FMEA Fault Models#
FMEA Fault Models
|
status: valid
|
||||
Fault Model for sequence diagrams
|
|||||
Note
Use the applicable fault models to ensure a structured analysis. If there are additional fault models needed, please enlarge the list of fault models.
Note
An ASIL related message is trustable in that manner that it is not corrupted, repeated, lost, delayed, masqueraded or addressed incorrectly.
Fault Models for sequence diagrams#
Element |
ID |
Failure Mode |
Importance |
|---|---|---|---|
duration/time constraint |
minimum constraint boundary is violated |
Medium |
|
duration/time constraint |
maximum constraint boundary is violated |
High |
|
execution |
process calculates wrong results, Is a subset/more precise description of fmea_fault_model__mf_01_05 or fmea_fault_model__mf_01_04. This failure mode is relevant to the analysis if e.g. internal safety mechanisms are required (level 2 function, plausibility check of the output, …) because of the size/complexity of the feature. |
High |
|
execution |
processing too slow,Only relevant if timing is considered |
Medium |
|
execution |
processing too fast,Only relevant if timing is considered |
Medium |
|
execution |
loss of execution |
High |
|
execution |
processing changes to arbitrary process |
Medium |
|
execution |
processing is not complete |
High |
|
message |
message is not received,Is a subset/more precise description of fmea_fault_model__mf_01_05. |
High |
|
message |
message received too late ,Only relevant if delay is a realistic fault |
Medium |
|
message |
message received too early,Usually not a problem |
Low |
|
message |
message not received correctly by all recipients,Different messages or messages partly lost. Only relevant if the same message goes to multiple recipients. |
High |
|
message |
message is corrupted |
High |
|
message |
message is not sent |
High |
|
message |
message is unintended sent |
High |