Electric Vehicle Considerations for Functional Safety Verification and Validation Testing
Electric Vehicle Considerations for Functional Safety Verification and Validation Testing The functional safety standard for the automotive industry,...
Today’s modern products are incredibly complex and becoming more so by the day. At the same time, a greater emphasis is being placed on achieving the comprehensive, functional safety of the product in all applications and operational scenarios. Managing these considerations and requirements is no easy task. As this realm increases in complexity, the sheer number of data points that must be tracked and measured increases exponentially. Thus, the tools and processes for managing this data must also evolve and mature.
One of the key processes for successfully performing this work is FMEDA an acronym that stands for Failure Modes, Effects, and Diagnostic coverage Analysis. It utilizes systematic analysis to determine the failure rates of a product and its components, the modes in which they fail, and the diagnostic capability of the systems that monitor those components.
FMEDA is an evolution of earlier processes resulting from lessons learned and their resulting improvements. It is also being driven by the ever-increasing complexity of modern systems. As products and systems become more complex, the design, development, and safety validation processes that govern the development of these products must also evolve.
The FMEDA process is thorough and exhaustive, encompassing hardware, software, the environments in which they are put to work, and the manners in which they interact with and impact each other. It examines all the elements utilized in the design of a product… every system, subsystem, component, and part. It examines the true real-world functionality of the product, performed by each hardware part, the modes in which each hardware part fails, the effect that each hardware part failure mode has on the overall functionality of the product (intended or not), the ability of any automatic diagnostic capabilities in the system to detect the failures, the strength of the design in terms of safety factors and the ability to degrade a system incrementally rather than just shutting it down for less critical failures, and the environmental stress factors inherent in the overall operational profile.
FMEA (Failure Mode and Effects Analysis), FMECA (Failure Modes, Effects, and Criticality Analysis), and FMEDA (Failure Modes, Effects, and Diagnostic coverage Analysis), may at first glance appear to be the same, but there are important differences that highlight how the overarching concepts came into being, and how they have developed and matured over the years:
These elements of information are crucial to evaluate Single Point Fault Metrics (SPFM) and Latent Fault Metrics (LFM) against target values for potential safety goal violation based on each safety goal’s ASIL (Automotive Safety Integrity Level) rating, to ensure that sufficient Functional Safety has built into the design. It is imperative to be able to measure automatic diagnostic capability for many reasons, the most predominant being that in a complex system, so much more of the workload must be placed in the automatic diagnostic system due to the sheer volume of work and the speed in which it must be performed correctly. Therefore, its trustworthiness must be measurable and verifiable.
The world of safety standards can be overwhelming and confusing to the uninitiated. Where does the scope of one standard end and the next begin? That depends on many factors, two of the most important being the type of product, and the way that product will be used. For example, an automobile is a vastly different product than an airplane or a forklift, yet each also shares fundamental objectives when it comes to their safe operation, and they might even share a few components such as controls and actuators, and wiring. It is this overlap among different products, that can be a source of great confusion.
One overarching safety standard, covering every type of product in every conceivable application, would be far too ponderous to be practical. Therefore, several different standards are utilized related to product safety. Some are defined by the type of product being produced. Others are scoped towards specific processes that define and quantify what safety is, regardless of the product and its use.
For example, in the automotive realm, ISO 26262, titled "Road vehicles – Functional safety", is an international standard for functional safety of electrical and/or electronic systems that are installed in certain production road vehicles. It is a qualitative risk-based standard that is focused on the unique demands of automotive product development and is used extensively in automotive manufacturing. But that alone is not enough. Manufacturers also need a systematic, quantitative means of identifying, measuring, and analyzing the components and parts that go into a machine, and how they interact and perform under given conditions. Being able to measure failure modes mathematically, forms the engineering foundation of corrective action, improvement, and risk reduction for a product. This is where the FMEDA process comes in.
Two standards are commonly utilized in the FMEDA process:
ISO 13849 is designed for use in machinery with high to continuous demand rates. A high rate is defined as once or more per year of operation; a continuous demand rate is much more frequent than a high rate.
The purpose of an FMEDA is to evaluate the parts in the whole system and analyze how their failures can impact safety at the system and vehicle level. This is a quantitative analysis conducted for each potential safety goal violation. A staggering number of calculations are involved. For example, determining the failure rate for each hardware part on a circuit board can be a challenge due to the sheer complexity of so many different parts being integrated into one module or system.
Generic failure rates cannot be used, because the failure rates highly depend on what environment the part is being subjected to, how it is being used in the circuit, the thermodynamic stresses and electrical stresses, and the mechanical stresses it endures. All those factors determine the failure rates. The same hardware part will have different failure rates if it is being used differently, or in a different environment, or a different application. It will not be one size fits all. Every circuit board is different. Every design is different. Every application is different.
The purpose of an FMEDA is to evaluate the parts in the whole system and analyze how they will be used. It is a significantly complex puzzle to solve. Many questions need to be answered, and this is where LHP’s FMEDA tools can help. Can a part have the same failure rate if it is being used differently in various applications? How can you view the failure rate model to calculate the failure rate? These are a few of the common pain points, and it can be very labor-intensive to determine the failure rates for these parts using manual methods.
For example, imagine that you want to use a spreadsheet to compile your FMEDA. There will be a lot of intensive engineering hours involved to build the load calculation formula. Once the calculation formula is done, you can only use it one time, when you put in a given parameter, because if you use it another time, either you will have to copy and paste the formula into another cell, or you will change a parameter that overwrites the information you entered before. The process is clunky, slow, prone to human error, and the history is not being captured.
However, using LHP’s FMEDA tool is much like using a lookup table. The model is already built and resides within a library. The models are linked to manufacturer part numbers with rated and manufacturing parameters, based on the manufacturer data sheets, stored in the model. And every time that the same part number is being used in your circuits, you can just import your Bill of Material (BOM) into the tool, and the tool will pull out the matching model, and you don't have to do the research again. So, in just that part alone, you will save many engineering hours. And the savings will multiply every time the process is repeated. Whenever the same hardware part is being used, the same model will be pulled out with common parameters already stored in the library, only requiring a change the environment and electrical parameters that are specific to your application and how the part is to be used in your design.
Today’s products are increasing in complexity at a significant rate. The FMEDA process is a critical part of designing and building safe and reliable products. LHP’s FMEDA tools are practical, highly useful, and can streamline the FMEDA process, increasing the trustworthiness of your analyses by utilizing real-world data for each unique instance, and doing so in a way that is cost-effective and saves you a lot of time.
Electric Vehicle Considerations for Functional Safety Verification and Validation Testing The functional safety standard for the automotive industry,...
Automotive Functional Safety- ISO 26262 A Streamlined Approach to Meeting Today's Functional Safety Requirements Just as in Aerospace, the...
1 min read
What is Tailoring in Functional Safety? The international standard that governs functional safety is ISO 26262-2:2018, “Road vehicles — Functional...