DIN EN 16602-30-02
Space product assurance - Failure modes, effects (and criticality) analysis (FMEA/FMECA); English version EN 16602-30-02:2014
Raumfahrtproduktsicherung - Fehlermöglichkeits-, Einfluss- (und Kritikalitäts-)Analyse (FMEA/FMECA); Englische Fassung EN 16602-30-02:2014
Overview
The Failure Mode and Effects Analysis (FMEA) and Failure Mode, Effects, and Criticality Analysis (FMECA) are performed to systematically identify potential failures in products (functional and hardware FMEA/FMECA) or processes (process FMECA), and to assess their effects in order to define mitigation actions, starting with the highest-priority ones related to failures having the most critical consequences. The failure modes identified through the Failure Mode and Effect Analysis (FMEA) are classified according to the severity of their consequences. The Failure Mode, Effects, and Criticality Analysis (FMECA) is an extension of FMEA, in which the failure modes are classified according to their criticality; that is, the combined measure of the severity of a failure mode and its probability of occurrence. The FMEA/FMECA is basically a bottom-up analysis considering each single elementary failure mode and assessing its effects up to the boundary of the product or process under analysis. The FMEA/FMECA methodology is not adapted to assess combination of failures within a product or a process. The FMEA/FMECA, is an effective tool in the decision-making process, provided it is a timely and iterative activity. Late implementation or restricted application of the FMEA/FMECA dramatically limits its use as an active tool for improving the design or process. Initiation of the FMEA/FMECA is takes place as soon as preliminary information is available at a high level and extended to lower levels as more details are available. The integration of analyses performed at different levels is addressed in a specific clause of this standard. The level of the analysis applies to the level at which the failure effects are assessed. In general a FMEA/FMECA need not be performed below the level necessary to identify critical items and requirements for design improvements. Therefore a decision on the most appropriate level is dependent upon the requirements of the individual programme. The FMEA/FMECA of complex systems is usually performed by using the functional approach followed by the hardware approach when design information on major system blocks becomes available. These preliminary analyses are carried out with no or minor inputs from lower level FMEAs/FMECAs and provide outputs to be passed to lower level analysts. After performing the required lower level FMEAs/FMECAs, their integration leads to the updating and refinement of the system FMEA/FMECA in an iterative manner. The software (S/W) is analysed only using the functional approach (functional FMEA/FMECA) at all levels. The analysis of S/W reactions to hardware (H/W) failures is the subject of a specific activity, the Hardware-Software Interaction Analysis (HSIA). When any design or process changes are made, the FMEA/FMECA is updated and the effects of new failure modes introduced by the changes are carefully assessed. Although the FMEA/FMECA is primarily a reliability task, it provides information and support to safety, maintainability, logistics, test and maintenance planning, and failure detection, isolation and recovery (FDIR) design. The use of FMEA/FMECA results by several disciplines assures consistency and avoids the proliferation of requirements and the duplication of effort within the same programme. This standard is part of a series of ECSS standards belonging to the ECSS-Q-ST-30 "Space product assurance - Dependability". This standard defines the principles and requirements to be adhered to with regard to failure modes, effects (and criticality) analysis (FMEA/FMECA) implementations in all elements of space projects in order to meet the mission performance requirements as well as the dependability and safety objectives, taking into account the environmental conditions. This standard defines requirements and procedures for performing a FMEA/FMECA. This standard applies to all elements of space projects where FMEA/FMECA is part of the dependability programme. Complex integrated circuits, including Application Specific Integrated Circuits (ASICs) and Field Programmable Gate Arrays (FPGAs) and software are analysed using the functional approach. Software reactions to hardware failures are addressed by the Hardware-Software Interaction Analysis (HSIA). Human errors are addressed in the process FMECA. Human errors may also be considered in the performance of a functional FMEA/FMECA. The extent of the effort and the sophistication of the approach used in the FMEA/FMECA depend upon the requirements of a specific programme and should be tailored on a case by case basis. The approach is determined in accordance with the priorities and ranking afforded to the functions of a design (including operations) by risk analyses performed in accordance with ECSS-M-ST-80, beginning during the conceptual phase and repeated throughout the programme. Areas of greater risk, in accordance with the programme risk policy, should be selectively targeted for detailed analysis. This is addressed in the RAMS and risk management plans. This standard may be tailored for the specific characteristic and constraints of a space project in conformance with ECSS-S-ST-00. This document (EN 16602-30-02:2014) has been prepared by Technical Committee CEN/CLC/TC 5 "Space", the secretariat of which is held by DIN (Germany). This document has been developed to specifically cover space systems and therefore has precedence over any European Standard since it covers the same scope but with a wider domain of applicability (for example aerospace).