1、StandardANSI/AIAA S-102.2.4-2015 Capability-Based Product Failure Mode, Effects and Criticality Analysis (FMECA) Requirements AIAA standards are copyrighted by the American Institute of Aeronautics and Astronautics (AIAA), 1801 Alexander Bell Drive, Reston, VA 20191-4344 USA. All rights reserved. AI
2、AA grants you a license as follows: The right to download an electronic file of this AIAA standard for storage on one computer for purposes of viewing, and/or printing one copy of the AIAA standard for individual use. Neither the electronic file nor the hard copy print may be reproduced in any way.
3、In addition, the electronic file may not be distributed elsewhere over computer networks or otherwise. The hard copy print may only be distributed to other employees for their internal use within your organization. 1 American Institute of Aeronautics and Astronautics 1801 Alexander Bell Drive, Suite
4、 500 Reston, VA 20191-4344 www.aiaa.org ISBN 978-1-62410-377-3ANSI/AIAA S-102.2.4-2015 American National Standard Capability-Based Product Failure Mode, Effects and Criticality Analysis (FMECA) Requirements Sponsored by American Institute of Aeronautics and Astronautics Approved 24 July 2015 America
5、n National Standards Institute Approved 14 August 2015 Abstract This Standard provides the basis for developing the analysis of failure modes, their effects, and criticality in the context of individual products along with the known performance of their elements. The requirements for contractors, th
6、e planning and reporting needs, along with the analytical methodology are established. The linkage of this Standard to the other standards in the new family of capability-based safety, reliability, and quality assurance standards is described, and keywords for use in automating the Product FMECA pro
7、cess are provided. ANSI/AIAA S-102.2.4-2015 ii Publication Date Major Changes S-102.2.4-2009 January 2009 First publication S-102.2.4-2015 August 2015 Figure 1: Elements of Failure Mode Identification Figure 2: Elements of Failure Probability Estimation Definition for “failure mode, effects and crit
8、icality analysis (FMECA) capability level” Definition for “safety-impact” Annex E: Product Unit-Value/Safety-Impact Category Definitions Annex F: Product FMECA Process Capability Levels versus Product Life Cycle LIBRARY OF CONGRESS CATALOGING-IN-PUBLICATION DATA ON FILE American National Standard AN
9、SIAIAA S-102.2.4-2015 iii American National Standard Approval of an American National Standard requires verification by ANSI that the requirements for due process, consensus, and other criteria have been met by the standards developer. Consensus is established when, in the judgment of the ANSI Board
10、 of Standards Review, substantial agreement has been reached by directly and materially affected interests. Substantial agreement means much more than a simple majority, but not necessarily unanimity. Consensus requires that all views and objections be considered, and that a concerted effort be made
11、 toward their resolution. The use of American National Standards is completely voluntary; their existence does not in any respect preclude anyone, whether he has approved the standards or not, from manufacturing, marketing, purchasing, or using products, processes, or procedures not conforming to th
12、e standards. The American National Standards Institute does not develop standards and will in no circumstances give an interpretation of any American National Standard. Moreover, no person shall have the right or authority to issue an interpretation of an American National Standard in the name of th
13、e American National Standards Institute. Requests for interpretations should be addressed to the secretariat or sponsor whose name appears on the title page of this standard. CAUTION NOTICE: This American National Standard may be revised or withdrawn at any time. The procedures of the American Natio
14、nal Standards Institute require that action be taken to affirm, revise, or withdraw this standard no later than five years from the date of approval. Purchasers of American National Standards may receive current information on all standards by calling or writing the American National Standards Insti
15、tute. American Institute of Aeronautics and Astronautics 1801 Alexander Bell Drive, Reston, VA 20191 Copyright 2015 American Institute of Aeronautics and Astronautics All rights reserved No part of this publication may be reproduced in any form, in an electronic retrieval system or otherwise, withou
16、t prior written permission of the publisher. Printed in the United States of America ANSI/AIAA S-102.2.4-2015 iv ISBN 978-1-62410-377-3 Table of Contents Foreword vi 1 Scope 1 1.1 Purpose . 1 1.2 Application . 2 2 Applicable Documents 5 2.1 Normative AIAA References . 5 2.2 Other References 5 3 Voca
17、bulary 6 3.1 Acronyms and Abbreviated Terms 6 3.2 Terms and Definitions . 6 4 General Requirements 11 4.1 Contractor Responsibility 11 4.2 Procedure 11 4.3 Product FMECA Report 12 5 Detailed Requirements . 13 5.1 Define Product FMECA Ground Rules . 13 5.2 System Design Data Collection 13 5.3 Failure
18、 Mode and Effects Analysis 13 5.4 Criticality Analysis . 15 5.5 Detectability Analysis 16 5.6 Failure Isolation Analysis 16 5.7 Safety, Mission, and Maintainability Critical Items Analyses 16 5.8 Failure Compensation Method Analysis . 16 5.9 Integrated Product FMECA/Hazards Analysis Database . 16 5.
19、10 Data Exchange Between Product FMECA Process And Other Project Functions . 18 5.11 Product FMECA Input Data Maturity Evaluations . 18 5.11.1 Failure Mode Analysis Input Data Maturity Categories . 18 5.11.2 Failure Compensation Method Input Data Maturity Categories 18 5.12 Structured Review . 19 5.
20、13 Lessons Learned . 19 ANNEX A - Safety, Reliability entification aechanisms, veloped for entification oanage the efhes uniform rnalysis (FMcapability bd process thcesses withiich is commhase. Also, itof the Produand eliminastem safety l different pun safety or dpability-basedined capabilitnsequenc
21、e oerved. Accogularly or in he FMECA ices caused criticality or mpensation mduct FMECAnd Effects Asis (CA), anI) Analysis aystem failuretability analye FC analysconstitute thof the requireof Product FMevaluation of o, all failure mapproval of aand suppliend documenroot causes, each functionf product
22、 defects of failurequirements ECA). The ce rated accoat this Stann systems enensurate wfacilitates inct FMECA iste or controor mission srposes, but itesign reliabiFMECA is y levels. f the mechardingly, a faicombination s a systematiby the failurerisk of each fethods for shall comprnalysis (FMEd Dete
23、ctabilitnd Failure Coquestions resis answer is answer sye baseline prments and aECA Technthe necessaodes that posingle FMErs (this activittation of thor hazards, al or physicasign featurese modes; and criteria fapability-baserding to defindard definesgineering to ith the prodtegrating FMEto collect
24、al, but not buccess. Deps most imporlity before tha set of activnism throughlure mode thawith other fac methodologmodes of fuailure mode safety-criticaise the followA) y Analysis formpensation garding the system failurstem failure actice for thenalytical grouical Performary product dese unacceptCA w
25、orksheey facilitates ie productsas required, l element in tand operatior a capabilitd aspect of ned criteria fintegrates tidentify, anaucts unit-valCA data acrnd evaluate e limited toending on htant use in sye product deities that addwhich the fat poses unailure mode efy that is widnctional, phyin t
26、erms of itsl, mission-cring three comr repairable p(FC) Analysiswhats, howe questions questions reProduct FMEnd-rules for tnce Metrics (sign informatable risk acrot format for ntegrating thfailure modebased on fahe product; ional activitieANSIAIAy-based Prodthis Standardor process cthe FMECA plyze,
27、and malue/safety-imposs different the necessa, all failure ow it is perfostems enginsign is solidress producailure occurs, cceptable risfects, violateely used to esical, or logiend-effects,itical, and mponents: roducts s, wheres, wregarding regarding failurCA are the fhe Product FTPMs); ion to ident
28、ifyss the produthe entire prohe FMECA das, failure eilure mode ms that reducA S-102.2.4uct Failure Mrequires thapability androcess with nage failure act and sysenterprises.ry product dmodes that rmed, the FMeering is to aified or prodt failure or mi.e., the mannk is a failure s a product dvaluate th
29、e ecal componeand evaluateaintenance-chens, and wlative significe mitigation.ollowing: MECA; and evaluatct life cycle;ject, includinta across difffects, and fodels obtaine the likeliho-2015 1 ode, at the data other mode tems esign pose ECA id the duct is ishap er by mode esign ffects nts. It s the r
30、itical hys. ance. The e, but g the ferent ailure ed or od or ANSI/AIAA S-102.2.4-2015 2 calculation of a quantified Criticality Number (Cm) for each failure mode; development of a qualified or a quantified detection success probability for each failure mode of a repairable system; application of Cri
31、tical Item (CI) selection criteria and evaluation of failure mode mitigation approaches for each CI; development, documentation, and distribution of the Product FMECA Report. The elements of failure mode identification are shown in Figure 1 and the elements of failure probability estimation are show
32、n in Figure 2. These elements shall be included in the FMECA process as required. 1.2 Application This Standard applies to acquisitions for the design, development, fabrication, test, and operation of commercial, civil, and military systems, equipment, and associated computer programs. This Standard
33、 provides a consistent approach for rating an organizations Product FMECA process capability by applying a five-level set of criteria. These criteria are based on performing a logical sequence of activities that improves the accuracy and comprehensiveness of the Product FMECA as the product advances
34、 through its life cycle in phases. Organizations may evaluate their existing Product FMECA processes against the criteria in Annex B to identify the additional features needed to achieve a target process capability level. This Standard also applies to the integration of the Product FMECA/Hazards Ana
35、lysis database with a Project Mission Assurance Database System. However, specification of this Standard shall not be construed as a requirement for the contractor to use a particular computer-aided design (CAD) system. Rather, contractors shall use the computerized tools of their choosing, given th
36、at those tools are validated to process input data and generate output data in formats that are compatible with the data definitions in this Standard. Hardware FailuModes PhysicaFailureFIGURE 1FailuIdentre Process FaModesl Layout Modes : ELEMENTS Ore Mode ification FunctionaModilure EnviroSurvHaF FA
37、ILURE MODl Failure es Maintenannmental/ ivability zards E IDENTIFICATSoftwareSnce Faults ION. Faults Crieak Circuits ANSIAIAA S-1tical Items 02.2.4-2015 3 ANSI/AIAA S-102.2.4-2015 4 FIGURE 2: ELEMENTS OF FAILURE PROBABILITY ESTIMATION. Stress An accidentn source: IEEated effort amduct deficienabilit
38、y-based bability of ocof occurrencemode probabord ngle criticalityn, in terms oata and the eans or meit may take y of a unit to cause a failureechanism thand criticalitdocumentatioconsequencthe design and criticalitf an FMECAion needs of Annex B for a manifestar system; 3rocedure (opmay cause aE 100
39、, The Aong the procy risk at oneMission Assuracurrence greas for failure ility of occurrennumber. f one of thredegree of accthods by whperform its re. rough whichy analysis (Fn of a produes of the faily analysis (Fprocess, asa product thaFMECA caption of an eComponenterational or fault; 2 a fauuthor
40、itative Dject domainsof five predence Programter than 1.0Emodes accorce representse predefined uracy to be eich a failurequired functia failure ocMECA) cts failure mure modes anMECA) capspecified by at has a specability level drror in softwas a defect omaintenancelt may cause ictionary of of safety,
41、 Rfined capabil-6, 0.000001ding the Sevea Criticality Nudata maturityxpected is detectedon curs, or theodes, and thed their frequability levela set of activiific unit-valueefinitions) re; 2 Hardr flaw in a ha) or process a failure; 3 aIEEE StandaANSIAIAhat is equire ANSI/AIAA S-102.2.4-2015 8 hazard
42、 A hazard consists of a source of the problem, a mechanism that triggers the event, and an outcome which is the result. It is a condition that is prerequisite to a mishap and a contributor to the effects of the mishap NOTE: A single point failure mode (SPFM) item is a hazard with respect to its pote
43、ntial to lead directly to loss of a safety-critical or mission-critical system function. FMEA record the full description a single failure mode. FMECA worksheet A documented that describes the failure modes and their effects, root causes, detection methods, severity categories, likelihood categories
44、, criticality numbers, detection risk priority numbers, and compensation methods of an item independent verification provision of sufficient information for an organization or individual to obtain the same results as the analysts when redoing the analysis inherent failure mode result of characterist
45、ic weaknesses related to specified design and materials of an item method a formal, well-documented approach for accomplishing a task, activity, or process step governed by decision rules to provide a description of the form or representation of the outputs, i.e. a procedure mishap an unplanned even
46、t or series of events resulting in death, injury, occupational illness, or damage to or loss of equipment or property, or damage to the environment mission the purpose and functions of the space system (sensors, transponders, boosters, experiments, etc.) throughout its expected operational lifetime,
47、 and controlled reentry or disposal orbit time period. A space system may have several missions (e.g., primary mission, ancillary mission, and safety mission) mission assurance that part of Systems Engineering (SE) that focuses on identifying, evaluating, and mitigating or controlling existing and p
48、otential deficiencies that pose a threat to system safety or mission success, throughout the systems useful life and post-life disposal NOTE: Deficiencies include damaging-threatening hazards, mission-impacting failures, and system performance anomalies that result from unverified requirements, opti
49、mistic assumptions, unplanned activities, ambiguous procedures, undesired environmental conditions, latent physical faults, inappropriate corrective actions, and operator errors. non-credible failure mode or hazard a failure mode or hazard with a probability of occurrence equal to or less than 1.0E-6, 0.000001, or one in a million NOTE: Same as an improbable failure mode or hazard opportunity a chance to eliminate, avoid, or reduce a negative consequence plan an approach or method to achieve an objective planning the act oapproach practice one
