Complete Learning Module

FMEDA: Quantitative Hardware Safety Analysis

10 chapters Master the quantitative engine of ISO 26262-5: turn per-mode failure rates in FIT, failure-mode distributions, and diagnostic coverage claims into the SPFM, LFM, and PMHF metrics that decide whether a hardware design meets its ASIL target.

Start Learning View Curriculum

How You Learn

Video and text stay in sync. As you scroll through the chapter, the video jumps to the matching explanation automatically.

Scroll SyncVideo follows your reading position

Click to JumpClick any cue to jump the video

Chapter NavNavigate from video or content

BookmarksSave sections, resume anytime

iso26262.academy/concepts/fmeda:-quantitative-hardware-safety-analysis

...

Saved

08:12

Ch 2

Synced to reading position

Learning Objectives

Rate every failure mode in FIT

Pull justified base failure rates from approved handbooks and correct them for the vehicle mission profile.

Classify faults correctly

Apply the decision tree to separate safe, single-point, residual, and latent multiple-point faults against a defined safety goal.

Defend diagnostic coverage claims

Match safety mechanisms to coverage tiers and back each percentage with fault-injection evidence rather than assumption.

Compute the three hardware metrics

Aggregate FMEDA data into SPFM, LFM, and PMHF and check the results against the relevant ASIL targets.

Chapters

What FMEDA Is

Positions Failure Modes, Effects and Diagnostic Analysis (FMEDA) as the quantitative, coverage-aware extension of FMEA that feeds the mandatory hardware metrics of ISO 26262-5.

Failure Rates and FIT

Defines the FIT unit (one failure per 10^9 operating hours), the recognised reliability handbooks, mission-profile correction, and the split of total lambda into safe and dangerous fractions.

Failure-Mode Distribution

Shows how a component lambda is apportioned across its individual failure modes by percentage, then each mode classified as safe or dangerous against the safety goal in scope.

SPF, RF, and MPF Faults

Classifies every failure mode as Safe, Single-Point Fault, Residual Fault, or Multiple-Point Fault using a decision tree, and explains the latent multiple-point case.

Diagnostic Coverage

Covers how a safety mechanism reduces the dangerous undetected failure rate, the low, medium, and high coverage tiers, and the evidence needed to defend a diagnostic coverage claim.

Deriving SPFM, LFM, PMHF

Rolls FMEDA data up into the three mandatory metrics using the Annex C equations, then demonstrates the aggregation on a compact three-component numeric example.

Building the FMEDA

Lays out the FMEDA spreadsheet column structure, the analysis workflow from bill of materials to frozen metrics, and an annotated table for an EPS phase-monitoring circuit.

Worked Example

Walks an end-to-end FMEDA for a small ADAS perception subsystem (microcontroller, sensor, power supply), computing the metrics against an ASIL B safety goal.

Pitfalls and Review

Catalogues the common errors that invalidate FMEDA results, from optimistic coverage claims to under-counted latent faults, and supplies a practical review checklist.

Data Sources and Tools

Surveys the reliability prediction handbooks, automotive mission-profile standards, FMEDA tooling, and how the per-mode failure rates feed quantitative Fault Tree Analysis.

Diagrams and Visuals

FIT Rate Explorer

Interactive view of how temperature, stress, and mission profile move a component failure rate across its useful-life region.

Failure-Mode Distribution Pie

Splits a single component lambda across its failure modes and shades the safe versus dangerous fractions.

Fault Classification Decision Tree

Branching flow that sorts each failure mode into Safe, Single-Point, Residual, or Multiple-Point fault.

Diagnostic Coverage Visualizer

Shows a safety mechanism carving the detected portion out of a dangerous failure rate at low, medium, and high tiers.

Metrics Roll-up Calculator

Aggregates per-mode rates into Single-Point Fault Metric, Latent Fault Metric, and PMHF against ASIL targets.

PMHF Budget Timeline

Tracks how single-point and latent contributions accumulate into the probabilistic hardware failure budget over operating life.

Worked Example

ADAS Perception Subsystem FMEDA

A complete FMEDA for a small automatic emergency braking perception subsystem (microcontroller, sensor, power supply) evaluated against an ASIL B safety goal, carried from per-component rates through to final metrics.

Total dangerous-relevant rate of roughly 260 FIT distributed across the three elements
Each component lambda split into failure modes and classified as safe, single-point, residual, or latent
Diagnostic coverage claimed per mechanism (range checks, watchdog, lockstep) and applied to dangerous modes
Single-Point Fault Metric computed near 96.8 percent against the ASIL B target
Latent Fault Metric computed near 97.3 percent with the ASIL C target as reference
PMHF rolled up in FIT per hour and compared to the safety goal budget

Subsystem Metric Summary

SPFM = 96.77 percent (meets ASIL B)

Unlock the full FMEDA table and PMHF rollup

Master Quantitative Hardware Safety Analysis

Work through every step from FIT rating to final metrics, with interactive visuals and a full ADAS worked example.

Start Learning Now

10 Chapters3 Hardware MetricsASIL B to D6 Interactive Visuals

Learning Objectives

Rate every failure mode in FIT

Pull justified base failure rates from approved handbooks and correct them for the vehicle mission profile.

Classify faults correctly

Apply the decision tree to separate safe, single-point, residual, and latent multiple-point faults against a defined safety goal.

Defend diagnostic coverage claims

Match safety mechanisms to coverage tiers and back each percentage with fault-injection evidence rather than assumption.

Compute the three hardware metrics

Aggregate FMEDA data into SPFM, LFM, and PMHF and check the results against the relevant ASIL targets.

Chapters

What FMEDA Is

Positions Failure Modes, Effects and Diagnostic Analysis (FMEDA) as the quantitative, coverage-aware extension of FMEA that feeds the mandatory hardware metrics of ISO 26262-5.

Failure Rates and FIT

Defines the FIT unit (one failure per 10^9 operating hours), the recognised reliability handbooks, mission-profile correction, and the split of total lambda into safe and dangerous fractions.

Failure-Mode Distribution

Shows how a component lambda is apportioned across its individual failure modes by percentage, then each mode classified as safe or dangerous against the safety goal in scope.

SPF, RF, and MPF Faults

Classifies every failure mode as Safe, Single-Point Fault, Residual Fault, or Multiple-Point Fault using a decision tree, and explains the latent multiple-point case.

Diagnostic Coverage

Covers how a safety mechanism reduces the dangerous undetected failure rate, the low, medium, and high coverage tiers, and the evidence needed to defend a diagnostic coverage claim.

Deriving SPFM, LFM, PMHF

Rolls FMEDA data up into the three mandatory metrics using the Annex C equations, then demonstrates the aggregation on a compact three-component numeric example.

Building the FMEDA

Lays out the FMEDA spreadsheet column structure, the analysis workflow from bill of materials to frozen metrics, and an annotated table for an EPS phase-monitoring circuit.

Worked Example

Walks an end-to-end FMEDA for a small ADAS perception subsystem (microcontroller, sensor, power supply), computing the metrics against an ASIL B safety goal.

Pitfalls and Review

Catalogues the common errors that invalidate FMEDA results, from optimistic coverage claims to under-counted latent faults, and supplies a practical review checklist.

Data Sources and Tools

Surveys the reliability prediction handbooks, automotive mission-profile standards, FMEDA tooling, and how the per-mode failure rates feed quantitative Fault Tree Analysis.

Diagrams and Visuals

FIT Rate Explorer

Interactive view of how temperature, stress, and mission profile move a component failure rate across its useful-life region.

Failure-Mode Distribution Pie

Splits a single component lambda across its failure modes and shades the safe versus dangerous fractions.

Fault Classification Decision Tree

Branching flow that sorts each failure mode into Safe, Single-Point, Residual, or Multiple-Point fault.

Diagnostic Coverage Visualizer

Shows a safety mechanism carving the detected portion out of a dangerous failure rate at low, medium, and high tiers.

Metrics Roll-up Calculator

Aggregates per-mode rates into Single-Point Fault Metric, Latent Fault Metric, and PMHF against ASIL targets.

PMHF Budget Timeline

Tracks how single-point and latent contributions accumulate into the probabilistic hardware failure budget over operating life.

ADAS Perception Subsystem FMEDA

Total dangerous-relevant rate of roughly 260 FIT distributed across the three elements

Each component lambda split into failure modes and classified as safe, single-point, residual, or latent

Diagnostic coverage claimed per mechanism (range checks, watchdog, lockstep) and applied to dangerous modes

Single-Point Fault Metric computed near 96.8 percent against the ASIL B target

Latent Fault Metric computed near 97.3 percent with the ASIL C target as reference

PMHF rolled up in FIT per hour and compared to the safety goal budget