Lecture 9 - Safety and Fail-safe Design Flashcards
What does safety mean as engineers?
It is a property of a system and it is the freedom from accident or loss; the system does not endanger life or the environment
What are secondary costs that may follow after an unsafe product?
1) Loss of customer goodwill and/or customers
2) Warranty expenses
3) Litigation
4) Reputation
What formula represents product safety from an economic standpoint?
T = P + S where P (Primary cost of a product; including safety measured) and S (Secondary costs)
Define the term ‘hazard’
(uh oh); A situation with potential danger to people, environment, and/or material
Define the term ‘incident’
(uh oh becomes real); A situation with actual danger to people, environment, or material
Define the term ‘accident’ or ‘mishap’
(uh oh affects someone); Events that cause death, injury, environmental, and/or material damage
What is a formula used to calculate risk?
Risk = Penalty x Likelihood
(Likelihood of that penalty happening)
Define the term ‘risk’
it is the potential that something unwanted and harmful may occur
What are three types (manner) of failure handling?
1) Fail operational
2) Fail-over to reduced capability system
3) Fail safe
What is ‘fail operational’?
Systems’ functionality dosent dependent on component failure; accomplished through redundancy
What is ‘fail-over to reduced capability system’?
1) Simple algorithms
2) Mechanical backup
3) Manual backup
What is ‘fail safe’?
System no longer delivers the original function but transitions to a safe mode; may used a reduced capability system as a ‘limp home’ until it reaches a safe state
What are two ways to avoid faults from occuring?
1) Careful design to avoid defects
2) Using more robust software and hardware
What are two ways to detect and contain faults?
1) Error correction in hardware; redundant CPUs
2) Watchdog timers for failed tasks; raises flags
What does FTA stand for?
Fault Tree Analysis
What is FTA?
it is a failure analysis in which an undesired state or system is analyzed through the use of boolean logic to link and relate to prior events
What can FTA be used for? Name three of its uses
1) To identify the best ways to reduce a risk
2) To determine the probability of an accident
3) To determine a particular system’s level’s failure (isolation)
From an FTA standpoint, what would correspond to “AND”?
If two causes are independant and both must occur to lead to the end event
From an FTA standpoint, what would correspond to “OR”?
If either event can be a cause/can lead to the final event
What is the safe-life design philosophy?
Says that the component or system is designed to not fail within a specific period; also says that testing and analysis provide resonable estimates for the expected lifetime
What is the fail-safe design philosophy?
Sort of design that incorporates a plethora of techniques to mitigate losses due to component or system failures; failure is inevitable so prepares for a ‘safe failure’
What is damage tolerance design philosophy?
The ability of an asset to sustain an already anticipated damage until the damage is picked up in one of the inspections; safety-by-inspection
How can safe-life design be implemented?
Involves testing and analysis to estimate how long the component can be in service before it will be most likely to fail
How can fail-safe design be integrated?
Use of redundancy, intentional weak links, physical laws and early detection
