ISO 26262 states that hardware architectural metrics are required to assess the adequacy of safety mechanisms and their ability to detect and/or prevent faults from reaching safety critical areas. Fault injection is an essential method to determine the completeness and correctness of the safety mechanisms in meeting functional safety requirements. However, random fault injection is time-consuming and inefficient in meeting today's product release cycles. In this paper, we present a formal methodology to improve the efficiency of fault injection to maximize the observability of the failures.