Fusa_005_Safety Analysis_Dependent Failure Initiat...

ZHAOHUI 2019-10-10

展开全文

From the last two sharing about dependent failures,we have known what is the dependent failure and why we need to perform dependentfailure analysis. Today, I gona to talkabout Dependent failure Initialtors(DFI).

1- Dependent Failure Initiator

Same like other failures which could violate the safety goals or higher safetyrequirements, the dependent failure initiators are either random hardware faults or systematic faults.

The picture below shows thetypical sources of dependent failure initiator in detail.

In 4.7.5.1of ISO 26262-2018 : Part 11, the dependent failure initialors are classifiedinto 7 classifications:

DFI ofshared resources
DFI singlephysical root cause
DFI environmentalfaults
DFI developmentfaults
DFI manufacturingfaults
DFI installationfaults
DFI service faults

The part 11also provides some examples of dependent failure initiators and their commonlyused safety mechanisms including the safety mechanisms to provent DFI fromviolating the safety goals and prevent DFI occurrence during operation.

Eventhough the examples are mainly for the semiconductors, they are still worth forreference. Let's look at them in detail.

1.1 DFI of Shared Resources

For thedependent failure initiator of shared resources, the potential causes could be:

Shared inputs
Communication
Shared other resource

They arehighlighted with red cycles in the picture below:

The examples of dependent failure initiators of shared resources and their safety mechanisms are given in the table below:

1.2 DFI of single physical root cause

The potentialsources of the DFI with single physical root cause are shown in the picturebelow with red cycles.

The examples of dependent failure initiators of single physical root cause and their safety mechanisms are given in the table below:

1.3 DFI of environmental faults

The potentialsources of the DFI of environmental faults are shown in the picture below withred cycles.

The examples of dependent failure initiators of environmental faults and their safety mechanisms are given in the table below:

1.4 DFI of development faults

The potentialsources of the DFI of development faults are shown in the picture below withred cycles.

The examples of dependent failure initiators of development faults and their safety mechanisms are given in the table below:

1.5 DFI of manufacturing faults

The potentialsources of the DFI of manufacturing faults are shown in the picture below withred cycles.

The examples of dependent failure initiators of manufactureing faults and their safety mechanisms are given in the table below:

1.6 DFI of installation faults

The potentialsources of the DFI of installation faults are shown in the picture below withred cycles.

The examples of dependent failure initiators of installation faults and their safety mechanisms are given in the table below:

1.7 DFI of service faults

The potentialsources of the DFI of service faults are also mainly systematic coupling faults.

Servicein automotive typically happens by replacement of the whole ECUs or sensormodules. Thus the DFI of service faults mainly due to systemactic coupling. Since it is too difficult to replace or to fix, the semiconductor components aretypically not serviced.

Actually,in order to help the users to have a better understanding of the dependent failure, and to correctly perform the depenedent failure analysis, more descriptions of dependentfailure are provided in detail in thenew edition of ISO 26262 than the first version: