1

Failure Modes and Effects Analysis

Click to add text

2

Failure Modes and Effects Analysis (FMEA)● Purpose

– Systematically, prospectively, identify ways in which a process (system) can fail: Failure Modes.

– Identify factors potentially contributing to failures.– Estimate risk of failure– Identify countermeasures– Develop requirements

● Method (WSE workbook 2.0)– Copy IDEF0 model nodelist into WSE [Overview] worksheet– Select task on which to perform FMEA– Prepare task FMEA worksheet from [FMEA template] worksheet

● copy [FMEA template] worksheet● copy/type task name into upper left cell● rename new task FMEA worksheet to task's A-number

– Perform FMEA

3

PRIS IDEF0 Model Nodes in WSE Workbook

4

PRIS FMEA in WSE Workbook

5

FMEA Fields● Contributing Factors

– Circumstances, conditions, events, factors, ... anything that might make a failure mode more likely.

● Potential Failure Mode– A way in which the process/system can fail:

● human error (see below)● acute injury (e.g., cut, broken bone)● cumulative injury (e.g., carpal tunnel syndrome)● likely and significant equipment/tool failure● etc.

● Potential Effects of Failure Mode– Consequences of the failure.

6

FMEA Fields (2)● Severity

– Numeric rating of the estimated severity of consequences, of the failure, e.g.,

● negligible● minor● moderate● major● catastrophic

● Probability– Numeric rating of the estimated probability that the failure will

occur, e.g.,1. Remote2. Unlikely3. Occasional4. Common5. Frequent

7

FMEA Fields (3)● Nondetectability

– Numeric rating of the difficulty of detecting the failure in time to prevent or mitigate its consequences, e.g.,

1.Should the failure occur, there is a virtual certainty that the existing controls will detect it.

2.Very high3.Should the failure occur there is a high probability that the existing

controls will detect it.4.Moderately high5.Existing controls have difficulty detecting the failure6.Low7.Controls are weak. Detection could depend on a lucky catch.8.Remote9.Very remote10.No controls for this failure mode exist

● RPN: Risk Priority Number– RPN = Probability x Severity x Nondetectability

8

FMEA Fields (4)● Potential Remediations

– Design strategies that could reduce the likelihood of the failure mode.

● Design Requirements– Abbreviated requirements statements for remediations.– Requirement numbers ([Requirements] worksheet).

9

Chapter 17 Human Error Click to add text

10

IE 366

Human Error in the

● Cockpit

● Operating Room

11

IE 366

China Eastern Airlines Flight 583

Copyright Anthony Cheng, used with permission, downloaded from http://www.airliners.net/open.file/610387/M/ 30 Jun 04

12

IE 366

MD-11 Cockpit

Copyright Harri Koskinen, used with permission, downloaded from http://www.airliners.net/open.file/463667/M/ 30 Jun 04

13

IE 366

China Eastern Airlines Flight 583● Background

– McDonnell Douglas MD-11– 6 April 1993– Beijing → Los Angeles– 235 passengers, 20 crew on board

● Conditions– 950 nmi S of Shemya, Alaska– 33,000 ft MSL– 298 kt

● Events– inadvertent deployment of leading edge wing slats– series of violent oscillations– diverted to USAFB Shemya

14

IE 366

China Eastern Airlines Flight 583 (continued)● Consequences

– 2 passengers fatally injured– 53 passengers, 7 crew seriously injured– 96 passengers with minor injuries– passenger cabin substantially damaged

● NTSB Findings– deficient flap/slat handle design– captain (in right seat) inadvertently moved flap/slat handle while making

corrections to MCDU● Interpretation

– System factors• highly mode-sensitive control• positive control bias• inadequate protection against inadvertent operation• proximity to other control

– Human factors• limits to motor accuracy• inability to divide attention/distraction• cost of concurrence

15

IE 366

Eastern Airlines Flight 401

Copyright Mike Sparkman, used with permission, downloaded from http://www.airliners.net/open.file/421710/L/ 30 Jun 04

16

IE 366

L-1011 Cockpit

Copyright Gabe Pfeiffer, used with permission, downloaded from http://www.airliners.net/open.file/560839/L/ 30 Jun 04

17

IE 366

Eastern Airlines Flight 401● Background

– Lockheed L-1011– 29 December 1972– JFK → Miami– 163 passengers, 13 crew on board

● Conditions– approaching Miami– < 2,000 ft MSL

● Events– landing gear handle down, nose gear green light failed to illuminate– climbed to 2,000 ft, set autopilot– entire flightcrew + observer tried to diagnose problem

• mechanical indicator in electronics bay• nose gear light

– began gradual descent– crashed into Everglades

18

IE 366

Eastern Airlines Flight 401 (continued)● Consequences

– 96 passengers, 5 crew fatally injured– 65 passengers, 10 crew non-fatally injured

● NTSB Findings– Flightcrew was

• pre-occupied with nose gear problem• distracted from monitoring instruments

– Captain failed to assure that someone was monitoring altitude● Interpretation

– System factors• susceptibility to minor malfunctions• low altitude• high speed• subtle autopilot behavior

– Human factors• inability to divide attention• stress-induced narrowing of attention

19

IE 366

4%

4%

5%

12%

14%

62%

0% 20% 40% 60% 80% 100%

Airport/ATC

Maintenance

Miscellaneous /Other

Weather

Airplane

Flightcrew

Human Error and Aviation Safety

Source: Boeing Commercial Airplanes

Primary Causes of Aircraft AccidentsHull Loss Accidents – Worldwide Commercial Jet Fleet – 1994 Through 2003

20

IE 366

Human Error and Operating Room Performance● Patient Safety

– Health Care, in general● 44,000 - 98,000 deaths in the US annually due to errors● 8th leading cause of death in US● Exceeds motor vehicle accident deaths, etc. ● $17 - $29 billion spent annually (Institute of Medicine,

2000)– In the hospital

● 3.7% of hospital admissions experience an adverse event

(Leape et al, 1991)– In the OR

● 41% of hospital adverse events occur in the OR

21

IE 366

Laparoscopy: Minimally Invasive Surgery of the Abdomen

Photo courtesy of Alex Gandsas, MD. Used with permission.

22

IE 366

Laparoscopy

Patient’sabdominalcavity

Overhead ViewSide View

23

IE 366

Laparoscopy: Trocar Injuries● Trocar should

– penetrate abdominal wall– just enter abdominal cavity

● Trocar may– penetrate too far– nick bowel (especially if adhesions present from previous surgery)– damage major blood vessels (especially aorta)

● Trocar injuries– US

● 10,000 trocar injuries ~1991 – 2001● 50 – 240 fatalities / year

– Europe● 1 injury / 1,000 surgeries (0.1%)● 1 fatality / 100,000 surgeries (0.001%)

24

IE 366Patient Mortality in US Laparoscopic Cholecystectomies, 1991-2000(source: Hunter, 2006)

Totals

Year All Laparoscopic Mortality (Laparoscopic)

19901991199219931994199519961997199819992000

494,541517,433506,980470,692465,703429,439428,901421,583406,817405,367431,605

N/A270,988 (52.37%) a

324,794 (64.06%)319,837 (67.95%)315,956 (67.84%)296,245 (68.98%)300,364 (70.03%)299,710 (71.09%)292,651 (71.94%)299,099 (73.78%)324,783 (75.25%)

N/A900 (0.33%) b

1,424 (0.44%)1,381 (0.43%)1,097 (0.35%)1,201 (0.41%)1,305 (0.43%)1,332 (0.44%)1,685 (0.58%)1,613 (0.54%)1,630 (0.50%)

N/A, Case volume not available due absence of specific ICD-9 code for LC or partial LC a LC volume projected for first 3 quarters of 1991, based on last quarter data b Mortality derived from last quarter 1991 data only

25

IE 366

Lessons Learned from Aviation and Medicine● Causes of Adverse Events

– Rarely• individual incompetence• lack of due diligence• bad luck

– Commonly• Vulnerable Systems*• Fallible Humans*

* from E.L. Wiener, “Fallible Humans and Vulnerable Systems: Lessons Learned from Aviation,” 1987

26

IE 366Human Fallibility + System Vulnerability → Human Error

● Human Error– an occasion “… in which a planned sequence of mental or physical

activities fails to achieve its intended outcome, and when these failures cannot be attributed to the intervention of some chance agency.”

– James Reason, Human Error● Broad Classes of Human Errors

– Planning Failures: Mistakes• inappropriate plan, misdirected intention• plan carried out as intended• e.g., wrong medication prescribed & administered

– Execution Failures• Slips

– appropriate plan, intention– part of plan performed incorrectly– e.g., trocar injury

• Lapses– appropriate plan, intention– part of plan omitted– e.g., forget to remove sponge before closing

33

IE 366

Reducing Human Error in the Cockpit● Universality of pilot error widely acknowledged.● Most pilot error due to innate human fallibility.● Contribution of pilot error to aircraft accidents well understood.● Pilot error anticipated, prevented, mitigated.● Countermeasures, e.g.,

– pointer/counter altimeter– moving “tape” altimeter– moving map display– checklists– other mnemonics (memory aids)– Crew Resource Management (CRM) training

34

IE 366

Three-Pointer Altimeter

5

7

6

8

9

01

2

3

4

35

IE 366

Pointer-Counter Altimeter

5

7

6

8

9

01

2

3

4

7 8 03 1

36

IE 366

Moving Tape Altimeter

37

IE 366

Moving Map Display

38

IE 366

Checklistse.g., Boeing 757

39

IE 366

Other Mnemonics(Memory Aids)

● Before-Landing Mnemonic: GUMPS

– Gas (fuel system configuration)– Undercarriage (landing gear down)– Mixture (engine fuel/air mixture)– Props (propeller pitch)– Systems (other system settings)

40

IE 366

Crew Resource Management (CRM) Training● Communication / Interpersonal Skills● Situational Awareness● Problem Solving / Decision Making / Judgment● Leadership / “Followership” / Teamwork● Task Management● Stress Management● Critique

41

IE 366

Results(not attributable solely to Human Factors Engineering)

● Hull loss rate (per million departures)– 1959-1990: 1.91– 1994-2003: 0.96

● Hull loss accidents due to flightcrew error– 1959-1990: 75%– 1994-2003: 62%

42

IE 366

Human Factors Engineering Principles to Reduce Human Error

● Display Design Principles– Typography– Display Coding (color, size, location, ...)– Pictorial Realism

● Control Design Principles– Control Coding (type, location, size, shape, ...)– Movement Compatibility– Prevention of Inadvertent Activation

● Workstation Design Principles– Accessibility– Accommodation– Frequency of Use– Order of Use– Spatial Compatibility– Standardization

● Job Performance Aids– Mnemonics, Memory Aids– Checklists– Decision Aids– Computation Aids

and many more …

43

IE 366Work Systems Engineering Guidelines for Reducing Human Error (from text)1. Get enough information.2.Ensure that information is understood.3.Have proper equipment/procedures/skill.4.Don't forget.5.Simplify the task.6.Allow enough time.7.Have sufficient motivation/attention.8.Give immediate feedback on errors.9.Improve error detectability.10.Minimize consequences of errors.