If you find yourself faced with this question you might be wondering why it is that having successfully used risk assessments without FMEDA your team are suddenly faced with the complexity of executing FMEDAs.

Maybe us safety people answer with a follow up question to better understand and answer something like:

what is the added risk associated with the complex electronics you have in your system?

After all, risk assessments have served you very well in either your current role or with projects you have previously been involved in.


Hazard analysis and risk assessment (HARA) is generally conducted early in the product development process and using a matrix or risk graph from IEC 62061/ISO 13849 or ISO 12100. This matrix identifies the key items, typically 1-3, necessary for safety. These key items are typically assessed further using a quantitative technique to justify the accuracy. Usually the quantitative analysis results in an RRF that is lower than the intentionally more conservative qualitative approach.

Next in the product development lifecycle comes the implementation. With complex electronics IEC 61508 and the related IEC 62061 use FMEDA to find design problems (also the subject of FMECA or FMEA in automotive). FMEDA is also used to assess quantitative performance metrics for the design. These include the reliability and diagnostic coverage which form the basis of the calculation of the probability of dangerous failure on demand on average for the safety related control systems.

The risk assessment doesn’t require FMEDA but with complex control systems it is the fastest way to identify design weaknesses and prove the risk reduction has been achieved.

If ,for example, you are replacing a human operator with electronics and placing your trust in the electronics for safety, it is negligent not to consider the dangerous failures associated with these systems.

Tagged as:     Jonathan Moore     ISO 12100     IEC 62061     iec 62061     IEC 61508     FMEDA  

Other Blog Posts By Jonathan Moore