© exida.com GmbH berthold 0408-10 r003 v1r3.doc, Apr. 12, 2007
Rainer Faller Page 11 of 18
4.2 Methodology – FMEDA, Failure rates
4.2.1 FMEDA
A Failure Modes and Effects Analysis (FMEA) is a systematic way to identify and evaluate the
effects of different component failure modes, to determine what could eliminate or reduce the
chance of failure, and to document the system in consideration.
An FMEDA (Failure Mode Effect and Diagnostic Analysis) is an FMEA extension. It combines
standard FMEA techniques with extension to identify online diagnostics techniques and the
failure modes relevant to safety instrumented system design. It is a technique recommended to
generate failure rates for each important category (safe detected, safe undetected, dangerous
detected, dangerous undetected, fail high, fail low) in the safety models. The format for the
FMEDA is an extension of the standard FMEA format from MIL STD 1629A, Failure Modes and
Effects Analysis.
4.2.2 Failure rates
The failure rate data used by exida in this FMEDA are from the Siemens SN 29500 failure rate
database. The rates were chosen in a way that is appropriate for safety integrity level
verification calculations. The rates were chosen to match operating stress conditions typical of
an industrial field environment similar to IEC 60654-1, class C. It is expected that the actual
number of field failures will be less than the number predicted by these failure rates.
The user of these numbers is responsible for determining their applicability to any particular
environment. Accurate plant specific data may be used for this purpose. If a user has data
collected from a good proof test reporting system that indicates higher failure rates, the higher
numbers shall be used. Some industrial plant sites have high levels of stress. Under those
conditions the failure rate data is adjusted to a higher value to account for the specific
conditions of the plant.
4.2.3 Assumption
The following assumptions have been made during the Failure Modes, Effects, and Diagnostic
Analysis (FMEDA) of the Level Transmitter LB490 Uni-Probe with 4..20mA NAMUR NE43
compliant current output.
x Failure rates are constant, wear out mechanisms are not included.
x Propagation of failures is not relevant.
x The HART™ communication is not used for safety applications. The correct configuration
set up using HART™ shall be checked by functional testing.
x Only the NAMUR NE43 compliant current output is used for safety application.
x The current output signal is fed to a SIL compliant analog input of a safety PLC. The safety
PLC analog input and the application program are configured according to NAMUR NE43 to
detect under-range and over-range failures.
x The stress levels are average for an industrial environment and can be compared to the
Ground Fixed classification of MIL-HNBK-217F. Alternatively, the assumed environment is
similar to:
o IEC 60654-1, Class C (sheltered location) with temperature limits within the
manufacturer’s rating and an average temperature over a long period of time of 40ºC.
Humidity levels are assumed within manufacturer’s rating.
To Next Page
