Glossary term
Diagnostic Coverage
Engineering definition of diagnostic coverage covering detected faults, dangerous undetected failures, proof-test limits and validation evidence.
Definition
metricDiagnostic coverage is the fraction of a defined fault population that is detected by diagnostics, proof tests, monitoring, self-tests or fault-detection logic within the required boundary.
Diagnostic coverage is used in safety, reliability, embedded firmware, medical devices, power electronics, automation and process systems to estimate how many relevant or dangerous failures are detected rather than left hidden. It must be tied to a stated fault set, detection method, test interval, operating mode and action rule. It is distinct from metrology coverage factor and from generic software test coverage.
Diagnostic coverage is the fraction of a defined fault population that a diagnostic method can detect within the required boundary. It may apply to sensor faults, actuator faults, wiring faults, memory faults, watchdog failures, stuck outputs, unsafe interlock states, dangerous process failures or medical-device self-test conditions.
The phrase is only meaningful when the fault set is stated. “High diagnostic coverage” is weak unless the review says which faults are included, which are excluded, how detection is proven, how quickly detection occurs and what action follows.
Fraction of Detected Faults
A simple count-based expression is:
where N_D is the number of detected relevant faults and N_T is the total number of relevant faults in the defined set. If fault rates are known, a rate-weighted form is often more useful:
where lambda_DD is the detected dangerous failure rate and lambda_DU is the dangerous undetected failure rate.
Undetected Dangerous Failures
If total dangerous failure rate is:
then the undetected portion after applying diagnostic coverage is:
This is why diagnostic coverage affects safety claims. A diagnostic that detects harmless faults but misses the dangerous failure mode may look useful in maintenance logs while doing little for risk reduction.
Proof-Test Interval
For a simplified low-demand safety function, average probability of dangerous failure on demand can be screened as:
where T_I is proof-test interval. This formula is a teaching screen, not a substitute for a full functional-safety calculation. It shows why diagnostic coverage and proof-test interval belong in the same review.
Worked Example
A safety-related controller review defines:
dangerous or relevant fault cases. Fault injection, self-test and proof testing detect:
The count-based diagnostic coverage is:
The estimated dangerous failure rate is:
The dangerous undetected rate is:
For an annual proof-test interval:
the simplified average probability screen is:
If the target is:
the annual interval is not sufficient for this simplified model. A first interval limit is:
That is about:
The review should either improve diagnostics, reduce the proof-test interval, reduce the dangerous failure rate or revise the claimed safety function.
Boundary With Test Coverage
Software or manufacturing test coverage is not the same as diagnostic coverage. A unit test may execute code paths without proving that installed hardware detects a broken wire, stuck relay, saturated sensor, stale message, memory corruption or unsafe actuator state.
Diagnostic coverage is also not the coverage factor used in uncertainty analysis. That factor describes statistical coverage of an uncertainty interval. Diagnostic coverage describes fault detection for a stated fault set.
Limits of the Metric
Diagnostic coverage is not a complete safety claim. It says how much of the stated fault set is detected; it does not by itself prove the safe state, degraded mode, alarm priority, reset rule or maintenance response. A diagnostic that detects a fault after the hazardous consequence has already occurred may have high coverage and poor risk reduction.
The metric should therefore be reported with detection time, false-trip behavior, proof-test interval, bypass policy and the action taken after detection. Engineers should also separate online diagnostics from periodic proof tests. Online diagnostics may reduce exposure continuously. Proof tests may find hidden failures only at the next test interval.
Validation Evidence
Useful evidence includes fault list, FMEA link, fault-injection records, proof-test procedure, self-test logs, detection-time measurements, false-trip review, missed-fault review, bypass handling, sensor-failure tests, stuck-output tests, communication-loss tests, watchdog tests, calibration drift tests, field-failure feedback and traceability from each dangerous failure to a diagnostic or proof-test action.
Common mistakes include counting easy detectable faults while omitting dangerous hidden faults, quoting a percentage without the fault set, assuming diagnostics are effective in all modes, ignoring detection time, treating nuisance alarms as proof of safety, and reducing RPN detection scores without validation evidence. A strong diagnostic-coverage claim states the fault population, detection method, action boundary, proof-test interval, residual undetected faults and evidence quality.