Skip to main content

Prerequisites

Understanding the DFMEA 3-Level Hierarchy

The DFMEA risksheet organizes failure mode analysis into three levels: diagram
LevelColumnField / LinkDescription
1FunctionitemLink to function via assessesThe system function being analyzed
2Failure ModefailureMode (text)How the function can fail
2Effect of FailureeffectOfFailure (text)Downstream consequence of the failure
2HARA ReferencemultiItemLink to riskRecord via analyzedInCross-link to HARA risk records
3Cause of FailurecauseOfFailure (text)Root cause or mechanism
  1. Open the DFMEA document in risksheet mode
  2. Click the Function column cell in a new row
  3. The picker shows available function work items, filtered by the current subsystem
The DFMEA risksheet uses a queryFactory that automatically filters functions by the document’s subsystem. If the document is scoped to a specific component (e.g., “Fluid Pumping”), only functions belonging to that component appear in the picker. The filter query is linkedWorkItems: + the component ID.
  1. Select the function to analyze
  2. The function title appears as the Level 1 grouping header

Step 2: Document the Failure Mode (Level 2)

For each function, identify one or more failure modes:
  1. Navigate to the Failure Mode column under the selected function
  2. Enter a description of how the function can fail
Effective failure mode descriptions:
  • “Delivers incorrect dosage volume” (specific, measurable)
  • “Fails to detect occlusion” (describes the undesired behavior)
  • “Displays inaccurate flow rate” (identifies the deviation from intended function)
The failureMode field defaults to “Undetermined”. Replace this with a specific failure description for every entry.

Step 3: Describe the Effect of Failure (Level 2)

  1. Click the Effect of Failure column (effectOfFailure)
  2. Describe the downstream consequence of the failure mode on the system, user, or patient
Example effects:
Failure ModeEffect of Failure
Delivers incorrect dosage volumePatient receives overdose or underdose; potential adverse drug reaction
Fails to detect occlusionDelayed treatment; potential tissue damage from infiltration
Displays inaccurate flow rateClinician makes incorrect dosing decisions based on false data

Step 4: Enter the Cause of Failure (Level 3)

For each failure mode, identify one or more root causes:
  1. Click the Cause of Failure column (causeOfFailure)
  2. Enter the mechanism or condition that produces the failure
Each cause becomes a Level 3 entry under its parent failure mode, creating the tree: 
Function: Deliver medication at prescribed rate
  Failure Mode: Delivers incorrect dosage volume
    Cause: Pump motor encoder drift
    Cause: Software calculation rounding error
    Cause: Tubing compliance variation
Failure Mode work items also include cognitionError and perceptionError fields for capturing human factors contributions per IEC 62366. These fields appear in the work item form but are not shown as default risksheet columns.
The DFMEA risksheet includes a HARA Reference column that links failure modes to HARA risk records:
  1. Click the HARA Reference column (riskRecord multiItemLink)
  2. Search for the relevant HARA risk record that corresponds to this failure mode
  3. Select it to create the analyzedIn bidirectional link
This cross-reference creates traceability between the two risk methodologies:
  • DFMEA side: The HARA Reference column shows which risk records are related to this failure mode
  • HARA side: The FMEA cross-reference column (cause) shows which failure modes feed into each risk record
Click on a linked HARA risk record in the DFMEA risksheet to navigate directly to it in the HARA document. The risksheet uses a custom onClick handler for in-document navigation.

Step 6: Review the Component Column

The risksheet automatically resolves the parent System Element for each linked function and displays it in the Component column. This server-rendered column:
  1. Traverses from the function item to its parent systemElement
  2. Displays the system element title
  3. Provides context about which component the failure mode affects

What Happens Next

After identifying functions and failure modes:
  1. Score each failure mode with severity, occurrence, and detection ratings — see Score Severity, Occurrence, and Detection (RPN)
  2. Link to HARA for comprehensive risk coverage across both methodologies
  3. Review completeness by checking that all functions have at least one failure mode and cause identified
DFMEA risksheet configuration (DFMEATemplate/risksheet.json), failure mode custom fields (failureMode-custom-fields.xml), FMEA-SYS-001 document structure (FMEA-SYS-001/module.xml), DFMEA top panel (DFMEATemplate/risksheetTopPanel.vm), UI walkthrough (risksheet-views.md).