAZARD ANALYSIS (PHA)
safeware-eng.com
Severity level classification from an aviation standard:
Class I: CatastrophicUn-survivable accident with hull loss.
Class II: Critical
Survivable accident with less than full hull loss; fatalities possibleClass III: Marginal
Equipment loss with possible injuries and no fatalities
Class IV: NegligibleSome loss of efficiency
Procedures able to compensate, but controller workload likely to be highuntil overall system demand reduced.
Reportable incident events such as operational errors, pilot deviations,surface vehicle deviation.
8/8/2019 lecture 25 2007 11 05
6/34
Lecture 25 2007 11 05
6
PHA WORKSHEETS
8/8/2019 lecture 25 2007 11 05
7/34
Lecture 25 2007 11 05
7
FAULT TREE ANALYSIS
Fault tree analysis is a technique that provides a systematic descriptionof possible occurrences in a system that can result in failure or severe
accident.
The four basic steps involved in developing a fault tree are as follows:
1. Develop the top undesired event of the system to be studied.
2. Develop a thorough understanding of the system under
consideration.
3. Determine the logical interrelationships of higher-level and lower-level
fault events.
4. Construct the fault tree using logical symbols.
8/8/2019 lecture 25 2007 11 05
8/34
Lecture 25 2007 11 05
8
FAULT TREE ANALYSIS
Basic symbols used in fault trees:
Resultant fault event:
a rectangle denotes a fault event that results from a combination of
failure events through the input of a logic gate, such as an AND gate or
an OR gate
Basic fault event:
a circle denotes a basic fault event or the failure of an elementary
component. The values of the parameters, such as failure probability,
unavailability, failure rate, and repair rate, associated with the basic fault
event are obtained from empirical studies or other sources
AND gate:denotes that an output fault event occurs if all of the input fault events
occur
OR gate:
denotes that an output fault event occurs if one or more of the input fault
events occur
8/8/2019 lecture 25 2007 11 05
9/34
Lecture 25 2007 11 05
9
FAULT TREE ANALYSIS
AND OR
Basic
fault events
AND gate OR gate
Gate
Resultant
fault event
All basic fault events must
occur in order for resultant
event to occur
At least one basic fault event
must occur in order for the
resultant event to occur
8/8/2019 lecture 25 2007 11 05
10/34
Lecture 25 2007 11 05
10
The output fault occurrence probabilities forAND gate is:
1AND
mF F
ii
==
FAULT TREE ANALYSIS
F1
F2
FAND
Example:
F1 = 0.1
F2 = 0.05
FAND = 0.1 * 0.05 = 0.005INPUT EVENTS
OUTPUT EVENT
where
FAND
is the probability of occurrence of the AND gate output fault event
m is the number of independent input fault events
Fi
is the probability of occurrence of input fault event i, fori=1, 2, m
AND
8/8/2019 lecture 25 2007 11 05
11/34
Lecture 25 2007 11 05
11=
=m
ii
FFO
1R
The output fault occurrence probabilities forOR gate:
where
FOR is the probability of occurrence of the OR gate output fault event
m is the number of independent input fault events
Fiis the probability of occurrence of input fault event i, fori=1, 2, m
Note: For small (i.e. less than 10 percent) occurrence probabilities of
input fault events of the OR gate, the above equation reduces to:
1 (1 )1
ORmF F
ii
==
FAULT TREE ANALYSIS
F1
F2
FOR
Example:
F1 = 0.1
F2 = 0.05
FOR = 1 (1 - 0.1)*(1- 0.05) = 0.145INPUT EVENTS
OUTPUT EVENT
OR
8/8/2019 lecture 25 2007 11 05
12/34
Lecture 25 2007 11 05
12
Example: Develop a fault tree for a system comprising of a windowless room with one switch
and three light bulbs. The switch can only fail to close, and the top undesirable event is the
room without light.
[Dhillon 1996]
FAULT TREE ANALYSIS
OR
OR
AND
FAULT EVENT
BASIC FAULT EVENT
TOP EVENT
BASIC FAULT EVENT
8/8/2019 lecture 25 2007 11 05
13/34
Lecture 25 2007 11 05
13
Example: (cont'd) Assume that the probabilities of occurrence of basic fault events A ,B, C,D. E, and F are 0.1, 0.12,0.15, 0.15, 0.15, and 0.08, respectively.
Calculate the probability of occurrence of the top event (T) (i.e. the room without light).
Probability of having a room
without light is 27%
[Dhillon 1996]
FAULT TREE ANALYSIS
1 (1 )1
1 (1 0.1)(1 0.12) 0.208
O
mF F
ii
===
=
R 1
0.15*0.15*0.15 0.003375
AND
mF F
ii
===
=
OR
OR
AND
1 (1 )1
1 (1 0.208)(1 0.003375)(1 0.08)
0.27
O
mF F
ii
===
R
8/8/2019 lecture 25 2007 11 05
14/34
Lecture 25 2007 11 05
14
Develop a fault tree for a climb. The top undesirable event is not making it to the summit byat least one member of your climbing your team
You climb in a team which can not split.
Team is lead by a guide.
Each team member on your team has 40% probability of failure
Guide has 10% probability of failure
Weather has 20% probability of turning bad
What is the probability of the climb failure?
FAULT TREE ANALYSIS
8/8/2019 lecture 25 2007 11 05
15/34
Lecture 25 2007 11 05
15
OR
0.4 0.4 0.1
0.6761 (1- 0.4) (1- 0.4)(1- 0.1) = 0.676 0.2
OR
0.741 (1- 0.676) (1- 0.2) = 0.74
TWO CLIMBERS PLUS GUIDE
8/8/2019 lecture 25 2007 11 05
16/34
Lecture 25 2007 11 05
16
OR
0.4 0.1
0.4601 (1- 0.4) (1- 0.1) = 0.460 0.2
OR
0.5681 (1- 0.46) (1- 0.2) = 0.568
TWO TEAMS OF SINGLE CLIMBER PLUS GUIDE
version 1
8/8/2019 lecture 25 2007 11 05
17/34
Lecture 25 2007 11 05
17
OR
0.2 0.05
0.241 (1- 0.2) (1- 0.05) = 0.24 0.1
OR
0.3161 (1- 0.24) (1- 0.1) = 0.568
TWO TEAMS OF SINGLE CLIMBER PLUS GUIDE
version 2
Each team member on your teamhas 20% probability of failure
Guide has 50% probability of failure
Weather has 10% probability ofturning bad
8/8/2019 lecture 25 2007 11 05
18/34
Lecture 25 2007 11 05
18
FAILURE MODES AND EFFECTS ANALYSIS (FMEA)
FMEAFailure modes
Failure effects
FMECAFailure modes
Failure effects
Failure criticality
8/8/2019 lecture 25 2007 11 05
19/34
8/8/2019 lecture 25 2007 11 05
20/34
Lecture 25 2007 11 05
20
FAILURE MODES AND EFFECTS ANALYSIS (FMEA)
Failure Modes and Effects Analysis
is a detailed analysis of the malfunctions that can be produced in
the components of an engineering system. Similar to the QFD
approach, FMEA techniques involve charts that are developed,
amended and updated over time.
Primary Goal of Failure Modes and Effects Analysis
is to try to identify and list all possible ways in which product or a
process could fail to conform to its specified requirements.
[McMahon and Bowne 1993]
8/8/2019 lecture 25 2007 11 05
21/34
Lecture 25 2007 11 05
21
FAILURE MODES AND EFFECTS ANALYSIS (FMEA)
FMEA poses the following questions:
What can fail/go wrong with each component of a product?
To what extend it might fail, and what are the potential
hazards produced by the failure?
What steps should be implemented to prevent the failure?
L t 25 2007 11 05
8/8/2019 lecture 25 2007 11 05
22/34
Lecture 25 2007 11 05
22
FAILURE MODES AND EFFECTS ANALYSIS (FMEA)
Types of Failure Modes and Effects Analyses
There are several types of FMEAs, some are used much more often than others.
FMEAs should always be done whenever failures would mean potential harm or
injury to the user of the end item being designed.
The types of FMEA are:
System - focuses on global system functionsDesign - focuses on components and subsystems
Process - focuses on manufacturing and assembly processes
Service - focuses on service functions
http://www.npd-solutions.com/fmea.html
L t 25 2007 11 05
8/8/2019 lecture 25 2007 11 05
23/34
Lecture 25 2007 11 05
23
FAILURE MODES AND EFFECTS ANALYSIS (FMEA)
If performed early in the design process, FMEA supports the product development in
reducing the risk of failure by:
Aiding in the objective evaluation of design requirements and design alternatives
Aiding in the initial DFM and DFA requirements
Increasing the probability that potential failure modes and their effects on system
operation have been considered in the design process
Providing additional information to aid in the planning of thorough and efficient
design improvements and development testing
Providing an open issue format for recommending and tracking risk reducing action
Providing future references to aid in analyzing filed concerns, evaluating design
changes and developing advanced designs
Lect re 25 2007 11 05
8/8/2019 lecture 25 2007 11 05
24/34
Lecture 25 2007 11 05
24
Top-down, functional approach
This approach is used in early design, before parts have been identified.
The goal here is to look forlogic errors in the expected function and
operation of a product. One identifies a failure mode for the product as a
whole, then traces its causes "down" into subsystems or sub-functions.
FAILURE MODES AND EFFECTS ANALYSIS (FMEA)
Bottom-up, "hardware" approach
This approach is used when specific parts or at least major assemblies
have been designed. The goal here is to look forphysical errors in the
detailed design/manufacture of parts. One identifies a failure mode,
and then follows its effects "up" to the product as a whole in order to
predict how the product will respond to the failure
Lecture 25 2007 11 05
8/8/2019 lecture 25 2007 11 05
25/34
Lecture 25 2007 11 05
25
Basis steps:
1. A complete list of the components and their function is prepared.
2. From an analysis of the operating and environmental conditions, the failuremechanisms that could affect each component are determined.
3. The failure modes of all components are identified.
4. Each failure mode is analyzed as to whether it has an effect on the entiresystem or product
5. The preventative measures or corrective actions that have been taken tocontrol or eliminate the hazard are listed.
6. The probability of failure of each component is listed, and the probabilitiesof failure of the subassemblies and complete system are caluclated fromreliability theory.
FAILURE MODES AND EFFECTS ANALYSIS (FMEA)
Lecture 25 2007 11 05
8/8/2019 lecture 25 2007 11 05
26/34
Lecture 25 2007 11 05
26
Risk Priority Number (RPN) -is assigned to each failure mode based on occurrence, severity,
and detection of failure cause.
RPN = R occurrence x R severity x R detection
where 1 < RPN < 1000
RANKING PROCEDURE FOR FMEA
R occurrence
Identify every possible cause of each failure, and rank each cause
according to the likelihood of its occurrence on a scale of 1 to 10:
1 - cause will almost never arise ( ie. 1 in 106)
5 - occasional failure ( ie. 1 in 400)
10 regular occurrence
Lecture 25 2007 11 05
8/8/2019 lecture 25 2007 11 05
27/34
Lecture 25 2007 11 05
27
RANKING PROCEDURE FOR FMEA
Risk of occurrence
http://egweb.mines.edu/eggn491/lecture/FMEA/FMEA%20Homework.htm
Lecture 25 2007 11 05
8/8/2019 lecture 25 2007 11 05
28/34
Lecture 25 2007 11 05
28
R severity Rate the severityof each possible failure on a scale of 1 to 10
1 - the customer would hardly notice the failure
5 - customer would be made uncomfortable or annoyed by the failure
10 - a major failure such as a significant safety hazard or non-compliance with a
government regulation
RANKING PROCEDURE FOR FMEA
Risk Priority Number (RPN) -is assigned to each failure mode based on occurrence, severity,
and detection of failure cause.
RPN = R occurrence x R severity x R detection
where 1 < RPN < 1000
Lecture 25 2007 11 05
8/8/2019 lecture 25 2007 11 05
29/34
Lecture 25 2007 11 05
29http://egweb.mines.edu/eggn491/lecture/FMEA/FMEA%20Homework.htm
RANKING PROCEDURE FOR FMEA
Severity of effect of failure
Lecture 25 2007 11 05
8/8/2019 lecture 25 2007 11 05
30/34
Lecture 25 2007 11 05
30
R detection
List current technologies being used to detect a failure cause and assign a likelihood of
detection prior to failure to each failure based on a scale of 1 to 10:
1 almost certain detection
10 practically undetectable mode
RANKING PROCEDURE FOR FMEA
Risk Priority Number (RPN) -is assigned to each failure mode based on occurrence, severity,
and detection of failure cause.
RPN = R occurrence x R severity x R detection
where 1 < RPN < 1000
Lecture 25 2007 11 05
8/8/2019 lecture 25 2007 11 05
31/34
Lecture 25 2007 11 05
31http://egweb.mines.edu/eggn491/lecture/FMEA/FMEA%20Homework.htm
RANKING PROCEDURE FOR FMEA
Probability of detection
Lecture 25 2007 11 05
8/8/2019 lecture 25 2007 11 05
32/34
32
RANKING PROCEDURE FOR FMEA
Risk Priority Number
RPN = R occurrence x R severity x R detection
RPN = 1 failure is highly unlikely and unimportant
RPN = 30 it is OK
RPN = 100 failure will occur
RPN = 1000 hazardous and harmful failure will occur
Lecture 25 2007 11 05
8/8/2019 lecture 25 2007 11 05
33/34
33
http://www.suppliermanager-online.com/training/corporation/fmea_training.pdf
STEPS IN FMEA AGAIN
Lecture 25 2007 11 05
8/8/2019 lecture 25 2007 11 05
34/34
FMEA OF A CAR FRONT DOOR
Front door Corroded
interior
Deteriorate
dlifeleadin
gto
unsatisfa
ctoryappearance
andin
teriorhardware
malfun
ction
Upper edge of
wax too low 6 7 7 294
Wax layer
too thin
Durability
test T-118
4 7 7 196
Failure mode
(how part can fail?)
Failure effect on product/system
7 x 4 x 7=196
7 x 6 x 7=294
Causes of failure