Today’s blog post is all about FMEA, a core tool of IATF 16949, and its specific type called FMEA MSR. This technique is used for analyzing the monitoring capabilities of a system and its response to detected errors to achieve a safe state.
IATF 16949 & FMEA
The basics of customer-specific requirements include quality techniques for the analysis of product suitability, product safety and the safety of product manufacture. This involves the Failure Mode and Effects Analysis (FMEA), which primarily supports risk management.
FMEA MSR vs. Product-FMEA
In the harmonized FMEA manual (2019 edition), a new method called FMEA MSR was introduced alongside the known Product and Process FMEAs. The acronym MSR stands for Monitoring and System Response. This method deals with analyzing the monitoring capabilities of the system and the system’s response to the detected errors with the aim of achieving a safe state.
In a Product or Design FMEA, potential errors that may occur during the development phase are analyzed. Detection measures are implemented during the development phase to discover these potential errors. The goal is to identify these errors before the product is released and prevent them through appropriate measures. The discoveries of these errors are usually made through design reviews or tests on test stands under specific conditions that can provoke potential errors early on.
Take the first step towards mastering FMEA by contacting our experienced consultants: email@example.com. Let us help you learn how to use FMEA SR in practice and take your skills to the next level.
The FMEA MSR differs in that it analyzes potential errors that may occur under normal operating conditions, i.e., in the field. These errors should be detected through monitoring mechanisms and diagnostics and reported to the system. The system’s response should then achieve a defined, safe state.
This means that an FMEA MSR ensures that a safety-critical error is reliably detected and addressed by the system. The cause and analysis of why an error occurred are more focused on in the Design FMEA (D-FMEA).
The assessment of the error risk is based on the criteria of significance and frequency, similar to the criteria used in Design FMEA. The only difference is the use of monitoring, which replaces detection. With monitoring, the error should be detected in the field/operation or treated with the appropriate system response. If you will, monitoring is a combination or rather a mix of system detection and response.
FMEA MSR as a new method?
Is the FMEA MSR method completely new? Yes and no! According to the FMEA manual, prior to the latest edition in 2019, there were only two types of FMEAs: Design (Product) FMEA and Process FMEA. However, in practice, System FMEA is often discussed. According to the FMEA manual, it is a sub-type/variant of Design FMEA and consists of various subsystems and components represented as system elements.
The aim of System FMEA is the same as Design FMEA, i.e., to detect and prevent errors in the early development phase, but at the system level, so to speak.
However, in practice, even before the definition of FMEA MSR, particularly in projects involving functional safety, a qualitative FMEA or a quantitative FMEDA was conducted with the aim of detecting errors during the operation mode of the product/system and reacting accordingly. So the method is not completely new, it was just not defined and documented accordingly in the automotive standards landscape until the latest edition of the FMEA manual.
FMEA MSR & Functional Safety
ISO 26262 defines the inductive analysis method, such as FMEA, as a method for safety analysis. Here, FMEA MSR can serve as a tool, either on its own or as a complement to Design FMEA, which analyzes monitoring and system reaction to maintain functional safety.
In practice, when functional safety is required, FMEDA (Failure Modes Effects and Diagnostic Analysis) is often used as a safety analysis. Unlike FMEA MSR, FMEDA is a quantitative analysis. The table below shows the relationships between FMEA MSR and FMEDA.
Frequency: A qualitative estimate of how often the considered cause of error occurs in an operational situation.
FIT rates: A quantitative evaluation of the measured or calculated reliability of an E/E component.
Monitoring: Assessment of the ability of a system and/or individuals to detect a specific error and to respond to the discovered error within the error tolerance time.
Diagnostic Coverage: Assessment of the ability of a system to detect a certain percentage of all possible errors and to respond within an allowable fault handling time.
Should FMEA MSR be applied or not?
FMEA MSR can be applied wherever there is a risk of personal injury or non-compliance with legal or regulatory requirements. It adds value by monitoring and initiating a system response to achieve a safe condition. FMEA MSR can be performed either as a supplement to Design FMEA or as a stand-alone analysis. However, detection should not be confused with monitoring.
The use of FMEA MSR in functional safety is generally appropriate as this method has been defined in the latest edition of the FMEA Handbook. It can help to decide whether the system architecture can achieve the safety objectives and whether additional measures such as diagnostics, redundancies or additional plausibility checks are required. For semiconductors, it is recommended to perform an FMEDA instead, where FIT rates can be divided into areas and different safety mechanisms with diagnostic coverage can be defined. In this case, an FMEA MSR would not add value.
Therefore, whether it makes sense to use FMEA MSR as a risk analysis tool depends on the project and the intended use, as would be said in medical device industry. For projects with safety goals, it generally makes sense to use FMEA MSR at the system level to get results faster. However, for deeper analyses, where an FMEDA or a deductive analysis such as FTA is recommended, it may not make sense to perform an additional FMEA MSR.
By Dijaz Maric, Quality Management & Reliability Engineering Consultant