Failure Proofing Your Designs: A Powerful Tool to Enhance Product Safety/Reliability and Regulatory Conformance
Failure prediction and analysis techniques are important disciplines for assuring the safety, reliability, and quality of products and processes. Risk analysis is also a subject for increasing regulatory pressure in the medical device industry. This article will discuss the most widely used tool for prediction and analysis of potential failure causes.
By James B. Elliott, PE, CQE
•A Regulatory Issue
•Introduction to the Method
•Failure Analysis Guides Action
•Other Uses For FMEA
•References
The design and manufacture of safe medical devices inherently require minimizing the risk of functional failure. We would all agree that failure reduction is a desirable goal, but we may not be aware of effective methods to achieve this goal at the design stage of development.
The analysis disciplines associated with failure prevention activities are generally referred to as "risk analysis" or "failure analysis." Engineering methods for failure analysis were developed as part of the United States' space and defense programs of the 1960s. From these beginnings, failure analysis as an engineering discipline has spread through the engineering design and development practices of aircraft, automotive, and other high-tech industries. However, not many in this industry are familiar with its use or the many benefits to be obtained.
It is important to understand that we are not talking about physical testing methods as practiced by reliability engineers. Rather, we are talking about "desktop" or "blackboard" structured methods that can be used by design engineers to predict and eliminate potential modes of failure in a system, even before the first prototype is built. These methods are based on a rigorous analysis of the functions, requirements, characteristics, and interactions of all the parts that comprise the system, under the influence of the probable production, storage, distribution, and use environments that the product will endure.
Today in the medical device industry we find that risk analysis has become a regulatory issue. FDA's Quality System Regulation (QSR) includes risk analysis "where appropriate" as part of design validation in the new Design Control requirements1. Although FDA policy for enforcement of Design Controls is still evolving, you can be reasonably sure that if your new product is a Class III device, you will be expected to use risk analysis in its design development.
The European requirements are clearer. The Medical Devices Directive, in its Essential Requirements, dictates that manufacturers take adequate steps "taking account of the generally acknowledged state-of-the-art" to "eliminate or reduce risks as far as possible."2. To a European-notified body, this means that you need to show evidence of some form of design risk analysis in the Technical Files for your product.
To further demonstrate the European commitment to risk analysis as a design control tool, an EN guidance standard for risk analysis of medical devices was published in 19973. It contains specific reference to the risk analysis tool that we will be discussing, and to the international standard for its use4.
In the current medical device manufacturing environment, regulatory conformance is not the only driving force for the application of risk analysis and risk reduction methods. Your company liability insurance underwriter and your corporate council will be the first to tell you that well-documented risk analysis and risk reduction activities provide valuable defense evidence in product liability litigation. Risk analysis and prevention activities can also be a valuable component in effective Total Quality and Continuous Improvement quality management programs, as will be discuss in detail below.
So there are several reasons to employ risk/failure analysis in the design cycle for your medical products. The problem is that not many people in the medical device industry are presently knowledgeable or skilled in the application of risk analysis tools.
Contents
The most commonly used method is known as Failure Mode and Effects Analysis (FMEA) or Failure Mode, Effects, and Criticality Analysis (FMECA). The latter designation cites a key element of the technique, the assignment of relative measures of severity (criticality) to various modes of failure. In the automotive industry, the term Potential Failure Mode and Effects Analysis is used5 in recognition of the fact that it is primarily a predictive technique.
The FMEA technique breaks down each subsystem, subassembly, and part of the system being analyzed and considers the function of each component item individually. Analysis is made, based on best expert opinion and historical information for similar items, of all the ways that each of these items might fail to fulfill its intended function. Each of these potential failure modes is then assigned a relative ranking on a numeric classification scale.
This ranking process takes into account three separate aspects of each failure mode. One ranking is assigned with regard to the relative probability of occurrence for the particular failure mode being ranked. The failure mode is also ranked for the relative severity of its worst potential-resulting outcome regarding safety or functionality of the system. The third relative ranking number assigned is for the probability that the failure mode will be detected and/or corrected by the QA/QC controls in the product quality control plan (concurrent engineering is assumed).
One of the most unique and powerful aspects of the FMEA process is the assignment of these relative probabilities to occurrence, severity, and detection of potential failure modes. When we multiply these three numeric rankings together for each failure mode, we get a number representing the relative risk factor for that mode of failure. When these individual measures of relative risk are listed for the total system, we can quickly identify those features of the existing design that are most likely to cause safety, reliability or quality problems.
Contents
Failure Analysis Guides Action
But merely identifying the potential causes of malfunction is only half the job. For example, it has been widely known since the investigation of the tragic NASA Challenger space shuttle failure in 1986 that a Thiocol Corp. engineer actually predicted the booster seal ring failure mode in an FMEA he drafted in 19836. But if a risk analysis is to be of any value, the analysis results must be translated into appropriate action.
But how should one implement corrective action based on the information provided by an FMEA? The risk ranking numbers show us where to apply design optimization activities in a product or process development project. By assigning the highest priorities to activities that address those potential failure modes with the highest risk numbers, we can maximize the benefits of our failure-proofing efforts, regardless of the level of the resources available to us.
The corrective action for a given failure mode should be directed at:
- a) changing the design/specifications to eliminate the cause(s) of the failure mode;
- b) changing the design/specifications to reduce the probability of occurrence of the failure mode;
- c) changing the design/specifications to reduce the severity of the failure mode effect;
- d) adding a design verification test to verify that the failure mode will not occur under design conditions of use;
- e) adding a production quality control to detect occurrence of the cause(s) the failure mode before the product is distributed; or
- f) adding a diagnostic control to detect the failure mode and prevent loss of safety or function in the field.
Often, a combination of two or more of these solutions is the most appropriate action. The specific circumstances will dictate the appropriate solution(s) to apply in each instance, but Solution A is of course the most desirable, if practical to implement.
A useful aspect of the FMEA technique is the fact that it can be applied with equal effectiveness to either a product design or a process design. As outlined above, when FMEA is applied to a product design, each subsystem, subassembly, and part is examined individually and analyzed for potential failure modes that would prevent proper functioning of the component. When it is used on a process, each step in the process is examined and analyzed for what could go wrong at that step to produce nonconforming (does not meet specifications) output, or to cause a processing problem at some point downstream. The potential failure mode ranking process is similar to that for a design FMEA as discussed above. The corrective action options are also similar, but Solution D becomes the act of adding a process control and validation protocol to assure that the failure mode will not occur under the conditions of the established process control parameters.
This ability to predict and correct built-in weaknesses in manufacturing processes before startup presents an opportunity to minimize development time-to-market and to reduce scrap, inspection, and overall manufacturing cost.
Contents
The existence of the FMEAs used for the design of a product and the required production processes greatly simplifies the creation of an effective product verification/validation plan and quality control plan for that product. By conducting the design FMEA, you have already identified and documented all the predictable product failure modes that need either incoming goods acceptance controls, or verification testing. Likewise, by doing the process FMEA, you have identified all the potential process failure modes and their required controls (the outline for the process quality control plan), as well as the special processes where inspection controls will not work, and therefore process validation is required. All the information is already there; one only has to translate it into appropriate test and control plans and validation protocols. This synergy is one of the most powerful, but most overlooked benefits of the FMEA.
The FMEA method is also powerful as a tool for the management of corrective and preventive action activities. The relative risk rankings can be used for planning the urgency and order of system improvement activities. Periodically, a FMEA should be updated to reflect the current system design configuration and actual historical problem information, and new ranking numbers should then be generated. Based on these revised numbers, the potential failure modes with the highest ranked current risks can then be eliminated or controlled to further reduce the overall risk. This cycle can be repeated indefinitely, making the FMEA a "living document" for activities aimed at continually upgrading the quality and reliability of the subject system.
The FMEA process can also be extremely useful for management of scrap, rework, and warranty cost reduction activities, since these are all due to occurrences of process or product failures.
Contents
- "Quality System Regulation," 21 CFR 820.30(g)
- Medical Devices Directive, 93/42/EEC, Annex I, Section I.2
- "Medical Devices - Risk Analysis," EN 1441, Annex D
- "Procedure for Failure Mode and Effects Analysis (FMEA)," IEC 812
- "Potential Failure Mode and Effects Analysis," Chrysler/Ford/GM suppliers manual, 1993
- W.L. Hankins, FMEA analysis draft, Wasach Division, Thiocol Corporation, June 1983
James Elliott is a Quality Engineering and Business Management Systems Consultant based in Southern California. He has over 15 years of experience in medical device R&D and design responsibilities. Besides Quality Management Systems, a particular area of specialization in his practice over the last six years has been Design Quality Assurance. He is a recognized authority for the application of failure mode analysis, and has authored and presented numerous papers, articles and workshops on the subject
James Elliott, 2108 Paso Verde Dr., Hacienda Heights, CA 91745. Phone: (626) 330 4885; fax: (626) 330 4885. E-mail: jbeconsult@worldnet.att.net, http://home.att.net/~jbeconsult.
If you would like to see more articles on other Design Quality Assurance topics or how-to information on this subject, please let us know by sending an e-mail to the editor at ujones@medicaldesignonline.com