Lecture: Reliability & FMECA Lecturer: Dr. Dave Olwell Dr. Cliff Whitcomb, CSEP System Suitability

2 About the Lecturer Dr. David Olwell Chair, Department of Systems Engineering, NPS Research interests are primarily reliability engineering and analysis Phone: (831) (W)

3 Objectives Be able to construct a FMECA using Risk Priority Numbers Interpret a Fault Tree Be able to perform a simple reliability prediction for a series system with independent exponential failure times Understand the principles of sequential testing

4 Reading B&F (4ed)

5 FMECA Discussion in text (section ) is good Figure can easily be implemented in spreadsheet, although for large systems commercial software is useful Bottom line: RPN is used to score failure modes on a set of subjective scales, and the score orders them. We start by mitigating the ones with the highest number, and work down to some stopping point.

6 FMECA/FMEA Failure Modes and Effects Analysis (FMEA) and Failure Modes, Effects and Criticality Analysis (FMECA) are methodologies designed to identify potential failure modes for a product or process before the problems occur, to assess the risk associated with those failure modes and to identify and carry out measures to address the most serious concerns.

7 Standards MIL-STD-1629A SAE International’s J1739 and ARP5580 documents (for automotive and non- automotive applications, respectively) Automotive Industry Action Group’s (AIAG) FMEA-3

8 Figure

9 Common Themes Item/Process: Identify the item or process that will be the subject of the analysis, including some investigation into the design and reliability characteristics. For FMEA analysis of a product or system, the analysis could be performed at the system, subsystem, component or other level of the system configuration. Functions: Identify the functions that the item or process is expected to perform. Failures: Identify the known and potential failures that could prevent or degrade the ability of the item/process to perform its designated functions. Failure Effects: Identify the known and potential effects that would result from the occurrence of each failure. It may be desirable to consider the effects at the item level (Local Effects), at the next higher level assembly (Next Higher Level Effects) and/or at the system level (End Effects). Failure Causes: Identify the known and potential causes for each failure.

10 Common Themes Current Controls: Examine the control mechanisms that will be in place to eliminate or mitigate the likelihood that the potential failures will occur (e.g. end of line inspections, design reviews, etc.). Recommended Actions: Identify the corrective actions that need to be taken in order to eliminate or mitigate the risk and then follow up on the completion of those recommended actions. Prioritize Issues: Prioritize issues for corrective action according to a consistent standard that has been established by the organization. Risk Priority Number (RPN) ratings and Criticality Analysis are common methods of prioritization and they are described later. Other Details: Depending on the particular situation and on the analysis guidelines adopted by the organization, other details may be considered during the analysis, such as the operational mode when the failure occurs or the system’s intended mission. Report: Generate a report of the analysis in the standard format that has been established by the organization. This is generally a tabular format similar to the one shown in Figure 1. In addition, the report may include block diagrams and/or process flow diagrams to illustrate the item or process that is the subject of the analysis. If applicable, the criticality analysis may be included in a separate table and various plots/graphs can be included to display statistics on the modes and rankings.

11 Figure

12 RPN (Risk Priority Number) Severity (S) –1-10 scale –A rating of the severity or seriousness of each potential failure effect. Occurrence/frequency (O) –1-10 scale –A rating of the likelihood of occurrence for each potential failure cause. Detection (D) –A rating of the likelihood of detecting the failure cause. –1-10 scale, hard to detect being higher RPN = S*O*D

13 Comment Scales are arbitrary –Implies they can only be used for ranking failure modes internal to the system, and may not be not useful for comparing across systems Must be well defined enough so that different people assign the same number

14 Example: Battery  Severity: 8 - Extreme Effect. Product inoperable but safe. Customer very dissatisfied.  Occurrence: 5 - Low. Occasional number of failures likely; expect about 2.7 failures per 1000 due to this cause.  Detection: 1 - Almost Certain. The operator will almost certainly be able to detect the failure

15 Criticality = (Q)(FMFR)(P L ) Item Unreliability (Q): The probability of failure for the item at the time of interest for the analysis. Failure Mode Ratio of Unreliability (FMFR): The ratio of the item unreliability that can be attributed to the particular failure mode. For example, if an item has four failure modes, then one mode may account for 40% of the failures, a second mode may account for 30% and the two remaining modes may account for 15% each. Probability of Loss (PL): The probability that the failure mode will cause a system failure (or will cause a significant loss). This is an indication of the severity of the failure effect and may be set according to the following scale: –Actual Loss = 100% –Probable Loss = 50% –Possible Loss = 10% –No Loss = 10% Criticality Analysis – A different approach

16 Battery Criticality is (0.08)(0.25)*(1.0) = (.02) Use for relative rankings, not necessarily an absolute scale

17 Recommendations An important use of the FMECA is to document mitigation strategies The estimated reduction in the RPN is shown if the suggested mitigation is adopted Useful to compare “before” and “after” risk In the early FMECA, recommendations suggested reduced risk for the first failure mode from 294 to 28

18 Comment This FMECA approach is commonly used for reliability, but can be applied to other domains where risk identification and mitigation are of interest

19 Fault Trees Fault trees emphasize what must occur for system failures while reliability block diagrams emphasize what must occur for a systems to work They are logically equivalent Partial FTs can be useful when trying to isolate fault structure Discussion in book is pretty good, if short

20 B&F Textbook Example Here is an example of the RBDs from Figure reworked as fault trees

21 Simple reliability prediction Requires either data or assumptions –If reliability of components is known, use their data –Be careful to verify that the conditions of use are the same as those that generated the historical data –If making assumptions, be realistic and conservative

22 Example Here is an example of reliability prediction for Figure 12.10(a) using the data from Table 12.2 and a mission time of 100 hours

23 Sequential testing Sequential testing allows early termination of a reliability test –If the system exceeds requirements or fails requirements by a large margin, the test terminates early –For ‘close calls’, it takes more testing to accumulate enough data to decide –Idea covered again in system assessment course

24 Example The example in the text (Section and Figure 12.26) is good Focus on understanding the interpretation of Fig –That example assumes exponential failure times…. –Know the four key elements for constructing the figure: producer risk, consumer risk, threshold MTBF, objective MTBF –The horizontal axis is total time on test, or TTT, and is the sum of all the running time of the units that have failed or are still being tested

25 Operational Testing Study section

26 Conclusion Reliability is a very important element of suitability Several NPS courses are available for further study: –OA4302 Reliability and Weapon System Effectiveness Measurement –SE3321 Reliability Management and Data Systems –SE3322 Reliability Centered Maintenance –SE4321 Reliability Growth and Accelerated Testing