PFMEA Severity (9-1) mitigation needed?

kenb

Starting to get Involved
#1
We are working on a PFMEA where there is a potential failure mode than can expose operators to a hazard and it currently has severity of 9. The cause is identified as "equipment failure" and preventive maintenance is current control prevention, with occurrence = 2. If the equipment fails, the entire system shuts down to protect the operators, so we gave detection a 1.

We've debated internally on whether 9 is correct or if we even need this failure mode because in reality this is extremely unlikely to happen due to system shutdown if equipment fails.

Do we still need an action plan or can we accept this risk, knowing that the interlock will shut down the system?

Thanks.
 
Elsmar Forum Sponsor

Tagin

Trusted Information Resource
#2
Do we still need an action plan or can we accept this risk, knowing that the interlock will shut down the system?
Is there a practical way to test the interlocks regularly (e.g., at the beginning of a shift) to verify it shuts down the equipment?
 

Ron Rompen

Trusted Information Resource
#3
The severity of a failure mode has no relationship to the likelihood of it happening, or the controls for detection or prevention. You have identified a possible failure mode and determined that the effect is Failure to Meet Safety and/or Regulatory Requirements (including your own internal requirements), which may endanger an operator WITH WARNING. If this can happen then it is definitely a 9.
 

kenb

Starting to get Involved
#5
The severity of a failure mode has no relationship to the likelihood of it happening, or the controls for detection or prevention. You have identified a possible failure mode and determined that the effect is Failure to Meet Safety and/or Regulatory Requirements (including your own internal requirements), which may endanger an operator WITH WARNING. If this can happen then it is definitely a 9.
Is there a requirement that we MUST put action plan in place?
 

Johnnymo62

Haste Makes Waste
#6
First, you have already an action in place. Whatever shuts the system down to protect the operator is a detection control. Now you just need to be able to test it and prove it will always function to protect the operator.

The Ford PPAP Handbook, in the PFEMA section, requires consideration for elimination or mitigation of severities of 9 or 10 during the process design phase. If it's not possible, there are other steps to take.
 
M

malasuerte

#7
First, you have already an action in place. Whatever shuts the system down to protect the operator is a detection control. Now you just need to be able to test it and prove it will always function to protect the operator.

The Ford PPAP Handbook, in the PFEMA section, requires consideration for elimination or mitigation of severities of 9 or 10 during the process design phase. If it's not possible, there are other steps to take.
Couple of comments:

  • the shut down is not "detection". As described, your Detection should be how likely you can detect the failure. So basically, you are saying the only way you can detect this failure is after the tool shuts down. Just something to think about slightly unrelated to your op.
  • Johnny's point is the main answer to your question: In order to change from 9-10; You have to design out the risk completely. So in your instance, you would have to design out whatever can cause the hazard - so there is no hazard due to this failure.

Side note: if we even need this failure mode because in reality this is extremely unlikely to happen due to system shutdown if equipment fails.
  • The PFMEA is a tool to present possible risks. Just because it is unlikely, does not mean it is not worthy of being in the PFMEA. It is also a learning tool for the future. Maybe this risk increases years from now because of a new tool, or process or location - it will help to have it identified so others can learn from your experience/assessment.
  • Secondly, It feels like you are going about this particular failure mode from the wrong direction. From what I read, you have a 'Failure mode'; but you go on to say that the tool shuts down after the failure mode occurs. Is that correct? If I read that right, you have an FMEA line item addressing the Potential outcome of the failure (the hazard), but not the failure mode itself. Your FMEA should be addressing the failure mode. The tool shutting down is not addressing the failure mode. It is the prevention of the hazard.
Sorry for the wordy response.

But I think you should keep the item and revisit it to possibly split it into 2 line items. That is my opinion.


As for the requirement to put an action plan in place, I will say - Any failure modes with Severity, Occurrence or Detection Ranking of 9 or 10 require improvement to reduce the risk, regardless of the RPN value.
 

kenb

Starting to get Involved
#8
Couple of comments:

  • the shut down is not "detection". As described, your Detection should be how likely you can detect the failure. So basically, you are saying the only way you can detect this failure is after the tool shuts down. Just something to think about slightly unrelated to your op.
  • Johnny's point is the main answer to your question: In order to change from 9-10; You have to design out the risk completely. So in your instance, you would have to design out whatever can cause the hazard - so there is no hazard due to this failure.

Side note: if we even need this failure mode because in reality this is extremely unlikely to happen due to system shutdown if equipment fails.
  • The PFMEA is a tool to present possible risks. Just because it is unlikely, does not mean it is not worthy of being in the PFMEA. It is also a learning tool for the future. Maybe this risk increases years from now because of a new tool, or process or location - it will help to have it identified so others can learn from your experience/assessment.
  • Secondly, It feels like you are going about this particular failure mode from the wrong direction. From what I read, you have a 'Failure mode'; but you go on to say that the tool shuts down after the failure mode occurs. Is that correct? If I read that right, you have an FMEA line item addressing the Potential outcome of the failure (the hazard), but not the failure mode itself. Your FMEA should be addressing the failure mode. The tool shutting down is not addressing the failure mode. It is the prevention of the hazard.
Sorry for the wordy response.

But I think you should keep the item and revisit it to possibly split it into 2 line items. That is my opinion.


As for the requirement to put an action plan in place, I will say - Any failure modes with Severity, Occurrence or Detection Ranking of 9 or 10 require improvement to reduce the risk, regardless of the RPN value.
I appreciate wordy responses such as this.

We realize that shutdown is a bit of a stretch for detection, but this is indeed how we'd know the equipment failed. As far as timing, my understanding is that if the equipment fails the interlock will shut it down quickly if not immediately. So you are technically correct that it happens after the failure mode occurs.

If we were to split this into 2 line items, are you suggesting one for the equipment failure and one for the interlock failure? If this is the case, our detection would likely be visual and drive our RPN way up to where we are forced to mitigate risk but there is no practicable solution.
 
M

malasuerte

#9
I appreciate wordy responses such as this.

We realize that shutdown is a bit of a stretch for detection, but this is indeed how we'd know the equipment failed. As far as timing, my understanding is that if the equipment fails the interlock will shut it down quickly if not immediately. So you are technically correct that it happens after the failure mode occurs.

If we were to split this into 2 line items, are you suggesting one for the equipment failure and one for the interlock failure? If this is the case, our detection would likely be visual and drive our RPN way up to where we are forced to mitigate risk but there is no practicable solution.

Obviously, we could have plenty of chatter about this :) (i think this is a fun scenario, yes sick).

I am going to throw you a curveball, (and I say this from my perspective of a larger company), your FMEA should have a scope or perspective when you start. In our case, our PFMEA is built from the perspective of the quality/reliability of the outgoing product. In our case, the Safety items are handled separately.

If you don't have separate FMEAs (scopes), then to me it could be 2 lines. I would want to prevent the equipment failure and prevent the interlock failure. But as per above, at some point, you have to scope the FMEA. So maybe the equipment failure is not even called out and only the interlock failure?? But, what if the tool is running its process, this equipment failure occurs, it shuts down the tool, the product is ruined because it stopped mid-process and can't be recovered? So one line is Equipment Failure to prevent the misprocessing; one line for the interlock failure to prevent injury to the operator/s.

We could go round and round if we wanted to. I'm sure :) I certainly don't want to suggest doing more work, just for the sake of it.

But to the main question - for those 9/10 Sev scores, you should, in theory, still have an action plan. But that action plan could be "ask/recommend that future tool build design see if they can remove the risk of injury when the interlock fails."

Disclaimer: I think about things differently than most....and ask a lot of questions....My views are notfor everyone. :ROFLMAO::ROFLMAO:
 

Jim Wynne

Staff member
Admin
#10
It occurs to me that it's possible, and perhaps likely, that this situation should never have made it to the PFMEA form to begin with. Things that are possibly hazardous but extremely unlikely should be weeded out in the first step of the PFMEA process, which should be some form of brainstorming. We could, to use an extreme example, rule out asteroid strikes and machines blowing up if there's no good reason to suspect that either is likely to happen.
 
Thread starter Similar threads Forum Replies Date
R DFMEA/PFMEA mitigation of high severity (9-10) in low volume products IATF 16949 - Automotive Quality Systems Standard 1
J On PFMEA for danger labels - Label always should be assigned severity 10 ? FMEA and Control Plans 3
A PFMEA severity score different applications FMEA and Control Plans 11
O PFMEA - Reducing Severity (S) Ranking - Manufacturing Process Design Changes FMEA and Control Plans 4
C Determining PFMEA Severity for Armored Parts FMEA and Control Plans 5
G Internal vs. External PFMEA Severity Rankings FMEA and Control Plans 12
C Does the PFMEA Severity have to match the DFMEA Severity? FMEA and Control Plans 3
M PFMEA Severity - What is Process FMEA Severity estimation based on? FMEA and Control Plans 77
G AIAG PFMEA (3rd edition) Severity Rankings - Define a "portion of the product" FMEA and Control Plans 3
Ron Rompen Development of the PFMEA - SEVERITY scores not derived from the DFMEA - Ford FMEA and Control Plans 13
R PFMEA - RPN - Severity, Occurrence and Detection - Which one does not change? FMEA and Control Plans 67
M PFMEA Severity Ranking - 9 is with warning and a 10 is without warning FMEA and Control Plans 5
Howard Atkins Differences Between QS-9000 and VDA PFMEA Severity Index VDA Standards - Germany's Automotive Standards 4
C Pass through characteristics on PFMEA FMEA and Control Plans 3
S Initial PFMEA FMEA and Control Plans 6
L PFMEA for test procedures (ISO 14971) ISO 14971 - Medical Device Risk Management 5
Sonja D AIAG VDA PFMEA and Control Plan training FMEA and Control Plans 9
J Error Proofing sensors in PFMEA FMEA and Control Plans 2
DuncanGibbons Process flow & PFMEA for production planning and simulation activities? Process Maps, Process Mapping and Turtle Diagrams 7
D PFMEA Software search IATF 16949 - Automotive Quality Systems Standard 7
P Benefit risk analysis on pFMEA ISO 14971 - Medical Device Risk Management 9
P Equipment URS, pFMEA and dFMEA ISO 14971 - Medical Device Risk Management 3
W Pfmea function requirement and failure mode FMEA and Control Plans 6
G Control Plan & PFMEA Review Procedure? FMEA and Control Plans 8
M Material incoming to the production process reflected in PFMEA FMEA and Control Plans 9
R Power Failure or Cold Start Situation in PFMEA FMEA and Control Plans 6
M "Issue & continuous improvement" columns in AIAG-VDA PFMEA form FMEA and Control Plans 4
C AIAG-VDA PFMEA - 1st special Characteristics? [5step vs. 6step] FMEA and Control Plans 3
T Linking Control Plans and PFMEA's FMEA and Control Plans 3
T PFMEA and Control Plans on legacy product FMEA and Control Plans 5
T Annual Validation as a detection mode on a PFMEA? FMEA and Control Plans 5
P Understanding DFMEA and PFMEA - Supplier Related IATF 16949 - Automotive Quality Systems Standard 21
A ISO 14971 PFMEA Manufacturing Risk ISO 14971 - Medical Device Risk Management 2
D Can PFMEA be used in disposition of NC material? ISO 14971 - Medical Device Risk Management 4
V Customer Print Specifications on PFMEA FMEA and Control Plans 13
blile Increasing PFMEA occurrence ranking after non-conformance FMEA and Control Plans 4
A PFMEA new AIAG FMEA and Control Plans 0
Q Is that any difficulty to do software DFMEA and PFMEA in ISO 13485? ISO 13485:2016 - Medical Device Quality Management Systems 5
bobdoering Informational New AIAG PFMEA Process - Excel Template Attached FMEA and Control Plans 23
A Redesigning our process flow chart, PFMEA and Control Plan Process Maps, Process Mapping and Turtle Diagrams 4
A PFMEA English language question IATF 16949 - Automotive Quality Systems Standard 4
S Is there any connection between PFMEA and Acceptance Plan FMEA and Control Plans 1
K PFMEA (Process FMEA) - Can be common for 3000 products? FMEA and Control Plans 2
N PFMEA repetitive failure modes in subsecuent stations. FMEA and Control Plans 1
T DFMEA/PFMEA and SCCAF alignment FMEA and Control Plans 19
N Control plan evaluation methods - Which methods should be carried over from the PFMEA? FMEA and Control Plans 3
A PFMEA - How long should the recommended actions remain in the recommended actions column? APQP and PPAP 3
S How to fulfill PFMEA "requirement" column? FMEA and Control Plans 2
T Informational Family or Baseline PFMEA Rules FMEA and Control Plans 22
M Control Method correspondence between PFMEA and CP FMEA and Control Plans 8

Similar threads

Top Bottom