FMEA SOD Definition and Functional Safety
[Author]
Renhong WENG, Safety, and Security, and RAMS investigator
Present how to define the FMEA SOD in real project, which are big problem, and this article provides one example of explanations, especially for the MSR those relationship with functional safety, readers can take it as model, much thanks!
FMEA SOD definition can refer to following:
First: Severity value in DFMEA
| 2S | Effect | DFMEA |
| 10 | Very High | Safety related |
| 9 | Very High | Regulation related |
| 8 | High | Loss of primary functions |
| 7 | High | Degradation of primary functions |
| 6 | Moderate | Loss of secondary functions |
| 5 | Moderate | Degradation of secondary functions |
| 4 | Moderate | Appearance/assembly problem, 75% customer can find out |
| 3 | Low | Appearance/assembly problem, 50% customer can find out |
| 2 | Low | Appearance/assembly problem, 10% customer can find out |
| 1 | Very Low | No obvious effect on customer or product |
Second: Occurrence value in DFMEA
| O | Effect | Design phase | PPM | CPK |
| 10 | Extremely High | Failure happen in Walk through occurs | 100000 | >=0.55 |
| 9 | Very High | 50000 | >=0.65 | |
| 8 | Very High | Failure happen in Inspection and verification review | 20000 | >=0.77 |
| 7 | High | 10000 | >=0.85 | |
| 6 | High | Failure happen in Simulation or mathematical calculation or detal theoretical analysis | 5000 | >=0.93 |
| 5 | Moderate | 2000 | >=1.03 | |
| 4 | Moderate | Failure happen in DVP Test | 1000 | >=1.10 |
| 3 | Low | Failure happen in Special Reliability Test HALT SYS TEST SYS INTEGRATION TEST | 100 | >=1.33 |
| 2 | Very Low | Failure happen in HW TEST SW TEST IN UNIT LEVEL | 10 | >=1.50 |
| 1 | Extremely Low | NOT occurs in all of VV tests | 1 | >=1.67 |
Third: Detection value in DFMEA
| D | Effect | Design phase | Explanation |
| 10 | Very Low | Walk through | No control methodology |
| 9 | Very Low | >20% can detect errors | |
| 8 | Low | Inspection and verification review | >30% can detect errors |
| 7 | Low | >40% can detect errors | |
| 6 | Moderate | Simulation or mathematical calculation or detal theoretical analysis | >50% can detect errors |
| 5 | Moderate | >60% can detect errors | |
| 4 | High | DVP Test | >70% can detect errors |
| 3 | High | Special Reliability Test HALT SYS TEST SYS INTEGRATION TES | >80% can detect errors |
| 2 | High | HW TEST SW TEST IN UNIT LEVEL | >90% can detect errors |
| 1 | Very High | all of VV tests | 100% can detect errors |
Forth: Severity value in MSR
same as in DFMEA
Note: in ASIL B or higher system, there shall be no S=9, 10 items existing in this MSR, or else there are not compliant with functional safety rules.
Fifth: Frequency value in MSR
| F | Estimated Frequency | Design phase | Functional safety compliant |
| 10 | Extremely High or cannot be determined | Failure found in Walk through occurs | |
| 9 | High | ||
| 8 | High | Failure happen in Inspection and verification review | |
| 7 | Medium | EEC in Failure class 6 or Safety mechanisms allocated with ASIL A | |
| 6 | Medium | Failure happen in Simulation or mathematical calculation or detal theoretical analysis | EEC in Failure class 5 or Safety mechanisms allocated with ASIL B(B) |
| 5 | Medium | EEC in Failure class 4 | |
| 4 | Low | Failure happen in DVP Test | EEC in Failure class 3 or Safety mechanisms allocated with ASIL C(C) |
| 3 | Very Low | Failure happen in Special Reliability Test HALT SYS TEST SYS INTEGRATION TEST | Safety mechanisms allocated with ASIL D(D) or EEC in Failure class 2 |
| 2 | Extremely Low | Failure happen in HW TEST SW TEST IN UNIT LEVEL | EEC in Failure class 1 |
| 1 | Cannot Occur | NOT occurs in all of VV tests |
Sixth: Monitoring value in MSR
| M | Effectiveness of monitoring controls and system response | Diagnostic mechanism |
| 10 | Not effective | Safety mechanism or diagnostic mechanism DC<10% |
| 9 | Very Low | Safety mechanism or diagnostic mechanism DC<30% |
| 8 | Low | Safety mechanism or diagnostic mechanism DC<60% |
| 7 | Moderately Low | Safety mechanism or diagnostic mechanism DC>60% |
| 6 | Moderate | Safety mechanism or diagnostic mechanism DC>90% |
| 5 | Moderate | Safety mechanism or diagnostic mechanism DC in (90%,97%) |
| 4 | M oderately High | Safety mechanism or diagnostic mechanism DC in (97%,99%) |
| 3 | High | Safety mechanism or diagnostic mechanism DC>99% |
| 2 | Very High | Safety mechanism or diagnostic mechanism DC>99.9% |
| 1 | Reliable and acceptable for elimination of original failure effect | Safety mechanism or diagnostic mechanism DC>99.99% |
Note: FMEA-MSR are just evaluate for those safety mechanisms allocations to failure modes, in here,
(1)if there are S=10, 9 that means the residual fault
(2)if there are S=7, 8 that means the multipoint fault or safe fault
Thanks!
[Reference]
ISO 26262
FMEA Handbook V5
https://wenku.baidu.com/view/a918939fa8956bec0875e3ba.html
- 用户评论
