Lunchtime edit...geddit...
This commit is contained in:
Robin Clark
parent
e4e0a5e66c
commit
174b1a324a
@ -73,9 +73,12 @@ oversimplifies the task of failure mode analysis, and makes the process arbitrar
|
||||
Fortunately most real-world designs take a modular approach. In Electronics
|
||||
for instance, commonly used configurations of parts are used to create
|
||||
amplifiers, filters, potential dividers etc.
|
||||
It is therefore natural to collect parts to form functional groups.
|
||||
%It is therefore natural to collect parts to form functional groups.
|
||||
It is common design practise in electronics, to use collections of parts in specific configurations
|
||||
to form well defined and known building blocks.
|
||||
These commonly used configurations of parts, or {\fgs}, will
|
||||
also have failure mode behaviour. We can take a {\fg} and determine its symptoms of failure.
|
||||
also have a specific failure mode behaviour.
|
||||
We can take a {\fg} and determine its symptoms of failure.
|
||||
When we have done this we can treat this as a component in its own right.
|
||||
If we terms `parts' as base~components and components we have determined
|
||||
from functional groups as derived components, we can modularise the FMEA task.
|
||||
@ -135,7 +138,9 @@ When we have determined the symptoms, we can
|
||||
create a {\dc} (called say AMP1) which has a {\em known set of failure modes} (i.e. its symptoms).
|
||||
We can now treat $AMP1$ as a pre-analysed, higher level component.
|
||||
The amplifier is an abstract concept, in terms of the components.
|
||||
The components brought together in a specific way make it an amplifier !
|
||||
To a make an `amplifier' we have to connect a a group of components
|
||||
in a specific configuration. This specific configuration corresponds to
|
||||
a {\fg}. Our use of it as a building block corresponds to a {\dc}.
|
||||
|
||||
|
||||
%What this means is the `fault~symptoms' of the module have been derived.
|
||||
@ -185,7 +190,7 @@ fm : \mathcal{C} \rightarrow \mathcal{P}\mathcal{F}.
|
||||
This is defined by, where $c$ is a component and $F$ is a set of failure modes,
|
||||
$ fm ( c ) = F. $
|
||||
|
||||
We can use the variable name $FG$ to represent a {\fg}. A {\fg} is a collection
|
||||
We can use the variable name $\FG$ to represent a {\fg}. A {\fg} is a collection
|
||||
of components.
|
||||
%We thus define $FG$ as a set of chosen components defining
|
||||
%a {\fg}; all functional groups
|
||||
@ -295,53 +300,7 @@ Idea stage on this section
|
||||
\clearpage
|
||||
Two areas that cannot be automated. Choosing {\fgs} and the analysis/symptom collection process itself.
|
||||
|
||||
\section{Side Effects: A Problem for FMMD analysis}
|
||||
A problem with modularising according to functionality is that we can have component failures that would
|
||||
intuitively be associated with one {\fg} that may cause unintended side effects in other
|
||||
{\fgs}.
|
||||
For instance were we to have a component that on failing $SHORT$ could bring down
|
||||
a voltage supply rail, this could have drastic consequences for other
|
||||
functional groups in the system we are examining.
|
||||
\pagebreak[3]
|
||||
\subsection{Example de-coupling capacitors in logic circuits}
|
||||
|
||||
A good example of this, are de-coupling capacitors, often used
|
||||
over the power supply pins of all chips in a digital logic circuit.
|
||||
Were any of these capacitors to fail $SHORT$ they could bring down
|
||||
the supply voltage to the other logic chips.
|
||||
|
||||
|
||||
To a power-supply, shorted capacitors on the supply rails
|
||||
are a potential source of the symptom, $SUPPLY\_SHORT$.
|
||||
In a logic chip/digital circuit {\fg} open capacitors are a potential
|
||||
source of symptoms caused by the failure mode $INTERFERENCE$.
|
||||
So we have a `symptom' of the power-supply, and a `failure~mode' of
|
||||
the logic chip to consider.
|
||||
|
||||
A possible solution to this is to include the de-coupling capacitors
|
||||
in the power-supply {\fg}.
|
||||
% decision, could they be included in both places ????
|
||||
% I think so
|
||||
|
||||
|
||||
Because the capacitor has two potential failure modes (EN298)
|
||||
this raises another issue for FMMD. A de-coupling capacitor going $OPEN$ might not be considered relevant to
|
||||
a power-supply module (but there might be additional noise on its output rails).
|
||||
But in {\fg} terms the power supply, now has a new symptom that of $INTERFERENCE$.
|
||||
|
||||
Some logic chips are more susceptible to $INTERFERENCE$ than others.
|
||||
A logic chip with de-coupling capacitor failing, may operate correctly
|
||||
but interfere with other chips in the circuit.
|
||||
|
||||
There is no reason why the de-coupling capacitors could not be included {\em in the {\fg} they would intuitively be associated with as well}.
|
||||
This allows for the general principle of a component failure affecting more than one {\fg} in a circuit.
|
||||
This allows functional groups to share components where necessary.
|
||||
This does not break the modularity of the FMMD technique, because, as {\irl}
|
||||
one component failure may affect more than one sub-system.
|
||||
It does uncover a weakness in the FMMD methodology though.
|
||||
It could be very easy to miss the side effect and include
|
||||
the component causing the side effect into the wrong {\fg}, or only one germane {\fg}.
|
||||
\pagebreak[3]
|
||||
\subsection{{\fgs} Sharing components and Hierarchy}
|
||||
|
||||
With electronics we need to follow the signal path to make sense of failure modes
|
||||
@ -622,6 +581,56 @@ $$
|
||||
%
|
||||
% can I say that ?
|
||||
|
||||
\section{Problems in choosing membership of functional groups}
|
||||
|
||||
\subsection{Side Effects: A Problem for FMMD analysis}
|
||||
A problem with modularising according to functionality is that we can have component failures that would
|
||||
intuitively be associated with one {\fg} that may cause unintended side effects in other
|
||||
{\fgs}.
|
||||
For instance were we to have a component that on failing $SHORT$ could bring down
|
||||
a voltage supply rail, this could have drastic consequences for other
|
||||
functional groups in the system we are examining.
|
||||
|
||||
\pagebreak[3]
|
||||
\subsubsection{Example de-coupling capacitors in logic circuits}
|
||||
|
||||
A good example of this, are de-coupling capacitors, often used
|
||||
over the power supply pins of all chips in a digital logic circuit.
|
||||
Were any of these capacitors to fail $SHORT$ they could bring down
|
||||
the supply voltage to the other logic chips.
|
||||
|
||||
|
||||
To a power-supply, shorted capacitors on the supply rails
|
||||
are a potential source of the symptom, $SUPPLY\_SHORT$.
|
||||
In a logic chip/digital circuit {\fg} open capacitors are a potential
|
||||
source of symptoms caused by the failure mode $INTERFERENCE$.
|
||||
So we have a `symptom' of the power-supply, and a `failure~mode' of
|
||||
the logic chip to consider.
|
||||
|
||||
A possible solution to this is to include the de-coupling capacitors
|
||||
in the power-supply {\fg}.
|
||||
% decision, could they be included in both places ????
|
||||
% I think so
|
||||
|
||||
|
||||
Because the capacitor has two potential failure modes (EN298)
|
||||
this raises another issue for FMMD. A de-coupling capacitor going $OPEN$ might not be considered relevant to
|
||||
a power-supply module (but there might be additional noise on its output rails).
|
||||
But in {\fg} terms the power supply, now has a new symptom that of $INTERFERENCE$.
|
||||
|
||||
Some logic chips are more susceptible to $INTERFERENCE$ than others.
|
||||
A logic chip with de-coupling capacitor failing, may operate correctly
|
||||
but interfere with other chips in the circuit.
|
||||
|
||||
There is no reason why the de-coupling capacitors could not be included {\em in the {\fg} they would intuitively be associated with as well}.
|
||||
This allows for the general principle of a component failure affecting more than one {\fg} in a circuit.
|
||||
This allows functional groups to share components where necessary.
|
||||
This does not break the modularity of the FMMD technique, because, as {\irl}
|
||||
one component failure may affect more than one sub-system.
|
||||
It does uncover a weakness in the FMMD methodology though.
|
||||
It could be very easy to miss the side effect and include
|
||||
the component causing the side effect into the wrong {\fg}, or only one germane {\fg}.
|
||||
|
||||
|
||||
|
||||
\section{Double Simultaneous Failures}
|
||||
@ -724,10 +733,10 @@ For Functional Group 2 (FG2), let us map:
|
||||
FS6 & \mapsto & S5
|
||||
\end{eqnarray*}
|
||||
|
||||
This AUTOMATIC check can reveal WHEN double checking no longer necessary
|
||||
in the hierarchy to cover dub sum !!!!! YESSSS
|
||||
%This AUTOMATIC check can reveal WHEN double checking no longer necessary
|
||||
%in the hierarchy to cover dub sum !!!!! YESSSS
|
||||
|
||||
\section{Non-Inverting OPAMP}
|
||||
\section{Example Analysis: Non-Inverting OPAMP}
|
||||
Consider a non inverting op-amp designed to amplify
|
||||
a small positive voltage (typical use would be a thermocouple amplifier
|
||||
taking a range from 0 to 25mV and amplifiying it to the useful range of an ADC, approx 0 to 4 volts).
|
||||
@ -776,7 +785,7 @@ We can now examine what effect each of these failures will have on the {\fg} (se
|
||||
|
||||
|
||||
\begin{table}[h+]
|
||||
\caption{Potential Divider: Sinlge failure analysis}
|
||||
\caption{Potential Divider: Single failure analysis}
|
||||
\begin{tabular}{|| l | l | c | c | l ||} \hline
|
||||
\textbf{Failure Scenario} & & \textbf{Pot Div Effect} & & \textbf{Symptom} \\
|
||||
\hline
|
||||
@ -842,6 +851,7 @@ With this two stage analysis we have a comparison complexity (see equation~\ref{
|
||||
$4.(2-1)=4$ for the potential divider and $6.(2-1)=6$, giving a total of $10$ for the $NIAMP$.
|
||||
For this simple example, traditional flat/non-modular FMEA would have a CC of $(3-1).(4+2+2)=16$.
|
||||
|
||||
\clearpage
|
||||
\section{Inverting OPAMP}
|
||||
|
||||
\label{sec:invamp}
|
||||
@ -854,16 +864,16 @@ For this simple example, traditional flat/non-modular FMEA would have a CC of $(
|
||||
\label{fig:invamp}
|
||||
\end{figure}
|
||||
|
||||
This configuration is interesting from methodology perspective.
|
||||
There are two ways in which we can tackle this.
|
||||
One is to do this in two stages, by considering the gain resistors to be a potential divider
|
||||
%This configuration is interesting from methodology pers.
|
||||
There are two obvious ways in which we can model this circuit:
|
||||
One is to do this in two stages, by considering the gain resistors to be an inverted potential divider
|
||||
and then combining it with the OPAMP failure mode model.
|
||||
The other way is to place all three components in a {\fg}.
|
||||
The second is to place all three components in a {\fg}.
|
||||
Both approaches are followed in the next two sub-sections.
|
||||
|
||||
\subsection{Inverting OPAMP using a Potential Divider {\dc}}
|
||||
|
||||
Re-using the $PD$ - potential divider works only if the input voltage is negative.
|
||||
We cannot simply re-use the $PD$ from section~\ref{potdivfmmd}---that potential divider would only be valid if the input signal were negative.
|
||||
We want if possible to have detectable errors, HIGH and LOW are better than OUTOFRANGE.
|
||||
If we can refine the operational states of the functional group, we can obtain clearer
|
||||
symptoms.
|
||||
@ -874,9 +884,9 @@ If we consider the input will only be positive, we can invert the potential divi
|
||||
\begin{tabular}{|| l | l | c | c | l ||} \hline
|
||||
\textbf{Failure Scenario} & & \textbf{Inverted Pot Div Effect} & & \textbf{Symptom} \\
|
||||
\hline
|
||||
FS1: R1 SHORT & & $HIGH$ & & $PDHigh$ \\ \hline
|
||||
FS2: R1 OPEN & & $LOW$ & & $PDLow$ \\ \hline
|
||||
FS3: R2 SHORT & & $LOW$ & & $PDLow$ \\ \hline
|
||||
FS1: R1 SHORT & & $HIGH$ & & $PDHigh$ \\ \hline
|
||||
FS2: R1 OPEN & & $LOW$ & & $PDLow$ \\ \hline
|
||||
FS3: R2 SHORT & & $LOW$ & & $PDLow$ \\ \hline
|
||||
FS4: R2 OPEN & & $HIGH$ & & $PDHigh$ \\ \hline
|
||||
\hline
|
||||
\end{tabular}
|
||||
@ -892,8 +902,8 @@ We can now form a {\fg} from the OPAMP and the $INVPD$
|
||||
\begin{tabular}{|| l | l | c | c | l ||} \hline
|
||||
\textbf{Failure Scenario} & & \textbf{Inverted Amp Effect} & & \textbf{Symptom} \\ \hline
|
||||
\hline
|
||||
FS1: INVPD LOW & & NEGATIVE - input & & $ HIGH $ \\
|
||||
FS2: INVPD HIGH & & Positive - input & & $ LOW $ \\
|
||||
FS1: INVPD LOW & & NEGATIVE on -input & & $ HIGH $ \\
|
||||
FS2: INVPD HIGH & & Positive on -input & & $ LOW $ \\
|
||||
|
||||
FS5: AMP L\_DN & & $ INVAMP_{low} $ & & $ LOW $ \\ \hline
|
||||
|
||||
@ -930,12 +940,12 @@ $HIGH$ or $LOW$ output.
|
||||
|
||||
|
||||
\begin{table}[h+]
|
||||
\caption{Inverting Amplifier: Single failure analysis}
|
||||
\caption{Inverting Amplifier: Single failure analysis: 3 components}
|
||||
\begin{tabular}{|| l | l | c | c | l ||} \hline
|
||||
\textbf{Failure Scenario} & & \textbf{Inverted Amp Effect} & & \textbf{Symptom} \\ \hline
|
||||
\hline
|
||||
FS1: R1 SHORT +ve in & & NEGATIVE out of range & & $ OUT OF RANGE $ \\
|
||||
FS1: R1 SHORT -ve in & & POSITIVE out of range & & $ OUT OF RANGE $ \\ \hline
|
||||
FS1: R1 SHORT -ve in & & POSITIVE out of range & & $ OUT OF RANGE $ \\ \hline
|
||||
|
||||
FS2: R1 OPEN +ve in & & zero output & & $ ZERO OUTPUT $ \\
|
||||
FS2: R1 OPEN -ve in & & zero output & & $ ZERO OUTPUT $ \\ \hline
|
||||
@ -968,8 +978,8 @@ $$ fm(INVAMP) = \{ OUT OF RANGE, ZERO OUTPUT, NO GAIN, LOW PASS \} $$
|
||||
%Could further refine this if MTTF stats available for each component failure.
|
||||
|
||||
|
||||
\clearpage
|
||||
|
||||
\clearpage
|
||||
\subsection{Comparison between the two approaches}
|
||||
|
||||
If the input voltage can be negative the potential divider
|
||||
|
||||
Loading…
Reference in New Issue
Block a user