Skip to main content

Risk analysis...

Risk analysis is an important discipline for assuring the safety, reliability and quality of products and processes. It is also an area subject to increasing regulatory pressures. In this article we discuss and compare the two most widely used tools for risk analysis.

The design and manufacture of safe medical devices inherently includes risk reduction as a key objective. We would all agree that risk reduction is a desirable goal, but we may not understand the principles and tools for achieving this goal. The investigative and analysis activities at the core of risk reduction are generally referred to as "risk analysis" or "failure analysis." Structured engineering disciplines for failure analysis were developed as part of the United States space and defense efforts of the 1960s. From these beginnings, failure analysis as an engineering discipline has spread into the engineering design and development practices of general aerospace and high-tech industries of the present.

It is important to understand that we are not talking about physical testing methods as practiced by reliability engineers. Rather, we are talking about "desktop" or "blackboard" structured methods that are used to analyze or predict modes of failure in mechanical or electrical systems based on the functions, characteristics and/or interactions of the parts that comprise the system. Return to contents

A Regulatory Conformance Issue

Today in the medical device industry we find that risk analysis has become a regulatory conformance issue. The FDA Quality System Regulation includes risk analysis "where appropriate" as part of design validation in the Design Control requirements.1 The European CE Marking regulation, the Medical Devices Directive in its Essential Requirements,2 requires manufacturers to take adequate steps "taking account of the generally acknowledged state-of-the-art" to "eliminate or reduce risks as far as possible." To a European notified body, this means that you need to show evidence of some form of design risk analysis in the Technical Files for your product. At present, the notified bodies are sometimes allowing retrospective studies, based on the historical safety record of a device, as a form of "grand-fathering" existing products, but this will not work to seek CE Marking certifications for new products.

To further demonstrate the European commitment to risk analysis as a design control tool, an EN guidance standard for risk analysis of medical devices was published in 1997. It contains specific references3 to the two risk analysis tools that we will be discussing, and to the international standards for their use.4, 5

In the current medical device manufacturing environment, regulatory conformance is not the only driving force for the application of risk analysis and risk reduction methods. Your liability insurance underwriter and your corporate council will be the first to tell you that well-documented risk analysis and risk reduction activities are among the most valuable defenses in product liability litigation. Risk analysis and prevention activities can also be a valuable component in effective Total Quality and Continuous Improvement quality management programs, as we will discuss in detail later.

So there are many good reasons to employ these valuable tools. The problem is that not many people in the medical device industry are presently knowledgeable or skilled in the application of risk analysis tools. For example the author, although having worked in medical device R&D for many years, actually received his training and most of his experience in failure and risk analysis while employed in the automotive industry.

Having established the need for knowledge in this area of design engineering and validation discipline, we will next present the two most commonly used techniques, and finish the discussion by making some comparisons of their uses, advantages and limitations. Return to contents

Fault Tree Analysis (FTA)

The first of these techniques is most commonly known by the terms Fault Tree Analysis or Failure Tree Analysis. It gets its names from the graphic construct used to guide the thought process to arrive at the cause(s) of a system's malfunction. The branching structure of this graphic aid resembles the structure of a tree or root system. A similar branching structure often used for stimulating the thought processes in team-oriented problem solving sessions, with which the reader may be more familiar, is the Cause and Effect diagram or "fish bone diagram."

Fault Tree Analysis is inherently a top-down thought process. It starts with a single mode of malfunction or adverse outcome in the subject system, then works its way down through all the subsystems, components and conditions of the system which could contribute to this malfunction. A resulting solution (possible cause) at the end of one of the branches might be found to be a single component, environmental condition or functional characteristic, or it might be the interaction of a combination or plurality of any or all of these elements. More than one hypothetical solution usually results when a complex system is analyzed. Return to contents

Failure Mode and Effects Analysis (FMEA)

The other commonly used technique for risk analysis is usually identified by the names Failure Mode and Effects Analysis (FMEA) or Failure Mode, Effects and Criticality Analysis (FMECA). The latter designation cites a key element of the technique, the assignment of relative measures of severity (criticality) to various modes of failure. In the automotive industry, the term Potential Failure Mode and Effects Analysis is used6 in recognition of the fact that this is a primarily predictive technique.

The FMEA technique considers each item that comprises the total system. Analysis is made, based both on best expert opinion and historical information for similar items, of all the ways that each component or subsystem might fail to fulfill its intended function. Each of these potential failure modes is then assigned a relative ranking on a numeric classification scale. This ranking process takes into account three separate aspects of each failure mode. One ranking is assigned with regard to the relative probability that the particular failure mode being ranked will occur. The failure mode is also ranked for the relative severity of its worst potential resulting outcome regarding safety or functionality of the system. The third relative ranking number assigned is for the probability that the failure mode will be detected and/or corrected by the applicable controls.

One of the most unique and powerful aspects of the FMEA process is the assignment of these relative measures of occurrence, severity and detection. These three numeric rankings are multiplied together for each failure mode to provide an overall relative risk factor for the subject failure mode. When this numeric measure of relative risk is considered for each predicted potential failure mode, we can quickly identify those features of the existing system design that are most likely to cause safety, reliability or quality problems. Return to contents

Translate Analysis Into Action

But merely identifying the potential causes of malfunction is only half the job. For example, it has been widely known, since the investigation of the tragic NASA Challenger space shuttle failure in 1986, that a Thiokol Corporation engineer actually predicted the booster seal ring failure mode in an FMEA he drafted in 1983.7 However, if a risk analysis is to be of any value, the analysis results must be translated into appropriate action. Sadly, it is also widely known that this is where NASA officials erred.

This brings us to the subject of how one should direct corrective action based on the information provided by an FMEA. The risk ranking numbers help us identify where to properly deploy resources in a product or process development project. By assigning corrective action resources with the highest priority given to potential failure modes with the highest risk numbers, we can know that we are putting our money where it will be used most effectively.

The corrective action for a given failure mode should be directed at:

(a) changing the design/specifications to eliminate the cause(s) of the failure mode;

(b) changing the design/specifications to reduce the probability of occurrence of the failure mode;

(c) changing the design/specifications to reduce the severity of the failure mode effect;

(d) adding a design verification test to verify that the failure mode will not occur under design conditions of use;

(e) adding a production quality control to detect occurrence of the cause(s) the failure mode before the product is distributed; or

(f) adding a diagnostic control to detect the failure mode and prevent loss of safety or function in the field.

Often, a combination of these solutions is the appropriate action. The specific circumstances will dictate the appropriate solutions to apply in each instance, but solution (a) is of course the most desirable, if practical to implement.

A useful aspect of the FMEA technique is the fact that it can be applied with equal effect to either a product design or a process design. When this technique is used on a product design, each subsystem, subassembly and part is examined individually, and analyzed for potential failure modes that would prevent proper function of the component. When used on a process, each step in the process is examined and analyzed for what could go wrong at that step to produce non-conforming output, or to cause a processing problem at a step downstream. The potential failure mode ranking process is similar to that for a design FMEA as discussed above. The corrective action is also similar, but solution (d) becomes the act of adding a process control and validation protocol to assure that the failure mode will not occur under the conditions of the established process control parameters.

This ability to predict and correct built-in weaknesses in manufacturing processes, even before startup, presents an opportunity to minimize development time-to-market, and to reduce scrap, inspection and overall manufacturing cost. Return to contents

Advantages of FTA and FMEA

Given that both FTA and FMEA are useful tools for developing more robust products and manufacturing systems, how do we know which of the techniques is best for a given situation? Are they perhaps interchangeable? Well, it turns out that they do have some characteristics in common, but they are in fact quite different techniques and afford different but complementary advantages, depending on the existing stage of development of a product or process.

Both FTA and FMEA rely on the technical expertise and experience of the individuals performing the analysis. Both techniques are most effectively implemented by a small team of experts, knowledgeable and experienced in the product or process being analyzed. It is usually desirable to staff this team with individuals from cross-functional backgrounds. For example, a team might have members representing not only the applicable engineering technologies, but also members who are expert in applicable production and supplier issues as well as others who are experts in user disciplines. This approach will result in greater richness and diversity of input, and reduce the likelihood of missing an important understanding or conclusion.

Both techniques are rigorous in detail and, like other structured technical activities, require training, practice and discipline to obtain optimum benefit. They can also be personally rewarding/motivating activities for the participants and, at the same time, highly rewarding for companies that deploy the techniques. Return to contents

FTA and FMEA Approaches Compared

However, these two techniques diverge in their basic premise or viewpoint. FTA focuses on a failure outcome, and examines the applicable components, processes and conditions retroactively to identify all possible contributing factors that could have worked alone or in combination to cause that outcome. On the other hand, FMEA focuses on each component of a system, one at a time, and examines before-the-fact all of the things that could possibly go wrong with that component.

FTAs main strength is for analyzing malfunctions in complex systems, particularly where there is opportunity for the interaction of multiple potential causes. Therefore, it is a powerful method for discovering and understanding complex interactions that have caused (or may cause) a malfunction. FTA is probably most useful as an analysis tool for after-the-fact corrective action. For this reason it is most valuable during the design verification and process validation testing phases of development, and for post- production analysis of field problems. In contrast, FMEA is basically a tool for proactive preventive action, since its primary use is to predict and eliminate the potential failure modes in a system design before they can occur, resulting in an initially robust design. Return to contents

Other Uses for FMEA

The existence of the FMEAs, used for the design of a product and the required production processes, greatly simplifies the creation of an effective product verification/validation plan and process control plan for that product. By doing the design FMEA analysis, you have already identified and documented all the predictable product failure modes and their design "fixes" that need either incoming goods acceptance control plans or verification testing, whether before design release or as production lot final release control. Likewise, by doing the process FMEA, you have identified all the potential process failure modes and their required controls (the outline for the process control plan) as well as those special processes where inspection/verification controls will not work and process validation is required. All the information is already there; the only task is to translate it into appropriate test and control plans, and validation protocols. This synergy is one of the most powerful, but, for most environments where Engineering and Quality never communicate at an effective level, unfortunately the most unrealized benefits of the FMEA.

The FMEA method is powerful as a tool for the management of continuous improvement and loss prevention activities. The relative risk rankings can be used in a Pareto chart fashion for planning the urgency and order of system improvement activities. Periodically, the FMEA should be updated to reflect the current system design configuration and actual historical malfunction information, and new ranking numbers should then be generated. Based on these revised numbers, the potential failure modes with the highest ranked current risks can then be eliminated or controlled to further reduce the overall risk. This cycle can be repeated indefinitely, making the FMEA a "living document" to support improvement activities aimed at continually upgrading the quality and reliability of the subject system. This iterative FMEA process can also be useful for management of scrap, rework and warranty cost reduction activities. Return to contents

Summary

We hope that this brief overview of risk analysis methods has increased the reader's understanding of the subject. It should be apparent that these powerful tools for developing more robust products and processes can offer important ongoing quality, cost and risk management benefits as well.

We should mention that there is a third, more recently developed process-oriented risk analysis technique, gaining acceptance in the food processing industries, called Hazard Analysis and Critical Control Points (HACCP).8 It is being promoted by the FDA9 for use as a tool for development of medical device manufacturing process control plans. The author is not qualified to comment on the value of this use of HACCP, but can attest from personal experience to the value of FMEA for this purpose, as discussed above. Return to contents

Comments

Popular posts from this blog

PDF Automation in QTP

                                                                            The most challenging issue with PDFs is that it could be of any kind, not just a tabular data; it could have plain text, images or even forms to fill up. So this makes a tester’s life a bit difficult, never mind, we will definitely find an easy of do it… Although there are already some better approaches we have to deal with PDF documents but I found many of us are facing so many difficulties using this. There are lots of queries coming at QTP forums asking for an easy way of doing it with PDFs. keeping those in my mind I started c...

Convert JSON to XML using QTP/UFT/VBScript

Sample Code : Dim strPage,strJSON,objIE strPage = "C:\Jay\JLoader.html" Set objIE = CreateObject("InternetExplorer.Application") objIE.Visible = True objIE.Navigate2 strPage While objIE.Busy : Wend strJSON = "{""FirstName"":""Jay"", ""LastName"":""Krishna""}" Set objWin = objIE.document.parentWindow objWin.execScript "var jsonStr2XML = function(strJSON) { return json2xml(JSON.parse(strJSON));};" Msgbox  oWin.jsonStr2XML(strJSON) objIE.Quit In Detail: Converting The most popular data interchange format JSON(JavaScript Object Notation) to XML using QTP/UFT. Parsing JSON in UFT could be a challenge so we will use JavaScript in UFT to make it perfect. SO We need :              Java Script API  - To Convert JSON to XML                         JavaScript Files :  ...

Download Test Resource From QC Using QTP

'########################################################################### '* Function Name: QCGetResource '* Designer: Jay '* Date 09-May-2012 '* This script will Download QC Test Resource to a local dir '########################################################################### Function QCGetResource(resourceName,saveTo)     Set qcConn = QCUtil.QCConnection     Set oResource = qcConn.QCResourceFactory     Set oFilter = oResource.Filter     oFilter.Filter("RSC_FILE_NAME") = resourceName     Set oResourceList = oFilter.NewList     If oResourceList.Count = 1 Then         Set oFile = oResourceList.Item(1)         oFile.FileName = resourceName         oFile.DownloadResource saveTo, True     End If         Set qcConn = Nothing     Set oResource = Nothi...

compare Two Text files using Vb Script

Public Function CompareFiles (FilePath1, FilePath2) Dim FS, File1, File2 Set FS = CreateObject(“Scripting.FileSystemObject”) If FS.GetFile(FilePath1).Size <> FS.GetFile(FilePath2).Size Then CompareFiles = True Exit Function End If Set File1 = FS.GetFile(FilePath1).OpenAsTextStream(1, 0) Set File2 = FS.GetFile(FilePath2).OpenAsTextStream(1, 0) CompareFiles = False Do While File1.AtEndOfStream = False Str1 = File1.Read(1000) Str2 = File2.Read(1000) CompareFiles = StrComp(Str1, Str2, 0) If CompareFiles <> 0 Then CompareFiles = True Exit Do End If Loop File1.Close() File2.Close() End Function Return value: The function returns 0 or False if the two files are identical, otherwise True. Example: File1 = “C:\countries\apple1.jpg” File2 = “C:\countries\apple3.jpg” If CompareFiles(File1, File2) = False Then MsgBox “Files are identical.” Else MsgBox “Files are different.” End If    Source: Mercury Forum’s KB articles

CreateImageFromClipBoard using QTP

'-------------------------------------------------------------------------' Method : CreateImageFromClipBoard' Author : Jai Purpose : It gets the clipboard image and convert as a image file.' Parameters: FileName - String, contains the BMP file name' iIndex - Integer, contains the Worksheet index' Returns : String. The replaced file name it gives.' Caller : - Nil' Calls : - Nil' ------------------------------------------------------------------------- Sub CreateImageFromClipBoard(sFileName) Dim wshShell,ShellReturnCode, sCmdExec Set WshShell = WScript.CreateObject("WScript.Shell") sCmdExec = "D:\autostuff\i_view32.exe /silent /clippaste /convert="& sFileName ShellReturnCode = WshShell.Run(sCmdExec, 1, True) End Sub