Failure Modes Effects Analysis - FMEA - Step Two - Detection and Remediation

We evaluate the identified possible faults and issues to determine how we can detect the failure and how we can remediate it.   

For this discussion, we will bucket the failure modes into three types which can help us determine how they can be detected.  

We will categorize failures as technical, design time and business types of failures.  We can use the category to determine how we wish to remediate the failures. Some of the business rule failures will be "by policy" and their remediation will be in the business departments. The other failures will be remediated via technical means.

Capturing - Detection and Remediation

We want to fill in the Detection and Remediation columns.  You can tune the meanings of these columns to your use case.  For this walkthrough

We sweep across all the faults to determine how the fault would actually be detected and then how we would permanently, tactically, manually, transiently remediate that. 

Detection
Classify how this can be detected by the system or people.  Originally this column held the detection method.  We detected it through log analysis, some monitoring system, a person looking at a report.  For this exercise I'm we want to do that but also determine the category.  So I kind of mixed detection and category here. Maybe this belongs in its own column.
  • Technical: Technical errors are determined via some exception or log message or some type of error event.
  • Business:  A business failure is hopefully based on some business rule or condition they hadn't thought of.  Business failures may be raised by the system, created by rules. 
  • Design: In some cases, we find a fault that exists due to a missed requirement or bad design. It may not be detectable by the system by design.  We need to do a fix in those cases, a redesign to detect and/or mitigate.


Remediation
We specify the remediation path.  This may be multi-step. You may have multiple steps or lines for each fault in this column. There may be some transient automated remediation, like a retry.  That may be followed up with human intervention.  The best remediation is one that is completely automated.
  • Automatic: Certain types of failures can be automatically remediated.  We may retry a call to a web service or re-send an email.  This may fail over to manual remediation
  • Manual: The human or out-of-process steps that remediate this. This could be a person running a secondary manual correction process or them just creating a report or a person manually pushing data or processes around. It could be them pulling some data or component out of the current path so that the process can continue with other data or components.
  • Capture Metrics: A business fault or distributed system fault may be expected. We still may wish to capture metrics to watch the error rate. We may be able to ignore a business error until it becomes more common that our design expected. 
  • Redesign: Permanent remediation for this type of fault may require a redesign.  That should be added here. 

Video Walkthrough

System Under Analysis

This is our simple system we under analysis.

Related 

Blog Articles

  • Throwing down failures http://joe.blog.freemansoft.com/2021/01/failure-mode-analysis-ste-one-throwing.html
  • Detection and remediation https://joe.blog.freemansoft.com/2021/02/failure-mode-analysis-step-two.html

Videos

  • Step 1: Throwing down failures https://youtu.be/RdmfSiqsXAs
  • Step 2: Detection and Remediation https://youtu.be/98puya9szWc
  • Garage Door Failure to Close https://youtu.be/qFDbRTnvYxs
Created 2021/02
Title Revised 2024/03

Comments

Post a Comment

Popular posts from this blog

Understanding your WSL2 RAM and swap - Changing the default 50%-25%

Image
The Windows Subsystem for Linux operates as a virtual machine that can dynamically grow the amount of RAM to a maximum set at startup time.  Microsoft sets a default maximum RAM available to 50% of the physical memory and a swap-space that is 1/4 of the maximum WSL RAM.  You can scale those numbers up or down to allocate more or less RAM to the Linux instance. The first drawing shows the default WSL memory and swap space sizing. The images below show a developer machine that is running a dev environment in WSL2 and Docker Desktop.  Docker Desktop has two of its own WSL modules that need to be accounted for.  You can see that the memory would actually be oversubscribed, 3 x 50% if every VM used its maximum memory.  The actual amount of memory used is significantly smaller allowing every piece to fit. Click to Enlarge The second drawing shows the memory allocation on my 64GB laptop. WSL Linux defaults to a maximum RAM size of 5
Read more

Installing the RNDIS driver on Windows 11 to use USB Raspberry Pi as network attached

Image
I do a lot of my development and configuration via ssh into my Raspberry Pi Zero over the RNDIS connection. Some models of the Raspberry PIs can be configured with  gadget drivers  that let the Raspberry pi emulate different devices when plugged into computers via USB. My favorite gadget  is the network profile that makes a Raspberry Pi look like an RNDIS-attached network device.  All types of network services travel over an RNDIS device without knowing it is a USB hardware connection. A Raspberry Pi shows up as a Remote NDIS (RNDIS) device when you plug the Pi into a PC or Mac via a USB cable. The gadget  in the Windows Device Manager picture shows this RNDIS Gadget connectivity between a Windows machine and a Raspberry Pi. The Problem Windows 11 and Windows 10 no longer auto-installs the RNDIS driver that makes magic happen. Windows recognizes that the Raspberry Pi is some type of generic USB COM device. Manually running W indows Update  or  Update Driver  does  not  install the RNDI
Read more

DNS for Azure Point to Site (P2S) VPN - getting the internal IPs

Image
I wanted to access all my Azure resources without making any of them visible to the Internet.   The easiest give my local machine access to everything on my Azure Virtual Network (VNET) was to connect to it over VPN. It turns out creating Azure VPN gateways and connecting to Azure VPN endpoints is easy.  There are some subtleties in getting DNS name resolution to work that can confuse when first starting out. Setting the Stage There are a few ways to get to Azure endpoints and resources that are blocked from the internet.  We can  Create a Point-to-Site connection from our local machines to Azure Network Gateways Create a Site-to-Site network connection from our local networks to Azure Network Gateways. Use Bastion Hosts Use Cloud Shell Leave everything open to the internet. I chose a Point-to-Site (P2S) VPN connection that connects from my laptop to a VNet Gateway.  That joins my laptop
Read more