PROCESS HAZARD 

ANALYSIS
(Failure Mode Effect Analysis)

By
Hamdan Mohamed Yusoff, PhD
7/23/19 1
Scenario FMEA
Based

Bow-Tie PHA FTA

ETA

2
7/23/19
 FMEA : Definition
A systematic tool for identifying:
 Effects or consequences of potential product or
process failure
 Methods to eliminate or reduce the chance of failure
occurring

Can be used to :
Updated A living 1. Anticipate
regularly document 2. Prevent failures
from occurring
 FMEA History
Originated
in 1960s US Missile Program

Reliability
engineering tool
Not a primary Safety tool OSHA Recognize

Limitation - failure
does not have to
occur for a hazard to Safety Analysis
be present in system tool
 Types of FMEA

Examines the functions of component,

subsystem or main system
Design Potential failures: incorrect material choice, inappropriate
FMEA specifications
 Example: air bag (excessive air bag inflator force)

Examines the processes used to make a

component, subsystem, or main system
 Potential failures: operator assembling part
Process incorrectly, excess ventilation in process resulting in
out-spec product
FMEA  Examples: Air bag assembly process (operator
may not install air bag properly on assembly line
such that it may not engage during impact)
 FMEA Variables
• Severity
– A rating corresponding to the seriousness of an effect of a
potential failure mode (scale 1 – 10)
• Occurrence
– A rating corresponding to the rate at which a first level cause
and its resultant failure mode will occur over the design life
of the system, the design life of the product, or before any
additional process controls are applied
• Detection
– A rating corresponding to the likelihood that the detection
methods or current control will detect the potential failure
mode before the product is released for production for
design, or for process before it leaves the production facility
 Identify Failure
Mode
FMEA Steps

Identify Potential
Determine
effect(s) of
Severity
Failure Mode

Identify Potential
Determine
cause(s) of
Occurrence
Failure Mode

Evaluate Current Control

Determine Determine
Or
Detectability RPN
Design Verification process

Identify Actions for

Improvement
 The FMEA Form
A Closer Look

Identify failure modes Determine and assess

Identify causes of the Prioritize
and their effects actions
failure modes
and controls
8
 Risk Assessment with FMEA
Severity

Detection

Occurrence
 Risk Priority Number (RPN)
RPN is the assessment of the:
– Severity rating
– Occurrences rating, and
– Detection rating for a potential failure mode

RPN = Severity  Occurrences rating  Detection rating

• The severity is 9 or 10, Corrective

• Severity rating x actions
occurrences is high, should be
• High RPN taken
 Conducting FMEA

Prior to conducting FMEA, it is useful to:

– Perform functional analysis
• Identify basic and secondary function of product
or process using verb-noun relationship, e.g.
mouse trap  Catch-mouse
• Failure mode: inability to perform function, e.g.
opening is small
– Generate FMEA cause-and-effect diagrams
 FMEA Cause-and-Effect Diagram

Methods
End-user
operation
Machinery

Failure
Mode
Material
Downstream
Process Customer
People safety

Environment
 FMEA Cause-and-Effect Diagram

Methods
End-user
operation
Machinery

Failure
Mode
Material
Downstream
Process Customer
People safety

Environment
Car Airbag
The defective Takata-made airbags
explode with shrapnel, spraying
motorists with sharp bits of metal,
and have caused more than 100
injuries and at least eight deaths
in the past decade.

7/23/19 15
 FMEA Cause-and-
Methods
Effect Diagram
Lack of proper
warning

Machinery
Regulator not
Functioning Failure Mode
Occupant Bruise
unable to passenger
Material absorb inflation in crash
Bag material force
too abrasive
Injure
People lightweight Kill
Passenger passenger small
too small children

Environment
Passenger not
wearing seatbelt
 FMEA form
Part or Process Name Suppliier
Automative Passenger Air Bag
Responsibility Engineering change level

Process Potential Potential S C Potential O Current D S R Recommended

Operation, Failure Effect(s) E C Cause(s) C Control E X P Action\(s)
Product Mode Of Failure V Of Failure C Evaluation T O N
Function or Method
Purpose

Inflate Air Bag does Injure 8 - Sensor is 2 Light to notify 6 18 96 Add redundant
Bag not on passenger not that system is sensor to monitor
impact functioning malfunction impact
properly

Restrain Occupant Injure 8 Passenger 4 None 10 32 320 1. Install switch

Passenger unable to lightweight not wearing which
withstand passenger seatbelt deactivates
inflation airbag system
force unless seatbelt
is worn
2. Consumer
Bruise education of air
passenger Force Repeatability bag system
in crash 3 regulator 2 test in 3 6 18 potential
not laboratory failures
working
 Failure Modes Effects Analysis
 Very structured and reliable method - evaluating
hardware and systems.
 Easy to learn and apply
 Approach makes evaluating even complex
systems easy to do
 Time-consuming (& expensive)
 Does not readily identify areas of multiple fault
that could occur
 Not easily lent to procedural review as it may
not identify areas of human error in the process.
Perform A Design FMEA on Exercise 1
a pressure cooker
 Pressure Cooker Safety Features

1. Safety valve relieves pressure before it reaches

dangerous levels.
2. Thermostat opens circuit through heating coil
when the temperature rises above 250° C.
3. Pressure gauge is divided into green and red
sections. "Danger" is indicated when the pointer
is in the red section.
 Pressure Cooker FMEA

• Define Scope:
1. Resolution –
The analysis will be restricted to the four
major subsystems (electrical system, safety
valve, thermostat, and pressure gage).
2. Focus - Safety
Pressure cooker block diagram
 Failure Modes and Effects Analysis
(Plant Equipment)

• The effect of the failure mode is

determined by the system’s response

leaks thru
rupture
to the equipment failure.

sticks
• An FMEA identifies single failure
open closed
modes that either directly result in or
contribute significantly to an accident.
FC
• Human operator error are usually not
examined directly in an FMEA;
however, the effects of a mis-
operation as a result of human error FMEA is not efficient for
identifying an exhaustive
are usually indicated by an equipment list of combinations of
failure mode. equipment failures that
lead to accidents
 Classification of Failure Modes

1. Demanded change of • Fail to open on

state is not achieved command
• Fail to close on
command

• Leakage through the

2. Change of conditions valve in closed
or states. position
• Leakage to the
environment
 Failure Mode Keywords

• Rupture • Spurious start

• Crack • Loss of function
• Leak • High pressure
• Plugged • Low pressure
• Failure to open • High temperature
• Failure to close • Low temperature
• Failure to stop • Overfilling
• Failure to start • Hose bypass
• Failure to continue • Instrument
• Spurious (false) stop bypassed
 Pump

7/23/19 29
 Heat
exchanger
 Examples of Equipment Failure Modes Used in an FMEA
Equipment description Example Failure Modes
Pump, normally • Fails on (fails to stop when required)
operating • Transfers off (stops when required to
run)
• Seal leak/rupture
• Pump casing leak/rupture

Heat exchanger, high • Leak/rupture, tube side to shell side

pressure on tube side • Leak/rupture, shell side to external
to shell side environment
• Tube side, plugged
• Shell side, plugged
• Fouling
FMEA - Resource Requirements
Data and information sources:
1. a system or plant equipment list or P&ID,
2. knowledge of equipment function and failure modes, and
3. knowledge of system or plant function and responses to
equipment failures.
FMEAs can be performed by single analysts, but these
analyses should be reviewed by others to help ensure
completeness.
The time and cost of an FMEA is proportional to the size
of the process and number of components analyzed.
 Time Estimates for Using the
FMEA Technique

Scope Perparation Evaluation Documentation

Simple/Small
System 2 to 6 hr 1 to 3 days 1 to 3 days

Complex/Large
Process 1 to 3 days 1 to 3 days 2 to 4 weeks
 FMEA Software
FMEA-PC
(Primatech, Inc, Columbus, Ohio)
HAZOOPtimizer
(A. D. Little, Cambridge, Massachusetts)
SAFEPLAN
(Du Pont, Westlake Village, California)
Standard word processing and spreadsheet software
programs can also help analysts document the
results of FMEA studies.
 Example
An FMEA study is performed to address safety
hazards to plant personnel in a Diammonium
Phosphate (DAP) process. The DAP process
schematic is presented in Figure 1. Each
component of the reaction system is evaluated with
the relevant information recorded in an FMEA
table. The section of the FMEA table for Control
Valve B in the phosphoric acid solution line is
presented in Table 1.
UNLOADING

UNLOADING
STATIONS

STATIONS
~
PHOSPHORIC

~
AMMONIA
SOLUTION ACID
STORAGE STORAGE
L1 TANK TANK L1
Diammonium
F1 F1 phosphate
(DAP)

A B
ENCLOSED
OUTDOORS
WORK AREA

~~~~~~~~~~~~~~~~

STATIONS
LOADING
DAP STORAGE TANK

DAP process schematic for the FMEA example.

PHOS. ACID excess off-spec. Product

NH3 excess residual NH3 release

BOTH excess T and P

Table 1 Sample Pages from the FMEA Table for the DAP Process
Example
Table 1 (cont’d)
Table 1 (cont’d)
 Terima Kasih | Thank You

7/23/19 41