자동차 안전무결성 수준(ASIL)에 기초한 FMEA 위험평가에 대한 연구

Abstract

FMEA is a technique that identifies all possible failure modes and their potential causes of a design or a process and evaluates their effects. Although it is very widely adopted in the manufacturing as well as service industries, its risk evaluation metric RPN has room for further improvement. With all the previous studies on improvement of RPN, it still has some drawbacks such as (i) subjective and inconsistent evaluating process, (ii) uniform weight allocation to its three components, (iii) numerical figures without practical meaning except priority which also is doubtful, and (iv) dependence on intuitions and personal experiences of the FMEA members. This thesis suggests a new risk evaluation metric RPM based on ASIL for application to the automotive industries. ASIL is determined through a systematic and logical risk evaluation process, i.e. H&R of ISO 26262. RPM provides more realistic information on the magnitude of risk for each failure mode and its corresponding causes, compensating some drawbacks of the traditional FMEA. This thesis is structured as follows: First, previous studies are reviewed on the traditional FMEA and the H&R process of ISO 26262 to develop a new risk evaluation metric and process. With FMEA, the works on the shortcomings of RPN and its improvement are reviewed. With ISO 26262, the works on H&R process and ASIL determination are mainly focused. Next, a systematic model is proposed for classifying the three properties of the hazardous event and a refined procedure is suggested for ASIL determination. To determine a proper ASIL for each hazardous event with a proper safety goal, the right classes should first be determined for the three properties of the hazardous event; (i) severity of harm from the resultant accident, (ii) exposure to the relevant operational situation, and (iii) controllability to avoid the induced risks. ASIL can be clearly determined with right classes of these three properties. But no specific methodologies or processes for their classification can be found in ISO 26262, except only a rough guideline with a simplified set of illustrative tables. To perform a effective H&R in ISO 26262, an operational situation analysis model is suggested. The proposed model provides a specific method to get a more objective ASIL compared with that in the standard. Scrutinizing the current methodology, a refined method is developed. With an application example of “EPB system,” its effectiveness is validated for ASIL determination. Finally, a modified systematic and logical approach for FMEA is suggested, which compensates some shortcomings of RPN with relevant strength of ASIL for Safety System. By comparing the objectives, determination procedures, and key conceptual differences of RPN and ASIL, a refined method of risk evaluation and a new risk metric RPM are devised. While the traditional FMEA provides only rough evaluation of relative risk for each failure, the proposed method provides a more logical and practical procedure of risk evaluation. The RPM provides not only a comparative priority rank but also the degree of physical seriousness. If the severity can be expressed as monetary amount of losses, RPM may have even more benefits for various applications.