A P

C P E N D I X

The Factor of Safety

as a Design Variable

C.1 INTRODUCTION
The factor of safety is a factor of ignorance. If the stress on a part at a critical
location (the applied stress) is known precisely, if the material’s strength (the
allowable strength) is also known with precision, and the allowable strength is
greater than the applied stress, then the part will not fail. However, in the real
world, all of the aspects of the design have some degree of uncertainty, and
therefore a fudge factor, a factor of safety, is needed. A factor of safety is one way
to account for the uncontrollable noises that were discussed in Chap. 10.
In practice the factor of safety is used in one of three ways: (1) It can be
used to reduce the allowable strength, such as the yield or ultimate strength of
the material, to a lower level for comparison with the applied stress; (2) it can be
used to increase the applied stress for comparison with the allowable strength; or
(3) it can be used as a comparison for the ratio of the allowable strength to the
applied stress. We apply the third definition here, but all three are based on the
simple formula

Sa1
FS =
σap

Here Sal is the allowable strength, σap is the applied stress, and FS is the factor
of safety. If the material properties are known precisely and there is no variation
in them—and the same holds for the load and geometry—then the part can be
designed with a factor of safety of 1, the applied stress can be equal to the allowable
strength, and the resulting design will not fail ( just barely). However, not only are
these measures not known with precision, they are not constant from sample to
sample or use to use. In a statistical sense all these measures have some variance
about their mean values (see App. B for the definitions of the mean and variance).

403
404 APPENDIX C The Factor of Safety as a Design Variable

For example, typical material properties, such as ultimate strength, even when
measured from the same bar of material, show a distribution of values (a variance)
around a nominal mean of about 5%. This distribution is due to inconsistencies
in the material itself and in the instrumentation used to take the data. If strength
figures are taken from handbook values based on different samples and instru-
mentations, the variance of the values may be 15% or higher. Thus, the allowable
strength must be characterized as a nominal or mean value with some statistical
variation about it.
Even more difficult to establish are the statistics of the applied stress. The
exact magnitude of the applied stress is a factor of the loading on the part (the
forces and moments on the part), the geometry of the part at the critical location,
and the accuracy of the analytic method used to determine the stress at the critical
point due to the load.
The accuracy of the comparison of the applied stress to the allowable strength
is a function of the accuracy and applicability of the failure theory used. If the
stress is steady and the failure mode yielding, then accurate failure theories exist
and can be used with little error. However, if the stress state is multiaxial and
fluctuating (with a nonzero mean stress), there are no directly applicable failure
theories and the error incurred in using the best available theory must be taken
into account.
Beyond the preceding mechanical considerations, the factor of safety is also a
function of the desired reliability for the design. As will be shown in Section C.3,
the reliability can be directly linked to the factor of safety.
There are two ways to estimate the value of an acceptable factor of safety: the
classical rule-of-thumb method (presented in Section C.2) and the probabilistic,
or statistical, method of relating the factor of safety to the desired reliability and
to knowledge of the material, loading, and geometric properties (presented in
Section C.3).
An additional note on standards. Most established design disciplines and
companies have factors of safety used as standards. But often these values are
based on lost or outdated material specifications and quality control procedures.
At a minimum the following tools will help explore the basis of these standards;
at a maximum they can be used to update them.
For example, the Jet Propulsion Laboratory, in its design of the Mars Rover
used the factors of safety shown in Table C.1. The factor of safety for both yield
and ultimate and for metallic and ceramic materials is given. If the components
have not been tested, the required factor of safety is much higher. Note that there
is no value for composites yielding—they don’t.

Table C.1 Factors of safety for Mars Rover

Qualified by testing Not tested
Metallic Composite
FSultimate 1.4 1.5 2.00
FSyield 1.25 — 1.60
 C.2 The Classical Rule-of-Thumb Factor of Safety 405

C.2 THE CLASSICAL RULE-OF-THUMB

FACTOR OF SAFETY
The factor of safety can be quickly estimated on the basis of estimated variations
of the five measures previously discussed: material properties, stress, geometry,
failure analysis, and desired reliability. The better known the material properties
and stress, the tighter the tolerances, the more accurate and applicable the failure
theory, and the lower the required reliability, the closer the factor of safety should
be to 1. The less known about the material, stress, failure analysis, and geometry
and the higher the required reliability, the larger the factor of safety.
The simplest way to present this technique is to associate a value greater than
1 with each of the measures and define the factor of safety as the product of these
five values:

FS = FSmaterial · FSstress · FSgeometry · FSfailure analysis · FSreliability

Details on how to estimate these five values are given next. These values have
been developed by breaking down the rules given in textbooks and handbooks
into the five measures and cross-checking the values with those from the statistical
method described in Section C.3.
Estimating the Contribution for the Material
FSmaterial = 1.0 If the properties for the material are well known, if they
have been experimentally obtained from tests on a specimen
known to be identical to the component being designed and
from tests representing the loading to be applied
FSmaterial = 1.1 If the material properties are known from a handbook or
are manufacturer’s values
FSmaterial = 1.2–1.4 If the material properties are not well known

Estimating the Contribution for the Load Stress

FSstress = 1.0–1.1 If the load is well defined as static or fluctuating, if there are
no anticipated overloads or shock loads, and if an accurate
method of analyzing the stress has been used
FSstress = 1.2–1.3 If the nature of the load is defined in an average manner,
with overloads of 20–50%, and the stress analysis method
may result in errors less than 50%
FSstress = 1.4–1.7 If the load is not well known or the stress analysis method
is of doubtful accuracy

Estimating the Contribution for Geometry (Unit-to-Unit)

FSgeometry = 1.0 If the manufacturing tolerances are tight and held well
FSgeometry = 1.0 If the manufacturing tolerances are average
FSgeometry = 1.1–1.2 If the dimensions are not closely held
406 APPENDIX C The Factor of Safety as a Design Variable

Estimating the Contribution for Failure Analysis

FSfailure theory = 1.0–1.1 If the failure analysis to be used is derived for the state
of stress, as for uniaxial or multiaxial static stresses, or
fully reversed uniaxial fatigue stresses
FSfailure theory = 1.2 If the failure analysis to be used is a simple extension
of the preceding theories, such as for multiaxial, fully
reversed fatigue stresses or uniaxial nonzero mean fa-
tigue stresses
FSfailure theory = 1.3–1.5 If the failure analysis is not well developed, as with
cumulative damage or multiaxial nonzero mean fatigue
stresses

Estimating the Contribution for Reliability

FSreliability = 1.1 If the reliability for the part need not be high, for in-
stance, less than 90%
FSreliability = 1.2–1.3 If the reliability is an average of 92–98%
FSreliability = 1.4–1.6 If the reliability must be high, say, greater than 99%

These values are, at best, estimates based on a verbalization of the factors

affecting the design combined and on experience with how these factors affect the
design. The stress on a part is fairly insensitive to tolerance variances unless they
are abnormally large. This insensitivity will be more evident in the development
of the statistical factor of safety.

C.3 THE STATISTICAL, RELIABILITY-BASED,

FACTOR OF SAFETY
C.3.1 Introduction
As can be appreciated, the classical approach to establishing factors of safety is
not very precise and the tendency is to use it very conservatively. This results in
large factors of safety and overdesigned components. Consider now the approach
based on statistical measures of the material properties, of the stress developed
in the component, of the applicability of the failure theory, and of the reliability
required. This technique gives the designer a better feel for just how conservative,
or nonconservative, he or she is being.
With this technique, all measures are assumed to have normal distributions
(details on normal distributions appear in App. B). This assumption is a rea-
sonable one, though not as accurate as the Weibull distribution for representing
material-fatigue properties. What makes the normal distribution an acceptable
representation of all the measures is the simple fact that, for most of them, not
enough data are available to warrant anything more sophisticated. In addition, the
normal distribution is easy to understand and work with. In upcoming sections,
 C.3 The Statistical, Reliability-Based, Factor of Safety 407

each measure is discussed in terms of the two factors needed to characterize a

normal distribution—the mean and the standard deviation (or variance).
The factor of safety is defined as the ratio of the allowable strength, Sal , to the
applied stress, σap . The allowable strength is a measure of the material properties;
the applied stress is a measure of the stress (as a function of both the applied load
and the stress analysis technique used to find the stress), the geometry, and the
failure theory used. Since both of these measures are distributions, the factor of
safety is better defined as the ratio of their mean values: FS = S al /σ ap .
Figure C.1 shows the distribution about the mean for both the applied stress
and the allowable strength. There is an area of overlap between these two curves
no matter how large the factor of safety is and no matter how far apart the mean
values are. This area of overlap is where the allowable strength has a probability
of being smaller than the applied stress; the area of overlap is thus the region
of potential failure. Keeping in mind that areas under normal distribution curves
represent probabilities, we see that this area of overlap then is the Probability of
Failure (PF). The reliability, the probability of no failure, is simply 1 – PF. Thus,
by considering the statistical nature of these curves, the factor of safety is directly
related to the reliability.
To develop this relationship more formally, we define a new variable,
z = Sal − σap , the difference between the allowable strength and the applied
stress. If z > 0, then the part will not fail. But failure will occur at z ≤ 0. The
distribution of z is also normal (the difference between two normal distributions is
also normal), as shown in Fig. C.2. The mean value of z is simply z = sa1 − σap .
If the allowable strength and the applied stress are considered as independent
variables (which is the case), then the standard deviation of z is
q
ρz = ρa1 2 + ρ2
ap

Applied
stress
Allowable
strength
Probability

σ ap Sal
Strength or stress

Figure C.1 Distribution of applied stress and allowable

strength.
408 APPENDIX C The Factor of Safety as a Design Variable

Probability
Area of
failure

0 z z

Figure C.2 Distribution of z.

Normalizing any value of z by subtracting the mean and dividing by the

standard deviation, we can define the variable tz as
(Sa1 − σap ) − (S a1 − σ ap )
tz = q
2 + ρ2
ρa1 ap

The variable tz has a mean value of 0 and a standard deviation of 1. Since failure
will occur when the applied stress is greater than the allowable stress, a critical
point to consider is when z = 0, Sal = σap . So, for z = 0,
−(S a1 − σ ap )
tz=0 = q
2 + ρ2
ρa1 ap

Thus, any value of t that is calculated to be less than tz=0 represents a failure
situation. The probability of a failure then is Pr(t < tz=0 ), which, assuming the
normal distribution, can be found directly from a normal distribution table. If the
distributions of the applied stress and the allowable strength are known, tz=0 can
be found from the preceding equation and the probability of failure can be found
from normal distribution tables. Finally, the reliability is 1 minus the probability of
failure; R = 1−Pr(tz ≤ tz=0 ). To make using normal distribution tables (App. B)
easier by utilizing the symmetry of the distribution, we can drop the minus sign
on the preceding equation and consider values of tz > tz=0 to represent failure.
Some values showing the relation of tz=0 to reliability are given in Table C.2.
To reduce the equations to a usable form in which the factor of safety is the
independent variable, we rewrite the previous equation, dividing by the mean
value of the applied stress and using the definition of the factor of safety:
FS − 1
tz=0 = q
FS2 (ρa1 /S a1 )2 + (ρap /σ ap )2
With tz=0 directly dependent on the reliability, there are four variables related by
this equation: the reliability, the factor of safety, and the coefficients of variation
(standard deviation divided by the mean) for the allowable and applied stresses.
 C.3 The Statistical, Reliability-Based, Factor of Safety 409

Table C.2 Relation of tz=0 to R

R t z=0
0.50 0.00
0.90 1.28
0.95 1.64
0.99 2.33

In the development here, the unknown will be the factor of safety. Thus, the final
form of the statistical factor of safety equation is
q
2 (ρ /σ )2 (ρ /S )2
(ρa1 /S a1 )2 + (ρap /σ ap )2 − tz=0 ap ap a1 a1
FS = 1 + tz=0 2 (ρ /S )2
[C.1]
1 − tz=0 a1 a1

Before proceeding with details into the development of the applied stress and
allowable strength coefficients of variation, let us look at an example of the use of
the preceding equations. Say that the allowable strength coefficient of variation
(see Sec. C.3.2) is 0.08 (the standard deviation is 8% of the mean value), the
applied stress coefficient (see Sec. C.3.3) is 0.20 and the desired reliability is 95%.
Using Table C.2, a 95% reliability gives tz=0 = 1.64. Thus, using Eq. [C.1], the
design factor of safety can be computed to be 1.37. If the reliability is increased
to 99%, the design factor of safety increases to 1.55. These design factor of
safety values are not dependent on the actual values of the material properties
or the stresses in the material but only on their statistics and the reliability and
applicability of the failure theory. This is a very important point.

C.3.2 The Allowable Strength Coefficient of Variation

Measured material properties, such as the yield strength, the ultimate strength,
the endurance strength, and the modulus of elasticity, all have distributions about
their means. This is evident in Fig. B.1, which shows the result of static tests on
913 different samples of 1035 steel as hot-rolled, round bars, 1 to 9 in. diameter.
Although not perfectly normal, as shown by the fit of the data on the normal
distribution paper, an approximation to the straight line is not bad. Not all kinds
of data fit this well. Typically, fatigue data and data on ceramic material tend not to
be as evenly distributed and are better represented by a skewed distribution, such
as the Weibull distribution. (Unfortunately, the four factors needed to represent the
Weibull distribution have only been determined for a limited number of materials.)
However, the adequacy and simplicity of the normal distribution make it the best
choice for representing the material properties here. From Fig. B.2, the mean
ultimate strength is 86 kpsi and its standard deviation is 4 kpsi. Note that the
standard deviation is 4.6% of the mean, so the coefficient of variation for 1035
hot-rolled steel is 0.046. Unfortunately, it is not always simple to find the standard
deviation for the material properties. In looking up the ultimate stress for 1035 HR
in standard design books, the following values were found: 72, 85, 72, 82, and
67 kpsi. From this limited sample, the mean value is 75.6 kpsi with a standard
410 APPENDIX C The Factor of Safety as a Design Variable

deviation of 6.08 kpsi, resulting in a coefficient of variation of 0.80 (6.08/75.6).

If the heat treatment on the material or the exact composition of the material are
unknown, the deviation can be much higher.
The allowable stress may be based on the yield, ultimate, or endurance
strengths or some combination of them, depending on the failure criteria used. In
the preceding formulation, the allowable stress appears only as a ratio of standard
deviation to average value. For most materials this ratio, irrespective of which
allowable stress is considered, is in the range of 0.05–0.15. It is recommended that
the statistics for the strength that best represent the nature of the failure be used.
For example, in cases of nonzero-mean fluctuating stresses, the allowable stress
coefficient for the endurance limit should be used if the mean is small relative to
the amplitude, and the coefficient for the ultimate should be used if the mean is
large relative to the amplitude. Any complexity beyond this is not warranted.

C.3.3 The Applied Stress Coefficient of Variation

The applied stress coefficient of variation is somewhat more difficult to develop.
The statistics of the geometry and the load obviously affect the statistics of the
applied stress, as does the accuracy of the method used to find the stress. Addi-
tionally, a measure of the accuracy of the failure analysis method to be used will
also be reflected in the statistics of the applied stress. (This measure could be
taken into account elsewhere, but it is convenient to consider it as a correction on
the applied stress.)
To see how these various factors are combined to form the applied stress
coefficient of variation, consider the following example. (The statistics for the
stress analysis technique and the failure theory accuracy will be included later
in the example.) Consider a round, axially loaded uniform bar. In this bar, the
average maximum stress is given by the ratio of the average maximum force
divided by the average area:
F
σ ap =
πr 2
The standard deviation of the stress is a function of the independent statistics
of the geometry and the load. Using standard, normal-distribution relations,
s
 2 
ρF 2

ρap ρr
= 4 +
σ ap r F
Thus, the applied-stress coefficient of variation is written in terms of the
coefficients of variation for the geometry (ρr /r) and the loading (ρF /F ). In
general, the same form can be derived for any loading and shape. No matter
whether it is normal or shear, the stress will have the form of force/area, and area
always has units of length squared.
In many applications, the magnitude of load forces and moments are well
known through either experience or measurement. Essentially, two types of loads
 C.3 The Statistical, Reliability-Based, Factor of Safety 411

are considered here: static loads and fatigue, or fluctuating, loads. Regardless
of which type of loading is considered, the exact magnitude of the forces and
moments may have to be estimated. The determination of the statistical factor of
safety takes into account the confidence in this estimation. This approach is much
like that used in project planning (PERT) and requires the designer to make three
estimates of the load: an optimistic estimate o; a most likely estimate m; and a
pessimistic estimate p. From these three the mean m, standard deviation ρ, and
coefficient of variation can be found:

m = 16 (o + 4m + p)
ρ = 16 (p − o)
ρ p−o
=
m o + 4m + p
These equations are based on a beta distribution function rather than a nor-
mal distribution. However, if the most likely estimate is the mean load, and the
optimistic and pessimistic estimates are the mean ±3 standard deviations, then
the beta distribution reduces to the normal distribution. The beauty of this is that
an estimate of the important statistics can be made even if the distribution of
the estimates is not symmetrical. For example, suppose the maximum load on a
bracket is quoted as a force of 25,000 N. This may just be the most likely esti-
mate. There is a possibility that the maximum load may be as low as 15,000 N or,
because of light shock loading, the force may be as high as 50,000 N. Thus, from
the preceding formulas, the expected value is 27,500 N, the standard deviation is
5833 N, and the coefficient of variation is 0.21. If the optimistic load had been 0,
no load at all, the expected load would be 25,000 N and the standard deviation,
8333 N. In this case, the pessimistic and optimistic estimates are ±3 standard
deviations from the expected or mean value. The coefficient of variation is 0.33,
reflecting the wider range of estimates. Note again that the load coefficient of
variation is independent of the absolute value of the load itself and gives only
information on its distribution.
The hardest factor to take into account in failure analysis is the effect of
shock loads. In the example just given, the potential maximum load was double
the nominal value. Without dynamic modeling there is no way to find the effect
of shock loads on the state of stress. These choices are suggested:

■ If the load is smoothly applied and released, use a ratio of optimistic:most

likely:pessimistic of 1:1:2 or 1:2:4.
■ If the load gives moderated shocks, use a ratio of optimistic:most likely:
pessimistic of 1:1:4 or 1:4:16. Examples of moderate shock applications are
blowers, cranes, reels, and calenders.
■ If the load gives heavy shocks, use a ratio of optimistic:most likely:pessimistic
of 1:1:10 or 1:10:100. Examples of heavy shock applications are crushers,
reciprocating machinery, and mixers.
412 APPENDIX C The Factor of Safety as a Design Variable

The geometry of the part is important in that, in combination with the load,
the geometry determines the applied stress. Normally, the geometry is given as
nominal dimensions with a bilateral tolerance (3.084 ± 0.010 in.). The nominal
is the mean value, and the tolerance is usually considered to be three times the
standard deviation. This implies that, assuming a normal distribution, 99.74% of
all the samples will be within the limits of the tolerance. It is assumed that there
is one dimension that is most critical to the stress, and the coefficient of variation
for this dimension is used in the analysis. For the example just considered, the co-
efficient of variation is 0.0011 [0.010/(3 · 3.084)], which is an order of magnitude
smaller than that for the load. This is typical for most tolerances and loadings.
Using the discussed examples, the applied stress coefficient of variation is
q
ρap = 4(0.0011)2 + 0.212 = ˙ 0.21
Note the lack of sensitivity to the tolerance.
The preceding does not take into account the accuracy of the stress analysis
technique used to find the stress state from the loading and geometry or the
adequacy of the failure analysis method. To include these factors, the allowable
strength needs to be compared with the calculated applied stress corrected for the
stress analysis and the failure analysis accuracy. Thus,
σap = σcalc × Nsa × Nfa
where Nsa is a correction multiplier for the accuracy of the stress analysis tech-
nique and Nfa is a correction multiplier for the failure analysis accuracy.
If the two corrections are assumed to have normal distributions, they can be
represented as coefficients of variation. With the product of normally distributed
independent standard deviations being the square root of the sum of the squares
(see App. B), we have for the applied stress coefficient of variation
s
 2 
ρF 2 ρsa 2 ρfa 2
    
ρap ρr
4 + + + [C.2]
σ ap r F N sa N fa
This is the same as before, with the addition of the coefficient of variation s for
the stress analysis method and for the failure theory.
The coefficient of variation for the stress analysis method can be estimated
using the same technique as for estimating the statistics on the loading—namely,
estimate an optimistic, pessimistic, and most likely value for the stress, based
on the most likely load. Again, consider a load of 25,000 N (the most likely
estimate of the maximum load). Assume that at the critical point the normal
stress caused by this load is 40.9 kpsi (282.0 MPa), with a stress concentration
factor of 3.55. The most likely normal stress is the product of the load and the
stress concentration factor, 145 kpsi. However, confidence in the method used to
find the nominal stress and the stress concentration factor is not high. In fact, the
maximum stress may really be as high as 160 kpsi or as low as 140 kpsi. With
these two values as the pessimistic and the optimistic estimates, the coefficient of
variation is calculated at 0.023. For strain gauge data or other measured results,
 C.3 The Statistical, Reliability-Based, Factor of Safety 413

the stress analysis method coefficient of variation will be very small and can, like
the geometry statistics, be ignored.
The adequacy of the failure analysis technique, as discussed in the develop-
ment of the classical factor of safety method, has a marked effect on the design
factor of safety. On the basis of experience and the limited data in the references,
the coefficient of variations recommended for the different types of loadings are
Static failure theories: 0.02
Fully reversed uniaxial infinite life fatigue failure theory: 0.02
Fully reversed uniaxial finite life fatigue failure theory: 0.05
Nonzero mean uniaxial fatigue failure theory: 0.10
Fully reversed multiaxial fatigue failure theory: 0.20
Nonzero mean multiaxial fatigue failure theory: 0.25
Cumulative damage load history: 0.50
These values imply that for well-defined failure analysis techniques, where the
failure mode is identical to that found with the allowable strength material test,
the standard deviation is small, namely, 2% of the mean. When the failure theory
is comparing a dissimilar applied stress state to an allowable strength, the margin
for error increases. The rule used in cumulative damage failure estimation can be
off by as much as a factor of 2 and is therefore used with high uncertainty.

C.3.4 Steps for Finding the Reliability-Based

Factor of Safety
We can summarize the method discussed in the previous two sections as an eight-
step procedure:
Step 1: Select reliability. From Table C.2, find the value of tz=0 for the
desired reliability.
Step 2: Find the allowable strength coefficient of variation. This can be
found experimentally or by following the following rules of thumb. If the
material properties are well known, use a coefficient of 0.05; if the material
properties are not well known, use a coefficient of 0.01–0.15.
Step 3: Find the critical dimension coefficient of variation. This value is
generally small and can be ignored except when the variation in the criti-
cal dimensions are large because of manufacturing, environmental, or aging
effects.
Step 4: Find the load coefficient of variation. This is an estimate of how
well the maximum loading is known. It can be estimated using the PERT
method given in Sec. C.3.3.
Step 5: Find the accuracy of the stress analysis coefficient of variation. Even
though the variation of the load was taken into account in step 4, knowledge
about the effect of the load on the structure is a separate issue. The stress
due to a well-known load may be hard to determine because of complex
414 APPENDIX C The Factor of Safety as a Design Variable

geometry. Conversely, the stress caused by a poorly known load on a simple

structure is no more poorly known than the load itself. This measure then
takes into account how well the stress can be found for a known load.
Step 6: Find the failure analysis technique coefficient of variation. Guid-
ance for this is given near the end of Sec. C.3.2.
Step 7: Calculate the applied stress coefficient of variation. This is found
using Eq. [C.2].
Step 8: Calculate the factor of safety. This is found using Eq. [C.1].

C.4 SOURCES
Ullman, D. G.: “Less Fudging with Fudge Factors,” Machine Design, Oct. 9, 1986, pp. 107–111.
Ullman, D. G.: Mechanical Design Failure Analysis, Marcel Dekker, New York, 1986.