There are two ways to approach fault analysis — Failure Modes, Effects and Criticality Analysis (FMECA), which is currently the most common approach, and Fault Tree Analysis (FTA). Both look at the effects of component failures on a system, but come at it from different ways. FMECA starts from the lowest levels of the system and considers the effect at the top level of the system of a failure at the lower level. FTA starts with a possible failure mode of the system, and then works down to see what could cause it. The Reliability Toolkit1, gives selection criteria for when to use either of these two approaches.
- The primary concern is safety of public or operating and maintenance personnel
- A small number of clearly differentiated “top events” can be identified
- Completion of a functional profile is of critical importance
- There is a high potential for failure from “human error”
- There is a high potential for failure from “software error”
- The primary concern is a quantified “risk evaluation”
- Product functionality is highly complex and/or it contains highly-interconnected functional paths
On the other hand, the FMECA is the preferred approach when:
- “Top events” cannot be explicitly defined or limited to a small number
- The primary concern is the identification of “all possible” failure modes
- The product has little human or software intervention
It is clear that, from this analysis, FTA is the more appropriate approach in many cases.
In addition, FTA is an easier and faster mode of analysis for (at least) two reasons. Firstly, it focuses on a select subset of the possible modes, those that have a “catastrophic” consequence. Secondly, it is my experience that it seems more relevant to the engineering mind as the consequence provides a focus. Also, it is generally done graphically so is easier to visualize than the tables of a FMECA.
Even more so than a FMECA, the FTA is an invaluable tool in the initial design stages as it can be applied even at the block diagram stage to determine critical areas. Unlike a FMECA, operator, software and external input effects can be easily included. An added benefit is that the FTA provides a basis for maintenance troubleshooting procedures.
References:
1. Reliability Toolkit: Commercial Practices Edition, Rome Laboratory & Reliability Analysis Center.
It should be added that FTA relies on the experience of the participants; it is inductive. For a new product which is “disruptive” in that it uses a new technology for a novel application, there may not be enough similarity with past experience to just perform an FTA. The set of three FMEAs (application, design, and process) are a surer way to bring risks to the surface.
The FTA shines in that, if done early enough, it can highlight some single failures that directly lead to an unacceptable harm, resulting in architecture changes to the product to block this. I call this Fault Tree Synthesis.
Finally, FTA can also show which subsytems do not have to be run through the sometimes exhaustive design FMEA process, thus saving effort.