Failure mode and effects analysis of software-based automation systems

Pentti Haapanen; Atte Helminen

Failure mode and effects analysis of software-based automation systems

Research output: Book/Report › Report

Abstract

Failure mode and effects analysis (FMEA) is one of the well-known analysis methods having an established position in the traditional reliability analysis. The purpose of FMEA is to identify possible failure modes of the system components, evaluate their influences on system behaviour and propose proper countermeasures to suppress these effects. The generic nature of FMEA has enabled its wide use in various branches of industry reaching from business management to the design of spaceships. The popularity and diverse use of the analysis method has led to multiple interpretations, practices and standards presenting the same analysis method. FMEA is well understood at the systems and hardware levels, where the potential failure modes usually are known and the task is to analyse their effects on system behaviour. Nowadays, more and more system functions are realised on software level, which has aroused the urge to apply the FMEA methodology also on software based systems. Software failure modes generally are unknown-"software modules do not fail, they only display incorrect behaviour"-and depend on dynamic behaviour of the application. These facts set special requirements on the FMEA of software based systems and make it difficult to realise. In this report the failure mode and effects analysis is studied for the use of reliability analysis of software-based systems. More precisely, the target system of FMEA is defined to be a safety-critical software-based automation application in a nuclear power plant, implemented on an industrial automation system platform. Through a literature study the report tries to clarify the intriguing questions related to the practical use of software failure mode and effects analysis. The study is a part of the research project "Programmable Automation System Safety Integrity assessment (PASSI)", belonging to the Finnish Nuclear Safety Research Programme (FINNUS, 1999-2002). In the project various safety assessment methods and tools for software-based systems are developed and evaluated. The project is financed together by the Radiation and Nuclear Safety Authority (STUK), the Ministry of Tradeand Industry (KTM) and the Technical Research Centre of Finland (VTT).

Original language	English
Place of Publication	Helsinki
Publisher	Radiation and Nuclear Safety Authority STUK
Number of pages	35
ISBN (Electronic)	951-712-585-2
ISBN (Print)	951-712-584-4
Publication status	Published - 2002
MoE publication type	D4 Published development or research report or study

Publication series

Series	STUK-YTO-TR
Number	190
ISSN	0785-9325

Keywords

safety
safety analysis
reliability analysis
automation
programmable systems
software-based systems
reactor protection systems
nuclear reactor safety
failure mode and effects analysis

Access to Document

http://urn.fi/URN:NBN:fi-fe2014120248702

Fingerprint Dive into the research topics of 'Failure mode and effects analysis of software-based automation systems'. Together they form a unique fingerprint.

Cite this

Haapanen, P., & Helminen, A. (2002). Failure mode and effects analysis of software-based automation systems. Radiation and Nuclear Safety Authority STUK. STUK-YTO-TR, No. 190 http://urn.fi/URN:NBN:fi-fe2014120248702

@book{3a18ee213bee49379d38d2f9b25cb0f2,

title = "Failure mode and effects analysis of software-based automation systems",

abstract = "Failure mode and effects analysis (FMEA) is one of the well-known analysis methods having an established position in the traditional reliability analysis. The purpose of FMEA is to identify possible failure modes of the system components, evaluate their influences on system behaviour and propose proper countermeasures to suppress these effects. The generic nature of FMEA has enabled its wide use in various branches of industry reaching from business management to the design of spaceships. The popularity and diverse use of the analysis method has led to multiple interpretations, practices and standards presenting the same analysis method. FMEA is well understood at the systems and hardware levels, where the potential failure modes usually are known and the task is to analyse their effects on system behaviour. Nowadays, more and more system functions are realised on software level, which has aroused the urge to apply the FMEA methodology also on software based systems. Software failure modes generally are unknown-{"}software modules do not fail, they only display incorrect behaviour{"}-and depend on dynamic behaviour of the application. These facts set special requirements on the FMEA of software based systems and make it difficult to realise. In this report the failure mode and effects analysis is studied for the use of reliability analysis of software-based systems. More precisely, the target system of FMEA is defined to be a safety-critical software-based automation application in a nuclear power plant, implemented on an industrial automation system platform. Through a literature study the report tries to clarify the intriguing questions related to the practical use of software failure mode and effects analysis. The study is a part of the research project {"}Programmable Automation System Safety Integrity assessment (PASSI){"}, belonging to the Finnish Nuclear Safety Research Programme (FINNUS, 1999-2002). In the project various safety assessment methods and tools for software-based systems are developed and evaluated. The project is financed together by the Radiation and Nuclear Safety Authority (STUK), the Ministry of Tradeand Industry (KTM) and the Technical Research Centre of Finland (VTT).",

keywords = "safety, safety analysis, reliability analysis, automation, programmable systems, software-based systems, reactor protection systems, nuclear reactor safety, failure mode and effects analysis",

author = "Pentti Haapanen and Atte Helminen",

note = "PGN: 35 p. + app. 2 p.",

year = "2002",

language = "English",

isbn = "951-712-584-4",

series = "STUK-YTO-TR",

publisher = "Radiation and Nuclear Safety Authority STUK",

number = "190",

address = "Finland",

}

TY - BOOK

T1 - Failure mode and effects analysis of software-based automation systems

AU - Haapanen, Pentti

AU - Helminen, Atte

N1 - PGN: 35 p. + app. 2 p.

PY - 2002

Y1 - 2002

N2 - Failure mode and effects analysis (FMEA) is one of the well-known analysis methods having an established position in the traditional reliability analysis. The purpose of FMEA is to identify possible failure modes of the system components, evaluate their influences on system behaviour and propose proper countermeasures to suppress these effects. The generic nature of FMEA has enabled its wide use in various branches of industry reaching from business management to the design of spaceships. The popularity and diverse use of the analysis method has led to multiple interpretations, practices and standards presenting the same analysis method. FMEA is well understood at the systems and hardware levels, where the potential failure modes usually are known and the task is to analyse their effects on system behaviour. Nowadays, more and more system functions are realised on software level, which has aroused the urge to apply the FMEA methodology also on software based systems. Software failure modes generally are unknown-"software modules do not fail, they only display incorrect behaviour"-and depend on dynamic behaviour of the application. These facts set special requirements on the FMEA of software based systems and make it difficult to realise. In this report the failure mode and effects analysis is studied for the use of reliability analysis of software-based systems. More precisely, the target system of FMEA is defined to be a safety-critical software-based automation application in a nuclear power plant, implemented on an industrial automation system platform. Through a literature study the report tries to clarify the intriguing questions related to the practical use of software failure mode and effects analysis. The study is a part of the research project "Programmable Automation System Safety Integrity assessment (PASSI)", belonging to the Finnish Nuclear Safety Research Programme (FINNUS, 1999-2002). In the project various safety assessment methods and tools for software-based systems are developed and evaluated. The project is financed together by the Radiation and Nuclear Safety Authority (STUK), the Ministry of Tradeand Industry (KTM) and the Technical Research Centre of Finland (VTT).

AB - Failure mode and effects analysis (FMEA) is one of the well-known analysis methods having an established position in the traditional reliability analysis. The purpose of FMEA is to identify possible failure modes of the system components, evaluate their influences on system behaviour and propose proper countermeasures to suppress these effects. The generic nature of FMEA has enabled its wide use in various branches of industry reaching from business management to the design of spaceships. The popularity and diverse use of the analysis method has led to multiple interpretations, practices and standards presenting the same analysis method. FMEA is well understood at the systems and hardware levels, where the potential failure modes usually are known and the task is to analyse their effects on system behaviour. Nowadays, more and more system functions are realised on software level, which has aroused the urge to apply the FMEA methodology also on software based systems. Software failure modes generally are unknown-"software modules do not fail, they only display incorrect behaviour"-and depend on dynamic behaviour of the application. These facts set special requirements on the FMEA of software based systems and make it difficult to realise. In this report the failure mode and effects analysis is studied for the use of reliability analysis of software-based systems. More precisely, the target system of FMEA is defined to be a safety-critical software-based automation application in a nuclear power plant, implemented on an industrial automation system platform. Through a literature study the report tries to clarify the intriguing questions related to the practical use of software failure mode and effects analysis. The study is a part of the research project "Programmable Automation System Safety Integrity assessment (PASSI)", belonging to the Finnish Nuclear Safety Research Programme (FINNUS, 1999-2002). In the project various safety assessment methods and tools for software-based systems are developed and evaluated. The project is financed together by the Radiation and Nuclear Safety Authority (STUK), the Ministry of Tradeand Industry (KTM) and the Technical Research Centre of Finland (VTT).

KW - safety

KW - safety analysis

KW - reliability analysis

KW - automation

KW - programmable systems

KW - software-based systems

KW - reactor protection systems

KW - nuclear reactor safety

KW - failure mode and effects analysis

M3 - Report

SN - 951-712-584-4

T3 - STUK-YTO-TR

BT - Failure mode and effects analysis of software-based automation systems

PB - Radiation and Nuclear Safety Authority STUK

CY - Helsinki

ER -