Complete Learning Module

Dependent Failure Analysis (DFA)

10 chapters You learn to prove that redundant channels and ASIL decomposition really are independent, running the six-step ISO 26262-9 Clause 7 method to hunt dependent failure initiators, coupling factors, and cascading paths across hardware and software.

Start Learning View Curriculum

How You Learn

Video and text stay in sync. As you scroll through the chapter, the video jumps to the matching explanation automatically.

Scroll SyncVideo follows your reading position

Click to JumpClick any cue to jump the video

Chapter NavNavigate from video or content

BookmarksSave sections, resume anytime

iso26262.academy/concepts/dependent-failure-analysis-(dfa)

...

Saved

08:12

Ch 2

Synced to reading position

Learning Objectives

Validate independence claims

Decide whether ASIL decomposition and redundancy claims hold by proving no single root cause bridges the channels.

Identify dependent failure initiators

Systematically surface the root-cause events and coupling factors that link elements you assumed were independent.

Run the six-step method

Apply the structured DFA process from element identification through coupling assessment to verified closure.

Select effective mitigations

Choose physical separation, diversity, partitioning, and monitoring measures that actually break the coupling you found.

Chapters

Why DFA Matters

Independence and redundancy claims collapse the moment a single root cause can defeat both channels at once, which is exactly what DFA exists to catch.

Common-Cause vs Cascading

Two distinct patterns by which one initiating event defeats several safety-relevant elements, with the normative definitions that keep your documentation precise.

Coupling Factors and DFI

The analytical core of DFA, where you identify dependent failure initiators and the coupling factors (shared power, clock, memory, environment) that connect supposedly independent elements.

DFA in the Lifecycle

DFA runs iteratively across the V-model rather than as a single gate, with defined inputs and outputs at the concept, hardware, and software phases.

The DFA Method

A structured six-step process that turns architecture documentation into a validated independence argument, complete with a reusable worksheet and the pitfalls to avoid.

Coupling-Factor Checklist

A category-by-category checklist (proximity, shared power and ground, shared memory and communication, common IP and tooling) so no plausible DFI path slips through.

DFA for Hardware

Hardware is where DFIs are most tangible, so this chapter covers shared power, shared die, and shared ground, plus a dual-core lockstep case study and a mitigation hierarchy.

DFA for Software

Software coupling rarely shows up in schematics, so this chapter exposes shared memory, shared operating system, and shared libraries that can silently break independence.

Worked Example

A complete DFA walkthrough for a dual-channel brake-by-wire architecture, moving from stated independence claims to a fully closed DFI register.

DFA vs FFI vs CCF

DFA, freedom from interference, common-cause failure, and cascading failure are four distinct but linked terms, and this chapter pins down each one for correct safety documentation.

Diagrams & Visuals

Common-Cause vs Cascading Animator

Animated contrast showing one shared root striking both elements at once versus a failure propagating element to element.

Coupling-Factor Radial Map

Radial view of coupling-factor categories around a pair of elements, exposing every shared resource and environment that could host a DFI.

DFA Lifecycle Timeline

V-model timeline placing DFA iterations at concept, system, hardware, and software phases with their inputs and outputs.

Redundancy vs Independence Comparator

Side-by-side comparison of redundant channels that share elements against channels with verified independence, showing how coupling erodes the benefit.

Freedom From Interference Partitioning

Memory, timing, and exchange partitioning between mixed-ASIL software components, highlighting where interference paths must be blocked.

Beta-Factor Sensitivity Curve

Sensitivity plot showing how the common-cause beta factor degrades the effective failure rate of a redundant pair as coupling rises.

Worked Example

Dual-Channel Brake-by-Wire DFA

A full DFA pass over a redundant pressure-sensor pair and a primary plus secondary ECU, working from the stated independence claims down to a closed DFI register.

Map the architecture and list every independence and FFI claim it relies on
Hunt DFIs across shared 5 V supply, shared CAN segment, and shared compartment
Score each candidate by coupling strength and consequence severity
Assign mitigations such as independent supplies, end-to-end protection, and physical separation
Track open items and define the evidence needed to close each one

DFI Register Extract

DFI-01: Shared 5 V reference disables both sensor channels

Unlock the full register and mitigation set

Master Dependent Failure Analysis

Work through all ten chapters and turn fragile independence claims into evidence you can defend at an assessment.

Start Learning Now

10 Chapters6-Step MethodWorked ExampleISO 26262-9

Learning Objectives

Validate independence claims

Decide whether ASIL decomposition and redundancy claims hold by proving no single root cause bridges the channels.

Identify dependent failure initiators

Systematically surface the root-cause events and coupling factors that link elements you assumed were independent.

Run the six-step method

Apply the structured DFA process from element identification through coupling assessment to verified closure.

Select effective mitigations

Choose physical separation, diversity, partitioning, and monitoring measures that actually break the coupling you found.

Chapters

Why DFA Matters

Independence and redundancy claims collapse the moment a single root cause can defeat both channels at once, which is exactly what DFA exists to catch.

Common-Cause vs Cascading

Two distinct patterns by which one initiating event defeats several safety-relevant elements, with the normative definitions that keep your documentation precise.

Coupling Factors and DFI

The analytical core of DFA, where you identify dependent failure initiators and the coupling factors (shared power, clock, memory, environment) that connect supposedly independent elements.

DFA in the Lifecycle

DFA runs iteratively across the V-model rather than as a single gate, with defined inputs and outputs at the concept, hardware, and software phases.

The DFA Method

A structured six-step process that turns architecture documentation into a validated independence argument, complete with a reusable worksheet and the pitfalls to avoid.

Coupling-Factor Checklist

A category-by-category checklist (proximity, shared power and ground, shared memory and communication, common IP and tooling) so no plausible DFI path slips through.

DFA for Hardware

Hardware is where DFIs are most tangible, so this chapter covers shared power, shared die, and shared ground, plus a dual-core lockstep case study and a mitigation hierarchy.

DFA for Software

Software coupling rarely shows up in schematics, so this chapter exposes shared memory, shared operating system, and shared libraries that can silently break independence.

Worked Example

A complete DFA walkthrough for a dual-channel brake-by-wire architecture, moving from stated independence claims to a fully closed DFI register.

DFA vs FFI vs CCF

DFA, freedom from interference, common-cause failure, and cascading failure are four distinct but linked terms, and this chapter pins down each one for correct safety documentation.

Diagrams & Visuals

Common-Cause vs Cascading Animator

Animated contrast showing one shared root striking both elements at once versus a failure propagating element to element.

Coupling-Factor Radial Map

Radial view of coupling-factor categories around a pair of elements, exposing every shared resource and environment that could host a DFI.

DFA Lifecycle Timeline

V-model timeline placing DFA iterations at concept, system, hardware, and software phases with their inputs and outputs.

Redundancy vs Independence Comparator

Side-by-side comparison of redundant channels that share elements against channels with verified independence, showing how coupling erodes the benefit.

Freedom From Interference Partitioning

Memory, timing, and exchange partitioning between mixed-ASIL software components, highlighting where interference paths must be blocked.

Beta-Factor Sensitivity Curve

Sensitivity plot showing how the common-cause beta factor degrades the effective failure rate of a redundant pair as coupling rises.

Dual-Channel Brake-by-Wire DFA

A full DFA pass over a redundant pressure-sensor pair and a primary plus secondary ECU, working from the stated independence claims down to a closed DFI register.

Map the architecture and list every independence and FFI claim it relies on

Hunt DFIs across shared 5 V supply, shared CAN segment, and shared compartment

Score each candidate by coupling strength and consequence severity

Assign mitigations such as independent supplies, end-to-end protection, and physical separation

Track open items and define the evidence needed to close each one