APIS Informationstechnologien GmbH

Deutsch
Newsletter User Conf Docs Current Versions

Search:

DSCF without error detection

Explanation:

A search will be performed for dangerous safety-critical failures (DSCF), linked to at least one base failure (BF), which are not secured by the safety mechanism “error detection”. “Secured” means that in the failure net no failure is allowed between a BF and a safety mechanism.

Note:

  • A DSCF (Dangerous Safety-Critical Failure) is a failure which has a safety level (SIL/ASIL) not equal to QM (Quality Management). The function at which the DSCF is anchored is automatically defined as a safety goal (see Properties dialog „Functional Safety“).
  • Safety mechanisms are error detections and error responses

Example


Abbreviations
  • ASIL = Automotive safety integrity level
  • BF = Base failure of a base function
  • BFn = Base function of a base structure element
  • BSE = Base structure element
  • Cl Prc = Classification for process characteristic
  • Cl Prd = Classification for product characteristic
  • Cl Req = Classification for requirement
  • CM = Control method
  • DA = Detection action
  • DC = Diagnostic coverage
  • DSCF = Dangerous safety critical failure
  • Er Det = Error detection
  • Er Resp = Error response
  • F = Failure
  • FIT = Failure in time
  • Fn = Function
  • FSM = Functional safety management
  • IE = Inspection equipment
  • LF = Latent fault
  • LFM = Latent fault metric
  • OC = Operating condition
  • PA = Preventive action
  • PE = Process element
  • PFH = Probability of failure per Hour
  • PMHF = Probabilistic metric for random hardware failures
  • PrcC = Process characteristic
  • PrdC = Product characteristic
  • QM = Quality method
  • QR = Quality rule
  • Req = Requirement
  • RMR = Risk Matrix Ranking
  • RP = Reaction plan
  • SE = Structure element
  • SE ErDet = Structure element for error detections
  • SE ErResp = Structure element for error responses
  • SFF = Safe failure fraction
  • SG = Safety Goal
  • SIL = Safety integrity level
  • SM = Organisational-SE for “safety mechanisms”
  • SPF = Single point fault
  • SPFM = Single point fault metric
  • TF = Top failure of a top function
  • TFn = Top function at root element
  • TS = Test sample


This structure consists of three structure elements to which failures are assigned and two structure elements that have safety mechanisms.

The aim of this quality rule is to detect DSCFs that are linked to at least one BF that is not immediately followed by an error detection in the BF failure path. “immediately” here means no further failure may be placed between the BF and the error detection. For this QR, a hit will not be produced by an operating condition found between the BF and error detection. From the viewpoint of the BF, it is possible to see these results using the Graph Editor or Failure Net Editor.

Graph Editor from viewpoint of BF:

Failure Net Editor from viewpoint of BF:

Search result Search results:

By viewing both the Graph- or Failure Net Editor, it is possible to see that four failures are DSCFs linked to at least on BF which does not have an error detection immediately after the BF in the failure path. Please note the above sentence mentioning how operating conditions are not considered in this QR. For the purpose of this example, the net links are viewed from the point of the BF.

Of the six BFs in this example, BF2 and BF4 each have an immediate error detection. Therefore, the DSCFs that can be found in the corresponding failure effects paths will not appear in the quality rule search result.

On the other hand, those DSCFs must be named in the search result that are linked in the failure effects paths of the other BFs. These are a total of four DSCF, whereby it is irrelevant whether the DSCF is a top failure or not.

The following DSCFs are hits in this example: TF1, TF3, TF5 and F6. 

Download QR example