Mechatronics FMEA

(Available in all extension stages of the FMEA)

Mechatronics Systems differ from conventional technical systems; to a certain degree, these systems allow for self-diagnoses and self-repair. They have built-in detection mechanisms for and reaction mechanisms to specific failures and can so often guarantee a failsafe error handling and increases operational readiness of the system under consideration.

Often, the specific operating conditions (or states) of the system must be taken into account for failsafe engineering (e.g. is the vehicle being accelerated or decelerated, is it driving straight or in a narrow curve, is the road surface slippery or icy...).

Risk analysis for Mechatronic systems is not in the scope of the classical FMEA analysis. New concepts and features have to be used to cope with these problems.

The description of the complex interrelationships of Mechatronics systems is done in the failure net of the APIS IQ-Software.

In the following example there is an analysis of how a failure of a sensor ("wrong signal") with two causes has effects on a Mechatronics system with two different operating conditions (operating and passive state).

Fig. 1 Failure Net with operating states

If a failure occurs during the operation state of the system there are two alternative continuation paths. One path with failure detection and another path without failure detection.

Fig. 2 Failure Net with failure detection and operating state

However, if a failure detection is activated, a failure reaction can be triggered which causes the system to continue operation in a fail safe mode.

Fig 3. Failure net with failure reaction, failure detection and operating state

Since failure detection and failure reaction are derived from functions it is possible to perform a risk analysis for them as well ("what will happen if detection doesn't work").

Operating states, failure detections and failure reactions may be combined with each other within the failure net and are independent from each other. For example it isn't implicitly necessary to include operating states into the analysis if only failure reaction of a system is to be reviewed.

Operating states, failure detections and reactions can be used as filter criteria. For example, in a failure net only paths with a certain failure detection or a certain operating state can be viewed and all others may be faded out.