Failure Mode and Effects Analysis - Politecnico di Milano · SAE ARP 5580: “Recommended failure...

Prof. Enrico Zio

Failure Mode and Effects Analysis

Prof. Enrico Zio

Politecnico di Milano

Dipartimento di Energia

Prof. Enrico Zio

FMEA

• Qualitative

• Inductive

AIM:

Identification of those component failure

modes which could fail the system (reliability)

and/or become accident initiators (safety)

Prof. Enrico Zio

▪ Developed by the U.S. Military (MIL-P-1629 “Procedures for

performing a failure mode, effects and criticality analysis” 1949)

▪ FMEA/FMECA is the most widely used risk analysis technique

▪ Qualitative

▪ Inductive (consequence analysis)

▪FMEA is often used as a synonym for FMECA. The distinction

between the two terms has become blurred. In this presentation, the

two terms are used indifferently

▪Letter ‘C’ in FMECA indicates that a Criticality Analysis (CA) is

performed with the aim of ranking the various failure modes

FMEA/FMECA

Prof. Enrico Zio

FMEA

▪FMEA is usually carried out by a team of

members with diverse skills (multidisciplinary)

▪If performed as a timely, iterative activity, it is

an effective tool in the decision making process

Design

FMECA Criticalities

Revise

DesignFMECA

LOOP

Prof. Enrico Zio

FMEA

▪Late implementation or restricted

application of the FMEA dramatically limits

its effectiveness in improving the design or

process

▪When any product or process changes are

made, the FMEA is updated and the effects of

new failure modes introduced by the

changes carefully assessed

Prof. Enrico Zio

FMEA: Procedure steps

1. Decompose the system in functionally independent subsystems;

2. For each subsystem identify its mission phases (start-up, regime, shut-down, maintenance, etc.) and configurations (valves open or closed, pumps on or off, etc.);

3. For each subsystem in each of its operation modes, compile a FMEA table

Prof. Enrico Zio

1. Decompose the system in functionally independent subsystems


Prof. Enrico Zio

1. Decompose the system in functionally independent

subsystems

2. Define the mission phases (e.g., start-up, shut-

down, maintenance, etc.) and their expected

durations


Prof. Enrico Zio


subsystems

2. Define the mission phases (e.g., start-up, shut-down,

maintenance, etc.) and their expected durations

3. For every mission phase, define each of the

independent units in terms of:

▪ required functions and outputs

▪ internal and interface functions

▪ expected equipment utilization and performance

▪ Internal and external restraints


Prof. Enrico Zio


subsystems









4. Construct block diagrams (evidence the

relationships between the items)


Prof. Enrico Zio

Motor

subsystem

Electric

subsystem

EXAMPLE: car

Prof. Enrico Zio


subsystems









4. Construct block diagrams (highlight the

relationships between the items)

5. Compile the FMEA table


Prof. Enrico Zio

FMEA TABLE

SUBSYSTEM:

OPERATION MODE:

component

Failuremode

Effects on other

components

Effects on

subsystem

Effects on plant

Probability* Criticality+

Detection

methods

Protections and

mitigation

Remarks

Description

Failure modes

relevant for the

operational mode

indicated

Effects of failure

mode on adjacent

components and

surrounding environmen

t

Effects on the

functionality of the

subsystem

Effects on the

functionality and

availability of the

entire plant

Probability of failure

occurrence(sometimes qualitative)

Criticality rank of

the failure mode on the basis

of its effects

and probabilit

y (qualitativ

e estimation of risk)

Methods of

detection of the

occurrence of the failure event

Protections and

measures to avoid the

failure occurrence

Remarks and

suggestions on the need to consider

the failure mode as accident initiator

Probability: negligible, rare, likely, very likely

Criticality: safe, marginal, critical, catastrophic

Prof. Enrico Zio

Failure mode: The manner by which a failure is

observed. Generally, it describes the observable

effect of the mechanism through which the failure

occurs (e.g., short-circuit, open-circuit, fracture,

excessive wear)

component Failuremode

Effects on other

components

Effects on subsystem

Effects on plant

Probability* Severity + Criticality Detection methods

Protection and

mitigation

Description Failure modes

relevant for the

operational mode

indicated

Effects of failure mode on adjacent components

and surrounding environment

Effects on the


subsystem

Effects on the

functionality and

availability of the entire

plant



Worst potential consequences

(qualitative)

Criticality rank of the

failure mode on

the basis of its effects

and probability (qualitative estimation

of risk)

Methods of detection of

the occurrence of the failure

event

Protections and


failure occurrence

FMEA TABLE

Prof. Enrico Zio


Effects on other

components


Effects on plant


Protection and

mitigation


relevant for the

operational mode

indicated



Effects on the


subsystem

Effects on the

functionality and


plant




(qualitative)


failure mode on



of risk)



event

Protections and


failure occurrence

Failure effect: the consequence(s) a failure mode has

on the Operation, Function or Status (OFS) of an item

In some contexts, the effects are distinguished in:

•Local effects: on the OFS of the specific item being

analyzed

•Next higher level: on the OFS of the next higher

indenture level

•End effects: on the OFS of the highest indenture level

FMEA TABLE

Prof. Enrico Zio


Effects on other

components


Effects on plant


Protection and

mitigation


relevant for the

operational mode

indicated



Effects on the


subsystem

Effects on the

functionality and


plant




(qualitative)


failure mode on



of risk)



event

Protections and


failure occurrence

OUTPUT: suggestions to improve the design and/or remarks of

barriers already considered in the current design

Corrective actions: A documented design, process, procedure, or

materials change implemented and validated to correct the cause of

failure or design deficiency

Compensating provisions: Actions that are available or can be taken

to negate or mitigate the effect of a failure on a system

FMEA TABLE

Prof. Enrico Zio


Effects on other

components


Effects on plant


Protection and

mitigation


relevant for the

operational mode

indicated



Effects on the


subsystem

Effects on the

functionality and


plant




(qualitative)


failure mode on



of risk)



event

Protections and


failure occurrence

Criticality Analysis (CA): a procedure by which each

potential failure mode is ranked according to the

considered criticality index.

The objective of CA is to identify the most importantcomponents from the safety/performance point of view

There are different approaches to CA, which depend onthe type of FMECA

FMEA TABLE

Prof. Enrico Zio

EXAMPLE: SMALL EXTERNAL POOL

The water of the pool is in re-circulation through pumps that aspire the water of the

compensation tank making it pass through the treatment organs before throw it

again in the pool.

SYSTEM TO

CORRECT WATER

PH

SYSTEM TO

DISINFECT THE WATER

SYSTEM TO

FILTER

THE WATER

Prof. Enrico Zio

Ex. 1: FMECA

The objective of the FMECA analysis is to identify the possible failure modes

of the different components and their effect to the normal operation that can

contribute to the reduction of the quality of the water.

Criticality

classFrequency

Marginal Reasonably

probable

Marginal Remote

Marginal Probable

Critical Reasonably

probable

Marginal Remote

Prof. Enrico Zio

FMEA: comments

1. Only single failures, except for standby and protection components

2. No common cause failures

3. At system design phase, no components but functions

4. Simple and systematic (computer tools available)

5. Subjective (relies on analyst’s expertise)

6. Often used in support to the construction of FT and for RCM

Prof. Enrico Zio

DIFFERENT TYPES OF FMECA

Prof. Enrico Zio

The way in which the FMEA study is performedstrongly depends on:

▪The objective (Design-FMEA, Process-FMEA)

Causes of the Failure Modes Indenture levels

D-FMEA Due to the concepts of the

design of the product

•System

•Subsystems

•Components

•…

P-FMEA Due to the manufacturing

of the product

•Process

•Process Phase

•Elementary operation

FMECA

Prof. Enrico Zio

Design-FMEAs

The primary objective of a D-FMEA is to uncover

potential failures associated with the current

design of the product that could cause:

▪Product malfunctions.

▪Shortened product life.

▪Safety hazards while using the product.

Design-FMEAs should be used throughout the

design process, from preliminary design until

the product goes into production.

D-FMEA: Improve the design

Prof. Enrico Zio

Process-FMEAsProcess-FMEAs uncover potential failures that can:

▪Impact product quality.

▪Reduce process reliability.

▪Cause customer dissatisfaction.

▪Create safety or environmental hazards.

Ideally, P-FMEAs should be conducted prior to start-up of a new

process, but they can be conducted on existing processes as well.

The focus is the

performance of

the process

Severity ranking

D-FMEA: Improve the process

Prof. Enrico Zio



▪The industrial field (Aerospace, Military, Nuclear,Automotive, Oil & Gas, etc.)

FMEA

Prof. Enrico Zio

▪MIL-STD-1629: “Procedures for performing a failure mode, effects andcriticality analysis”

▪IEC 60812: “Procedures for failure mode and effect analysis (FMEA)”

▪BS 5760-5: “Guide to failure modes, effects and criticality analysis

(FMEA and FMECA)”

▪ECSS-Q-30-02A: Failure Mode and Effect and Criticality Analysis

(FMECA)

▪SAE ARP 5580: “Recommended failure modes and effects analysis

(FMEA) practices for non-automobile applications”

▪SAE J1739: “Potential Failure Mode and Effects Analysis in Design

(Design FMEA) and Potential Failure Mode and Effects Analysis in

Manufacturing and Assembly Processes (Process FMEA) and Effects

Analysis for Machinery (Machinery FMEA)”

▪SEMATECH: “Failure Modes and Effects Analysis(FMEA): A Guide for

Continuous Improvement for the Semiconductor Equipment Industry”

FMEA: the industrial fields

Prof. Enrico Zio

The main difference between the different standards lies in theway in which the Criticality Analysis is performed

In general, the greater the criticality and the more urgent the

need for implementing corrective action

Qualitative Methods: Risk Matrix

Likelihood

Severity

Negligibl

e

Minor Medium Major Severe

Almost Certain M H H VH VH

Likely M M H H VH

Possible L M M H VH

Unlikely L M M M H

Rare L L M M H

LEGEND:

L=Low

M=Medium

H=High

VH=Very High

ALARP: As Low

As Reasonably

Practicable

FMEA: the industrial fields

Prof. Enrico Zio

Quantitative Methods

•RPN=Severity x Probability x Detectability

•Criticality Number (CN): Severity x Probability

•Criticality Index Ic= Σi=1:n λ x αi x βi x t

•λ = failure rate of the item

•αi = portion of the item’s unreliability due to the i-th failure mode

•βi = probability that the i-th failure mode leads to the considered loss (or

severity)

•t = Operating time

•n = number of failure modes of the item

threshold

severity

Rank

Compare to a

threshold

FMEA/FMECA: the industrial fields

Prof. Enrico Zio

The way in which the FMEA study is performed stronglydepends on:


▪The industrial field (Aerospace, Military, Nuclear,Automotive, etc.)

▪The design phase (Functional-FMEA, Hardware-FMEA)

FMEA

Prof. Enrico Zio

Variations in design complexity and available data will

generally dictate the analysis approach to be used

Hardware Approach: lists individual hardware items and

analyzes their possible failure modes. It is normally used when

hardware items can be uniquely identified from schematics,

drawings, and other engineering and design data

Functional approach: recognizes that every item is designed

to perform a number of functions that can be classified as

outputs. It is normally used when hardware items cannot be

uniquely identified or when system complexity requires

analysis from the initial indenture level downward. The

outputs are listed and their failure modes analyzed

For complex systems, a combination of the functional and

hardware approaches may be considered

FMEA: the design phase

Prof. Enrico Zio

Functional approach

FMEA: the design phase

Prof. Enrico Zio


▪1. The objective (Design-FMEA, Process-FMEA)

▪2. The industrial field (Aerospace, Military, Nuclear,Automotive, etc.)

▪3. The design phase (Functional-FMEA, Hardware-FMEA)

▪4. The indenture level (Component-FMEA, System-FMEA)

FMEA

Prof. Enrico Zio

A complex system is made up of a number ofsubsystems and items

In general, the design of a complex system defines therequirements of its subsystems, which are designed bysuppliers according to the corresponding requirements

Each of the suppliers provides a component FMEA,which is used to carry out the System FMEA

FMEA: the indenture levels

Prof. Enrico Zio

Component FMECA:

Example: on-board battery of an aerospace system

FMEA

Prof. Enrico Zio

Component FMECA:

Example: on-board battery of an aerospace system

Fault TreeNeutralization

system

FMEA

Prof. Enrico Zio

▪Ensure that all conceivable failure modes and their effects on

system operational success have been considered

▪FMECA is an essential reliability task, which provides information

to:

1. Assist in selecting design alternatives with high reliability

and high safety potential (early design phases)

2. Develop early criteria for test planning and requirements for

test equipment

3. Provide historical documentation for future reference to aid

in analysis of field failures and consideration of design

changes

4. Provide a basis for maintenance planning

5. Provide a basis for quantitative reliability and availability

analyses

6. Provide a basis for survivability and vulnerability analyses

FMEA: Strength

Prof. Enrico Zio

▪Often used in support to the construction of FT and for

RCM

▪The concept and application are easy to learn, even by a

novice

▪The approach makes evaluating even complex systems

easy to do

▪Computer tools available

FMEA: Strength

Prof. Enrico Zio

▪ No common cause failures

▪ Subjective (relies on analyst’s expertise)

▪ Inadequate attention given to human errors

▪ The approach is not suitable for multiple failures

▪ The FMECA process may be time-consuming and

expensive

FMEA: Weakness

Prof. Enrico Zio

FMEA Example

Consider a ball valve, which is made up of the following subsystems:

Body

Closure

Ball

Stem

Splined Shaft

Miscellaneous parts (Studs,

Keys, etc.)

Stem

Seat Ring

O-Ring

Splined

Shaft

Ball

Body

Bearing

Closure

Stud nut

Drain

Prof. Enrico Zio

Closure

FMEA Example

Perform a FMEA for the following components: Body

Stem

Seat Ring

Severit

y level

5 Major damage to other

systems/ subsystems

4 Major damage to the

considered part

3 Major loss of

performance (intended

use not completely

fulfilled)

2 Small loss of

performance (main

functions not affected)

1 Negligible effects

Stem

Seat Ring

O-Ring

Splined

Shaft

Ball

Body

Bearing

Stud nut

Drain

Prof. Enrico Zio

Severity level

5 Major damage to other systems/ subsystems

4 Major damage to the considered part

3 Major loss of performance (intended use not completely fulfilled)

2 Small loss of performance (main functions not affected)

1 Negligible effects

Likelihood level

H High

M Medium

L Low

R Rare

5 4 3 2 1

H C C C C

M C C C

L C C

R C

Prof. Enrico Zio

Solution

Failure Modes and Effects Criticality Analysis

System: Ball Valve Date: Sheet: 1 of 1

Subsystem: Body Authors:

No FM Cause Local Effect System Effect

Seve

rity

Occ

urr

en

ce

Cri

tica

lity

Compensating Provision/ Mitigation acts

1 Breakage

Incorrect forging process; erroneous design

Pressure drop

external leakage 5 R Yes

Non-destructive tests; qualification test; material acceptance test; calculation procedure in conformity with international standard

2 Warpage

shocks due to external objects; incorrect forging process;

Pressure drop

Possible externalleakage, internal parts jammed 3 R No

Qualification test; material acceptance test

Prof. Enrico Zio

Solution



Subsystem: STEM Authors:


Seve

rity

Occ

urr

en

ce

Cri

tica

lity


1 Breakage

Incorrect forging process; erroneous design

Pressure drop; loss of open/close capability

Loss of open/close capability;external leakage 5 R yes

Non-destructive tests; qualification test; material acceptance test; calculation procedure in conformity with international standard

2 Warpage

Shocks due to external objects; incorrect forging process; Pressure drop

Possible external leakage 3 R No Qualification test; material acceptance test

3 Jamming

Excessive warpage; dirt accretion; small design tolerance; center thrown off; inadequate coating

Excessive maneuver torque

Loss of open/close capability 4 L Yes

design verification; acceptance test

4 Corrosion

dirt accretion; center thrown off; chemically harsh fluids

Excessive maneuver torque;pressure drop

Possible external leakage, internal parts jammed 4 L Yes

Analysis of customer's requirements; welding facing

Prof. Enrico Zio

Solution



Subsystem: seat ring Authors:


Seve

rity

Occ

urr

en

ce

Cri

tica

lity


1 Breakage

Mounting error; manufacturing errors; incorrect design; Pressure drop

Loss of open/close capability; 4 L Yes

Training of personnel; qualification test; material acceptance test; design verification

2 Corrosion

dirt accretion; chemically harsh fluids

Internal leakage; pressure drop

Excessive maneuver torque; 3 L No

Attention paid to material analysis during design and acceptance test;

Prof. Enrico Zio

Questions: Audi A4L

Basic version

31.200

Ultimate version

53.400

Prof. Enrico Zio

Questions

Basic version

31.200Ultimate version

53.400

Heated seat

Independent

air

conditioning

Dolby 7.1

sound

LED

headlamps

Prof. Enrico Zio

Questions

Basic version =22.200Ultimate version -

22.200

10.000

Basic version

Ultimate version

Heated seat

Independent

air

conditioning

Dolby 7.1

sound

LED

headlamps

Refit of Basic version!!

Prof. Enrico Zio

Questions

“Cheap Ultimate”

Basic version+10,000

41.200

“true Ultimate”

53.400

Two choices

Prof. Enrico Zio

Questions



41.200

“true Ultimate”

53.400

After 3 years…

Prof. Enrico Zio

Questions



41.200

“true Ultimate”

53.400

Without FMECA to the new

components bring by refit.

Unknown potential risk

and hazard!

With FMECA to the all the

components.

Price of FMECA!

53.400-41.200=12.200

Failure Mode and Effects Analysis - Politecnico di Milano · SAE ARP 5580: “Recommended failure...

Documents

Transcript of Failure Mode and Effects Analysis - Politecnico di Milano · SAE ARP 5580: “Recommended failure...