Root cause analysis

In science and engineering, root cause analysis (RCA) is a method of problem solving used for identifying the root causes of faults or problems.^[1] It is widely used in IT operations, telecommunications, industrial process control, accident analysis (e.g., in aviation,^[2] rail transport, or nuclear plants), medicine (for medical diagnosis), healthcare industry (e.g., for epidemiology), etc.

RCA can be decomposed into four steps:

• Identify and describe clearly the fault/problem.
• Establish a timeline (history of events) from normal situation until the fault/problem.
• Distinguish between the root cause and causal factors (e.g., using event correlation).
• Establish a causal graph between the root cause and the fault/problem.

RCA generally serves as input to a remediation process whereby corrective actions are taken to prevent the fault/problem from reoccurring. The name of this process varies from one application domain to another.

Definitions

In science and engineering, there are essentially two ways of repairing faults and solving problems.

Reactive fault/problem management consists in reacting quickly after the fault/problem occurs, by treating the symptoms. This type of management is implemented by reactive systems,^[3][4] self-adaptive systems,^[5] self-organized systems, and complex adaptive systems. The goal here is to react quickly and alleviate the symptoms of the fault/problem as soon as possible.

Proactive fault/problem management, conversely, consists in preventing problems from occurring. Many techniques can be used for this purpose, ranging from good practices in design to analyzing in detail problems that have already occurred, and taking actions to make sure they never reoccur. Speed is not as important here as the accuracy and precision of the diagnosis. The focus is on addressing the real cause of the fault/problem rather than its symptoms.

Root-cause analysis is often used in proactive fault/problem management to identify the root cause of a fault/problem, that is, the factor that was the main cause of that fault/problem.

It is customary to refer to the root cause in singular form, but one or several factors may in fact constitute the root cause(s) of the fault/problem under study.

A factor is considered the root cause of a fault/problem if removing it prevents the fault/problem from recurring. A causal factor, conversely, is one that affects an event's outcome, but is not the root cause. Although removing a causal factor can benefit an outcome, it does not prevent its recurrence with certainty.

Examples

Imagine an investigation into a machine that stopped because it overloaded and the fuse blew.^[6] Investigation shows that the machine overloaded because it had a bearing that wasn't being sufficiently lubricated. The investigation proceeds further and finds that the automatic lubrication mechanism had a pump which was not pumping sufficiently, hence the lack of lubrication. Investigation of the pump shows that it has a worn shaft. Investigation of why the shaft was worn discovers that there isn't an adequate mechanism to prevent metal scrap getting into the pump. This enabled scrap to get into the pump, and damage it.

The apparant root cause of the problem is therefore that metal scrap can contaminate the lubrication system. Fixing this problem ought to prevent the whole sequence of events recurring. The real root cause could be a design issue if there is no filter to prevent the metal scrap getting into the system. Or if it has a filter that was blocked due to lack of routine inspection, then the real root cause is a management issue.

Compare this with an investigation that does not find the root cause: replacing the fuse, the bearing, or the lubrication pump will probably allow the machine to go back into operation for a while. But there is a risk that the problem will simply recur, until the root cause is dealt with.

Application domains

Root-cause analysis is used in many application domains.

Manufacturing and industrial process control

The example above illustrates how RCA can be used in manufacturing. RCA is also routinely used in industrial process control, e.g. to control the production of chemicals (quality control).

RCA is also used for failure analysis in engineering and maintenance.

IT and telecommunications

Root-cause analysis is frequently used in IT and telecommunications to detect the root causes of serious problems. For example, in the ITIL service management framework, the goal of incident management is to resume a faulty IT service as soon as possible (reactive management), whereas problem management deals with solving recurring problems for good by addressing their root causes (proactive management).

Another example is the computer security incident management process, where root-cause analysis is often used to investigate security breaches.^[7]

RCA is also used in conjunction with business activity monitoring and complex event processing to analyze faults in business processes.

Health and safety

In the domains of health and safety, RCA is routinely used in medicine (diagnosis), epidemiology (e.g., to identify the source of an infectious disease), environmental science (e.g., to analyze environmental disasters), accident analysis (aviation and rail industry), and occupational safety and health.^[8]

Systems analysis

RCA is also used in change management, risk management, and systems analysis.

General principles

Example of a root cause analysis method

Despite the different approaches among the various schools of root cause analysis and the specifics of each application domain, RCA generally follows the same four steps.

Identify and describe clearly the fault/problem

Effective problem statements and event descriptions (as failures, for example) are helpful and usually required to ensure the execution of appropriate root cause analyses.

Establish a timeline (history of events) from normal situation until the fault/problem

RCA should establish a sequence of events or timeline for understanding the relationships between contributory (causal) factors, the root cause, and the fault/problem under investigation.

Distinguish between the root cause and causal factors

By correlating this sequence of events with the nature, the magnitude, the location, and the timing of the fault/problem, and possibly also with a library of previously analyzed faults/problems, RCA should enable the investigator(s) to distinguish between the root cause, causal factors, and non-causal factors.

One way to trace down root causes consists in using hierarchical clustering and data-mining solutions (such as graph-theory-based data mining). Another consists in comparing the situation under investigation with past situations stored in case libraries, using case-based reasoning tools.

Establish a causal graph between the root cause and the fault/problem

Finally, the investigator should be able to extract from the sequences of events a subsequence of key events that explain the fault/problem, and convert it into a causal graph.

Transition to corrective actions

The goal of RCA is to identify the root cause of the fault/problem. The next step is to trigger long-term corrective actions to address the root cause identified during RCA, and make sure that the fault/problem does not resurface. Correcting a fault/problem is not formally part of RCA, however; these are different steps in a problem-solving process known as fault management in IT and telecommunications, repair in engineering, remediation^{[disambiguation needed]} in aviation, environmental remediation in ecology, therapy in medicine, etc.

Challenges

Without delving in the idiosyncrasies of specific problems, several general conditions can make RCA more difficult than it may appear at first sight.

First, important information is often missing because it is generally not possible, in practice, to monitor everything and store all monitoring data for a long time.

Second, gathering data and evidence, and classifying them along a timeline of events to the final fault/problem, can be nontrivial. In telecommunications, for instance, distributed monitoring systems typically manage between 1 million and 1 billion events per day. Finding a few relevant events in such a mass of irrelevant events is akin to finding the proverbial needle in a haystack.

Third, there may be more than one root cause for a given fault/problem, and this multiplicity can make the causal graph very difficult to establish.

Fourth, causal graphs often have many levels, and root-cause analysis terminates at a level that is "root" to the eyes of the fault/problem investigator. Looking again at the example above in industrial process control, a deeper investigation could reveal that the maintenance procedures at the plant included periodic inspection of the lubrication subsystem every two years, while the current lubrication subsystem vendor's product specified a 6-month period. Switching vendors may have been due to management's desire to save money, and a failure to consult with engineering staff on the implication of the change on maintenance procedures. Thus, while the "root cause" shown above may have prevented the quoted recurrence, it would not have prevented other  – perhaps more severe – failures affecting other machines.

Best practices

To be effective, root cause analysis must be performed systematically. A team effort is typically required. For aircraft accident analyses, for example, the conclusions of the investigation and the root causes that are identified must be backed up by documented evidence.^[9]

See also

• 5 Whys
• A3 problem solving
• Barrier analysis
• Eight Disciplines Problem Solving
• Factor analysis
• Failure mode and effects analysis
• Fault tree analysis
• Forensic engineering
• Issue map
• Issue tree
• Multiple regression and multivariate linear regression
• Orthogonal Defect Classification
• RCASE
• Structural fix

Notes

1. See Wilson 1993, pp. 8–17.
2. See IATA 2016 and Sofema 2017.
3. See Manna 1995.
4. See Lewerentz 1995.
5. See Babaoglu 2005.
6. See Ohno 1988.
7. See Abubakar 2016.
8. See OSHA 2019.
9. See IATA 2016.

References

• Abubakar, Aisha; Bagheri Zadeh, Pooneh; Janicke, Helge; Howley, Richard (2016). "Root cause analysis (RCA) as a preliminary tool into the investigation of identity theft". Proc. 2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security).
• Babaoglu, O.; Jelasity, M.; Montresor, A.; Fetzer, C.; Leonardi, S.; van Moorsel, A.; van Steen, M., eds. (2005). Self-star Properties in Complex Information Systems; Conceptual and Practical Foundations. LNCS. Vol. 3460. Springer.
• IATA (8 April 2016). "Root Cause Analysis for Civil Aviation Authorities and Air Navigation Service Providers". International Air Transport Association. Archived from the original on 8 April 2016. Retrieved 17 November 2017. Key steps to conducting an effective root cause analysis, which tools to use for root cause identification, and how to develop effective corrective actions plans.
• Claus Lewerentz; Thomas Lindner, eds. (1995). Formal Development of Reactive Systems; Case Study Production Cell. LNCS. Vol. 891. Springer.
• Manna, Zohar; Pnueli, Amir (1995). Temporal Verification of Reactive Systems: Safety. Springer. ISBN 978-0387944593.
• Ohno, Taiichi (1988). Toyota Production System: Beyond Large-Scale Production. Portland, Oregon: Productivity Press. p. 17. ISBN 0-915299-14-3.
• OSHA; EPA. "FactSheet: The Importance of Root Cause Analysis During Incident Investigation" (PDF). Occupational Safety and Health Administration. Retrieved 22 March 2019.
• Sofema (17 November 2017). "Root Cause Analysis for Safety Management Practitioners & Business Area Owners". Sofema Aviation Services. Archived from the original on 17 November 2017. Retrieved 17 November 2017. Identify best practice techniques and behaviours to perform effective Root Cause Analysis (RCA)
• Wilson, Paul F.; Dell, Larry D.; Anderson, Gaylord F. (1993). Root Cause Analysis: A Tool for Total Quality Management. Milwaukee, Wisconsin: ASQ Quality Press. ISBN 0-87389-163-5.

External links

• «Root Cause Analysis and Monitoring Tools: A Perfect Match» by Irene Carrasco