of software failures because the failure frequency is proportional to the frequency of the occurrence of activating conditions or triggers.
3.6.5 Failure Effects
Failure effect is an undesired consequence of a failure mode. Failure effects may be categorized as follows:
1 Injuries or damage to personnel or to the public.
2 Damage to the environment.
3 Damage to the system where the failure occurred.
4 Material or financial loss.
5 Interruptions of the system operation (e.g. loss of production, cancelled or delayed transport means, interruptions of electric or water supply, interruption of computer/telephone network service.)
A failure mode may lead to many different failure effects, on the item where the failure occurred, and on other items. Failure effects are classified as local effects, next higher effects, and end effects. These effects are illustrated in Example 3.13.
Example 3.13 (Failure effects of brake pad failure)
Consider a (total) wear‐out failure of a brake pad on the left front wheel of a car. The local effect is that the braking effect on the left front wheel is strongly reduced and that the brake disc may be damaged. The next higher effect is that the braking effect of the car is uneven and not adequate. The end effect is that the car cannot provide a safe drive and must be stopped.
A general picture of the relationship between cause and effect is that each failure mode can be caused by several different failure causes, leading to several different failure effects. To get a broader understanding of the relationship between these terms, the level of indenture being analyzed should be brought into account. This is shown in Figure 3.6.
Figure 3.6 shows that a failure mode on the lowest level of indenture is one of the failure causes on the next higher level of indenture, and the failure effect on the lowest level equals the failure mode on the next higher level. The failure mode “leakage from sealing” for the seal component is, for example, one of the possible failure causes for the failure mode “internal leakage” for the pump, and the failure effect (on the next higher level) “internal leakage” resulting from “leakage from sealing” is the same as the failure mode “internal leakage” of the pump.
Failure effects are often classified according to their criticality as discussed in Chapter 4.
3.7 Failure/Fault Analysis
A failure or fault analysis is a systematic investigation of a failure or a fault that has occurred, in order to identify the root causes of the failure/fault and to propose corrective actions needed to prevent future failures/faults of the same, or similar, types.
This section gives an introduction to two commonly used failure/fault analysis techniques (i) cause and effect analysis and (ii) root cause analysis. Both techniques are primarily used to analyze real failures/faults that have occurred, but may also be used to analyze potential failures or faults.
3.7.1 Cause and Effect Analysis
Cause and effect analyses are frequently used in quality engineering to identify and illustrate possible causes of quality problems. The same approach may also be used in reliability engineering to find the potential causes for system failures or faults. The cause and effect analysis is documented in a cause and effect diagram.
The cause and effect diagram, also called Ishikawa diagram (Ishikawa 1986), was developed in 1943 by the Japanese professor Kaoru Ishikawa (1915–1989). The diagram is used to identify and describe all the potential causes (or events) that may result in a specified failure. Causes are arranged in a tree structure that resembles the skeleton of a fish with the main causal categories drawn as bones attached to the spine of the fish. The cause and effect diagram is therefore also known as a fishbone diagram.
To construct a cause and effect diagram, we start with an item failure. The item failure is briefly described, enclosed in a box and placed at the right end of the diagram, as the “head of the fish.” The analysis is carried out by a team, using an idea‐generating technique, such as brainstorming. Failure causes are suggested by the team and organized under headings such as
1 Manpower
2 Methods
3 Materials
4 Machinery
5 Milieu (environment)
This is a common classification for failure/fault analysis and is referred to as the 5M approach, but other categories may also be used. The main structure of a 5M cause and effect diagram is shown in Figure 3.13.
Figure 3.13 Cause and effect diagram for the event “car will not start.”
When the team members agree that an adequate amount of detail has been provided under each major category, they analyze the diagram, and group the causes. An important part of this analysis is to eliminate irrelevant causes from the diagram and tidy it up. One should especially look for causes that appear in more than one category. For those items identified as the “most likely causes,” the team should reach consensus on listing those causes in priority order with the first cause being the “most likely cause.”
Some cause and effect analyses also include an evaluation of how easy it is to verify each of the identified causes in the diagram. Three classes are sometimes used: (i) very easy, (ii) somewhat easy, and (iii) not easy. A final step to propose actions to rectify the identified causes, may or may not be included in the analysis.
The cause and effects diagram cannot be used for quantitative analyses, but is generally considered to be an excellent aid for problem solving, and to illustrate the potential causes of an item failure/fault. Cause and effect analysis is also a recommended step in a more comprehensive root cause analysis (see Section 3.7.2).
Example 3.14 (Car will not start)
Consider a car that will not start after having been idle for a period. The causes suggested by the team are shown in the cause and effect diagram in Figure 3.14. A number of similar cause and event diagrams may be found on the Internet.
