diff --git a/mybib.bib b/mybib.bib index 1b6b880..56647bd 100644 --- a/mybib.bib +++ b/mybib.bib @@ -941,7 +941,6 @@ ISSN={1530-2059},} YEAR = "1988" } - @book{DBLP:books/ph/KernighanR88, author = {Brian W. Kernighan and Dennis Ritchie}, @@ -1136,6 +1135,14 @@ ISSN={0098-5589},} } +@MISC{microchipreliability, + author = "Microchip", + title = "Microchip: Reliability Data Search Engine: Annual Product Reliability Reports", + howpublished = "Microchip Inc. http://www.microchip.com/reliabilityreport/Default.aspx", + year = "2013" +} + + @MISC{javaarea, author = "Sun~Micro~Systems", title = "Java Area Operations", diff --git a/submission_thesis/CH2_FMEA/copy.tex b/submission_thesis/CH2_FMEA/copy.tex index 2ad74fb..08cd09b 100644 --- a/submission_thesis/CH2_FMEA/copy.tex +++ b/submission_thesis/CH2_FMEA/copy.tex @@ -24,11 +24,11 @@ are examined in the context of two sources of information that define failure mo To introduce the concept of FMEA, a simple example is given, using a hypothetical four to twenty milli-amp ({\ft}) %milli-amp reader. % -The four main current FMEA variants are described and we develop %conclude by describing concepts +The four main current FMEA variants are described %and we develop %conclude by describing concepts the concepts -that underlie the usage and philosophy of FMEA. +that underlie the usage and philosophy of FMEA discussed. % -We return to the overall process of FMEA and model it using UML. +The overall process of FMEA is then reviewed and modelled using UML. % By using UML the entities needed to implement FMEA @@ -95,11 +95,12 @@ function that they perform. We begin FMEA with the basic, or starting components. % -These components are the sort we buy in or consider as pre-assembled modules. -We term these the {\bcs}; they are considered ``atomic'' i.e. they are not broken down further. +These components are the sort bought in or considered as pre-assembled modules. +These are termed {\bcs}; they are considered ``atomic'' i.e. they are not broken down further. % -Firstly we need to know how these can fail, so our first relationship -is between a {\bc} and its failure modes, see figure~\ref{fig:component_fm_rel}. +The first requirement for a {\bc} is to define the ways in which it can fail, +this relationship %between a {\bc} and its failure modes, +is shown in figure~\ref{fig:component_fm_rel}. \fmmdglossBC %DIAGRAM of Base components and failure modes @@ -114,8 +115,8 @@ is between a {\bc} and its failure modes, see figure~\ref{fig:component_fm_rel}. The next stage is analysis, that is reasoning applied to the system in the event of a given failure mode. % -To perform this we need to know how a failure -mode, considering its effect on other components in the system, +To perform how a failure +mode, after considering its effect on other components in the system, will translate to a system level symptom/failure. % The result of FMEA is to determine system level failures, @@ -147,17 +148,23 @@ of this chapter. \fmmdglossBC \label{sec:determine_fms} \fmodegloss -In order to apply any form of FMEA we need to know the ways in which -the {\bcs} we are using can fail. In practise, this part of the process is guided by -the standards to which we are seeking to conform.% to. +In order to apply any form of FMEA the ways in which +the {\bcs}\footnote{A good introduction to hardware and software failure modes may be found in~\cite{sccs}[pp.114-124].} %used +can fail must be clearly defined. % -\footnote{A good introduction to hardware and software failure modes may be found in~\cite{sccs}[pp.114-124].} +In practise, this part of the process is guided by +the particular standard +which is being conformed to. %we are seeking to conform.% to. % -Typically, when choosing components for a design, we look at manufacturers' data sheets +Standards may differ in their definitions for the {\fms} of {\bcs}. +The reasons for these differences are examined below using two example components. +% +% +Typically, when choosing components for a design, engineers will look at manufacturers' data sheets which describe functionality, physical dimensions, environmental ranges, tolerances and by `reading~between~the~lines' -in some cases can indicate how a component may fail/misbehave -under given conditions. +in some cases can indicate how a component may fail/misbehave. +%under given conditions. % How %base components could fail internally, is not of interest to an FMEA investigation. @@ -168,8 +175,10 @@ A large body of literature exists giving guidance for the determination of comp For this study FMD-91~\cite{fmd91} and the gas burner standard EN298~\cite{en298} are examined. %Some standards prescribe specific failure modes for generic component types. In EN298 failure modes for most generic component types are listed, or if not listed, -are determined using a procedure where we consider -all pins open and then all adjacent pins shorted. +are determined using a procedure: +typically of the form of examining scenarios such as +`all~pins~open' and then `all~adjacent~pins~shorted'~\cite{en298}[A.1 note e]. + %a procedure where failure scenarios of all pins OPEN and all adjacent pins shorted %are examined. % @@ -185,9 +194,18 @@ component {\fms} suitable for use in FMEA. A third document, MIL-1991~\cite{mil1991} provides overall reliability statistics for component types, but does not detail specific failure modes. % -Using MIL1991 in conjunction with FMD-91 we can determine statistics for the failure modes +Using MIL1991 in conjunction with FMD-91 statistics can be determined for the failure modes of component types. % +As these documents are now a little old, the results +from them can be on the conservative side. +\frategloss +\fmmdglossFIT +% +A FIT value for a micro-processor +may be determined at around 100 using these documents for instance, but +FIT claims for modern integrated micro-controllers are typically less than five~\cite{microchipreliability}. +% The FMEA variant\footnote{EN61508 (and related standards) are based on the FMEA variant Failure Mode Effects and Diagnostic Analysis (FMEDA)} used for European standard EN61508~\cite{en61508} requires statistics for Meantime to Failure (MTTF) for all {\bc} failure modes. @@ -211,22 +229,25 @@ requires statistics for Meantime to Failure (MTTF) for all {\bc} failure modes. \section{Determining the failure modes of Components.} \fmodegloss -The starting point in the FMEA process are the failure modes of the components -we would typically find in a production parts list, which we can term the {\bcs}. +The starting points in the FMEA process are the failure modes of the {\bcs}. +%s +%Typically found in a production parts list, which are termed the {\bcs}. % -In order to define FMEA we must start with a discussion on how these failure modes are chosen. +In order to define FMEA, a discussion on how these failure modes are defined and +their relationship to particular standards is presented below. % -In this section we pick %look in detail at -two common electrical components as examples, and examine how -the two chosen sources of {\fm} information define their failure mode behaviour. -We look at the reasons why some known failure modes % are omitted, or presented in -%specific but unintuitive ways. -%We compare the US. military published failure mode specifications wi -can be found in one source but not in the others and vice versa. +%In this section we pick %look in detail at +Two common electrical components are used as examples, +and examined against two sources of {\fm} information. % define their failure mode behaviour. % -Finally we compare and contrast the failure modes determined for these components +These definitions for a given generic component may not always agree. +% +The reasons why some {\fms} +can be found in one source but not in the others and vice versa, are discussed. +% +Finally the failure modes determined %for these components from the FMD-91~\cite{fmd91} reference source and from the guidelines of the -European burner standard EN298~\cite{en298}. +European burner standard EN298~\cite{en298} are compared and contrasted. \subsection{Failure mode determination for generic resistor.} \label{sec:resistorfm} @@ -238,14 +259,14 @@ The resistor is a ubiquitous component in electronics, and is therefore a good c % FMD-91\cite{fmd91}[3-178] lists many types of resistor and lists many possible failure causes. -For instance for {\textbf{Resistor,~Fixed,~Film}} we are given the following failure causes: +For instance for {\textbf{Resistor,~Fixed,~Film}} the following failure causes are given: \begin{itemize} - \item Opened 52\% - \item Drift 31.8\% - \item Film Imperfections 5.1\% - \item Substrate defects 5.1\% - \item Shorted 3.9\% - \item Lead damage 1.9\% + \item Opened 52\% , + \item Drift 31.8\% , + \item Film Imperfections 5.1\% , + \item Substrate defects 5.1\% , + \item Shorted 3.9\% , + \item Lead damage 1.9\% . \end{itemize} % This information may be of interest to the manufacturer of resistors, but it does not directly % help a circuit designer. @@ -253,27 +274,27 @@ For instance for {\textbf{Resistor,~Fixed,~Film}} we are given the following fai % against {\fms} that the resistor could exhibit. % We can determine these {\fms} by converting the internal failure descriptions % to {\fms} thus: -To make this useful for FMEA/FMMD we must assign each failure cause to symptomatic failure mode descriptor -as shown below. +To make this useful for FMEA/FMMD each failure cause must be mapped to a symptomatic failure mode descriptor +as listed below: % %and map these failure causes to three symptoms, %drift (resistance value changing), open and short. \begin{itemize} - \item Opened 52\% $\mapsto$ OPENED - \item Drift 31.8\% $\mapsto$ DRIFT - \item Film Imperfections 5.1\% $\mapsto$ OPEN - \item Substrate defects 5.1\% $\mapsto$ OPEN - \item Shorted 3.9\% $\mapsto$ SHORT + \item Opened 52\% $\mapsto$ OPENED, + \item Drift 31.8\% $\mapsto$ DRIFT, + \item Film Imperfections 5.1\% $\mapsto$ OPEN, + \item Substrate defects 5.1\% $\mapsto$ OPEN, + \item Shorted 3.9\% $\mapsto$ SHORT, \item Lead damage 1.9\% $\mapsto$ OPEN. \end{itemize} % -We note that the main causes of resistor value drift are overloading. % of components. +Note that the main causes of resistor value drift are overloading. % of components. This is borne out in the FMD-91~\cite{fmd91}[232] entry for a resistor network where the failure modes do not include drift. % -If we can ensure that our resistors will not be exposed to overload conditions, the -probability of drift (sometimes called parameter change) occurring +If it is ensured that our resistors will not be exposed to overload conditions, the +probability of drift (sometimes called parameter change) %occurring is significantly reduced, enough for some standards to exclude it~\cite{en298,en230}. @@ -328,8 +349,8 @@ The differences in resistor failure modes between FMD-91 and EN298 are that FMD- include the failure mode DRIFT. EN298 does not include this, mainly because it imposes circuit design constraints that effectively side step that problem. % -For this study we will take the conservative view from EN298, and consider the failure -modes for a generic resistor to be both OPEN and SHORT. We use the function $fm$ +For this study the conservative view from EN298 is taken, and the failure +modes for a generic resistor taken to be both OPEN and SHORT. The function $fm$ is used to return a set of failure modes, i.e. \label{ros} @@ -348,7 +369,7 @@ $$ fm(R) = \{ OPEN, SHORT \} . $$ The operational amplifier (op-amp) %is a differential amplifier and is very widely used in nearly all fields of modern analogue electronics. % -Only one of two sources of information on {\bc} {\fms} we are comparing +Only one of two sources of information on {\bc} {\fms} being compared has an entry specific to operational amplifiers (FMD-91). % EN298 does not specifically define the @@ -358,16 +379,17 @@ components types not specifically listed in it. % Operational amplifiers are typically packaged in dual or quad configurations---meaning that a chip will typically contain two or four amplifiers. -For the purpose of example for EN298, we look at +% +For the purpose of example for EN298, %we look at a typical op-amp designed for instrumentation and measurement, the dual packaged version of the LM358~\cite{lm358} -(see figure~\ref{fig:lm258}). +(see figure~\ref{fig:lm258}) is examined. % With the results from both sources of {\fm} definition % %we compare the failure mode definitions for FMD-91 and EN298 relating to operational amplifiers are compared. -\paragraph{ Failure Modes of an Op-Amp according to FMD-91 } +\paragraph{Failure Modes of an Op-Amp according to FMD-91.} \fmodegloss %Literature suggests, latch up, latch down and oscillation. For Op-Amp failures modes, FMD-91\cite{fmd91}{3-116] states, @@ -382,38 +404,40 @@ Again these are mostly internal causes of failure, more of interest to the compo than a test engineer % designer looking for the symptoms of failure. % -We need to translate these failure causes within the Op-Amp into {\fms}. +These failure causes within the Op-Amp need to be translated to symptomatic {\fms}. % -We can look at each failure cause in turn, and map it to potential {\fms} suitable for use in FMEA +Each failure cause is examined in turn, and mapped to potential {\fms} suitable for use in FMEA investigations. \paragraph{Op-Amp failure cause: Poor Die attach.} -The symptom for this is given as a low slew rate. This means that the op-amp -will not react quickly to changes on its input terminals. +The symptom for this is given as a low slew rate. +% +This means that the op-amp will not react quickly to changes on its input terminals. +% This is a failure symptom that may not be of concern in a slow responding system like an instrumentation amplifier. However, where higher frequencies are being processed, a signal may be lost entirely. -We can map this failure cause to a {\fm}, and we can call it $LOW_{slew}$. +This failure cause can be mapped to a symptomatic {\fm} called $LOW_{slew}$. \paragraph{No Operation - over stress.} Here the OP-Amp has been damaged, and the output may be held HIGH or LOW, or may be effectively tri-stated, i.e. not able to drive circuitry in along the next stages of -the signal path: we can call this state NOOP (no Operation). +the signal path: this {\fm} is termed NOOP (no Operation). % -We can map this failure cause to three {\fms}, $LOW$, $HIGH$, $NOOP$. +This failure cause thus maps to three {\fms}, $LOW$, $HIGH$, $NOOP$. \paragraph{Shorted inputs: $V_+$ to $V_-$.} Due to the high intrinsic gain of an op-amp, and the effect of offset currents, this will force the output HIGH or LOW. -We map this failure cause to $HIGH$ or $LOW$. +This failure cause maps to $HIGH$ or $LOW$. \paragraph{Open input: $V_+$.} This failure cause will mean that the minus input will have the very high gain of the Op-Amp applied to it, and the output will be forced HIGH or LOW. -We map this failure cause to $HIGH$ or $LOW$. +This failure cause maps to $HIGH$ or $LOW$. \paragraph{Collecting Op-Amp failure modes from FMD-91.} -We can define an Op-Amp, under FMD-91 definitions to have the following {\fms}. +An Op-Amps' failure mode behaviour, under FMD-91 definitions will have the following {\fms}. \begin{equation} \label{eqn:opampfms} fm(OpAmp) = \{ HIGH, LOW, NOOP, LOW_{slew} \} @@ -425,15 +449,20 @@ We can define an Op-Amp, under FMD-91 definitions to have the following {\fms}. EN298 does not specifically define OP\_AMPS failure modes; these can be determined by following a procedure for `integrated~circuits' outlined in annex~A~\cite{en298}[A.1 note e]. +% This demands that all open connections, and shorts between adjacent pins be considered as failure scenarios. We examine these failure scenarios on the dual packaged $LM358$~\cite{lm358} %\mu741$ and determine its {\fms} in table ~\ref{tbl:lm358}. -Collecting the op-amp failure modes from table ~\ref{tbl:lm358} we obtain the same {\fms} -that we got from FMD-91, listed in equation~\ref{eqn:opampfms}, except for +% +% Collecting the op-amp failure modes from table ~\ref{tbl:lm358} we obtain the same {\fms} +% that we got from FMD-91, listed in equation~\ref{eqn:opampfms}, except for +% $LOW_{slew}$. +% +Collecting the op-amp failure modes from table ~\ref{tbl:lm358} the same {\fms} +that we got from FMD-91 are obtained---listed in equation~\ref{eqn:opampfms}---except for $LOW_{slew}$. - %\paragraph{EN298: Open and shorted pin failure symptom determination technique} @@ -636,11 +665,14 @@ Let us choose resistor R1 in the OP-AMP gain circuitry. \item \textbf{F - Failures of given component} The resistor (R1) could fail by going OPEN or SHORT (EN298 definition). \item \textbf{M - Failure Mode} Consider the component failure mode SHORT \item \textbf{E - Effects} This will drive the minus input LOW causing a HIGH OUTPUT/READING - \item \textbf{A - Analysis} The reading will be out of the normal range, and we will have an erroneous milli-volt reading + \item \textbf{A - Analysis} The reading will be out of the normal range, i.e. will have an erroneous milli-volt reading \end{itemize} \fmeagloss +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%% WE removal project ends here today 08SEP2013 %%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% The analysis above has given us a result for % one failure %scenario i.e. one single component failure mode. @@ -649,8 +681,10 @@ for each failure mode of all the components in the system under investigation. % In theory we have had to look at the failure~mode in relation to the entire circuit. +% We have used intuition to determine the probable effect of this failure mode. +% For instance we have assumed that the resistor R1 going SHORT will not affect the ADC, the Microprocessor or the UART. %