FMEA is a structured qualitative analysis both applicable to products and services. With a systematic, step-by-step approach, it identifies and evaluates the possible effects of all the failure modes of a component. The purpose is to estimate the risk and to define prevention, detection or control measures that could be adopted to avoid, handle or limit the damage.
FTA is a deductive, top-down method which aims to identify potential causes of the system failures using a Boolean logic approach: its result is a Fault Tree Diagram, that graphically represents the logical relationship between different components or sub-system failures which may cause a system failure.
The requirements for the IEC 61508 module test may be undemanding for some modules if the Software Criticality Analysis is used.
This Software illustrates three categories of safety criticality; safety critical, safety related and non-interfering (see also Interference Freeness Analysis). IEC 61508 test requirements may be totally undemanding if a module is demonstrably non-interfering. Turn these requirements into a more unrestrained ones can save time but do not forget that improvement in quality ensured by the module testing is essential, including in cases of non-safety devices.
The HAZAN, in Automotive Hazard Analysis and Risk Assessment (HARA), is an evaluating procedure that considers the behaviour of critical SW functions under expected fault conditions, in order to determine if sufficient protection measures are in place to avoid or oppose the fault condition effects.
Through a review of the SW architecture and source code structure it is possible to identify, detect and handle the potential systematic problems, adopting run-time safety integrity measures that must be implemented.
The list of protection measures also contributes to the creation of a checklist for Fault Injection and Integration testing: in this phase of the test, component failures are simulated to confirm the existence of presumed diagnostics and to determine the exact behaviour in situations where that behaviour is not readily derivable from the design.
FMEDA is an inductive, bottom-up and quantitative analysis to estimate failure rates and metrics applicable to a hardware component, system or item, considering the design, the functionality and the failure modes.
For each failure mode, FMEDA determines the effects in relation to a safety goal or to a top-level safety requirement.
When a product used in a safety critical application has mechanical components, it is recommended to perform a Mechanical FMEDA, considering both, the electrical and mechanical components to prove the robustness against systematic design faults.
For this specific purpose, exida developed a mechanical components database, integrated in the SILcal V9 tool.
DFA aims to identify the single events or single causes that could bypass or invalidate a required independence or freedom from interference between given elements and violate a safety requirement or a safety goal.
CCFA is an advanced technique evaluating the behaviour of redundant subsystems to determine if sufficient logical and physical independence measures are adopted to avoid or limit the expected dependent failures and common cause initiators. The goal is to identify all the possible safety measures to strengthen the independence and sets of ß-factors for redundant subsystems.
A system component that is neither safety critical nor safety relevant but interfaces with such subsystems is an Interference-Free component, either as an interface or a defined area. If a component has demonstrated to be interference-free then it is evident that no failure of that given component may induce the failure of any of the safety functions of the product.
Consequently, the above-mentioned component won´t be developed with an IEC 61508 compliant development process. A crucial factor between components is independence which is much easier to display in hardware than it is in software, in virtue of physical separation techniques.