Search:
DSCF linked to safety mechanisms without failures
Explanation:
A search will be made for dangerous safety-critical failures (DSCF) connected to safety mechanisms (in direction of causes), for which at least one safety mechanism has no failure defined.
Note:
- A DSCF (Dangerous Safety-Critical Failure) is a failure which has a safety level (SIL/ASIL) not equal to QM (Quality Management). The function at which the DSCF is anchored is automatically defined as a safety goal (see Properties dialog „Functional Safety“).
- Safety mechanisms are error detections and error responses
Example:
Abbreviations
- ASIL = Automotive safety integrity level
- BF = Base failure of a base function
- BFn = Base function of a base structure element
- BSE = Base structure element
- Cl Prc = Classification for process characteristic
- Cl Prd = Classification for product characteristic
- Cl Req = Classification for requirement
- CM = Control method
- DA = Detection action
- DC = Diagnostic coverage
- DSCF = Dangerous safety critical failure
- Er Det = Error detection
- Er Resp = Error response
- F = Failure
- FIT = Failure in time
- Fn = Function
- FSM = Functional safety management
- IE = Inspection equipment
- LF = Latent fault
- LFM = Latent fault metric
- OC = Operating condition
- PA = Preventive action
- PE = Process element
- PFH = Probability of failure per Hour
- PMHF = Probabilistic metric for random hardware failures
- PrcC = Process characteristic
- PrdC = Product characteristic
- QM = Quality method
- QR = Quality rule
- Req = Requirement
- RMR = Risk Matrix Ranking
- RP = Reaction plan
- SE = Structure element
- SE ErDet = Structure element for error detections
- SE ErResp = Structure element for error responses
- SFF = Safe failure fraction
- SG = Safety Goal
- SIL = Safety integrity level
- SM = Organisational-SE for “safety mechanisms”
- SPF = Single point fault
- SPFM = Single point fault metric
- TF = Top failure of a top function
- TFn = Top function at root element
- TS = Test sample
- The above structure consists of four structure elements (SE). The root element contains four top functions, all with safety goals, each with one failure. The safety mechanisms (SM) “error detection” and “error response” can be found in two separate SE for the purpose of clarity in this example. Furthermore, a fourth SE contains four base failures (BF), of which the failure nets are linked in the direction of “effects”. For the sake of this Quality Rule and the relationship between DSCF and safety mechanisms, the failure nets are built with the simple pattern of BF – SM – TF in direction of “causes”.
- The aim of this Quality Rule is to detect DSCFs which are linked (in direction “causes”) with safety mechanisms. Additionally, either the failure reaction or failure detection must have no failure determined. Therefore, a DSCF linked to a failure- detection/reaction with no anchored failure will appear in the search results.
- By visually analyzing the structure list in connection with the failure nets, it is possible to immediately identify which DSCF will be found. The following image shows the failure nets.
Search result:
The failure nets show that all top failures (TF) are linked to safety mechanisms. Therefore, all of these top failures are potential hits for this Quality Rule. However, the top failures must also be DSCF’s to be hits. The third failure net shows that TF3 is not a DSCF, as its QM does not differ from the safety level rating. TF3, therefore, is not considered in this search.
The failure nets also show with which safety mechanisms the other TFs, which are all DSCF, are linked with. Comparing the image with the structure list, which safety mechanisms do not have failures. As there are failures anchored at both Er Resp1 and Er Det1, TF1 is also not a hit.
Er Resp2 and Er Det4 both have no failures assigned. As a result, TF2 and TF4 are hits in this Quality Rule search.