\ifthenelse {\boolean{paper}} { \abstract{ This paper analyses an inverting op-amp configuration %, with the opamp and gain resistors using the FMMD methodology. % The circuit under analysis has five `base components', four resistors % two resistors programming gain, two programming a reference, or virtual ground voltage and one op-amp. % Two resistors are used as a current balance/virtual ground to program the gain of the amplifier and another pair to set the reference or virtual ground voltage. We consider the resistors setting the reference voltage as a functional group, a potential divider. %.$PD$. %where their function is to operate as a virtual ground voltage reference. The gain resistors work with the op-amp to determine the gain characteristics, and therefore the two gain resistors and the op-amp form a second functional group.% $GAMP$. % The base component failure modes are used to model each functional group %the amplifier from from a failure mode perspective. % We determine the failure symptoms from each of these {\fgs} and create {\dcs} to represent them. We can have a {\dc} represetnting the potential~divider and another representing the gain stage. We can now create a functional group representing the inverting amplifier, by bringing the {\dcs} % $PD$ and $GMAP$ together to form a higher level functional group . % This can be analysed and a derived component, %$INVAMP$ created, to represent the failure mode behaviour of the inverting amplifier. } \section{Introduction} } { This chapter analyses an inverting op-amp configuration %, with the opamp and gain resistors using the FMMD methodology. % The circuit under analysis has five 'base components', four resistors % two resistors programming gain, two programming a reference, or virtual ground voltage and one op-amp. % Two resistors are used as a current balance/virtual ground to program the gain of the amplifier and another pair to set the reference or virtual ground voltage. We consider the resistors setting the reference voltage as a functional group, a potential divider $PD$. This chapter re-uses the $PD$ derived component from \ref{lab:nonivopamp}. %where their function is to operate as a virtual ground voltage reference. The gain resistors work with the op-amp to determine the gain characteristics, and therefore the two gain resistors and the op-amp form a second functional group $GAMP$. % The base component error modes of the components are used to model each functional group %the amplifier from from a failure mode perspective. % We determine the failure symptoms from each of these {\fgs} and create {\dcs} to represent them. We can now create a functional group representing the inverting amplifier, by bringing the {\dcs} $PD$ and $GMAP$ together to form a higher level functional group . % This can be analysed and a derived component, $INVAMP$ created, to represent the inverting amplifier determined. \section{Introduction: The non-inverting amplifier} } A standard non inverting op amp (from ``The Art of Electronics'' ~\cite{aoe}[pp.178]) is shown in figure \ref{fig:invamp}. \begin{figure}[h] \centering \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/inv.png} % noninv.jpg: 341x186 pixel, 72dpi, 12.03x6.56 cm, bb=0 0 341 186 \caption{inverting amplifier configuration with potential divider for reference/virtual ground} \label{fig:noninvamp} \end{figure} The voltage gain of this circuit ($G_v$) defined by $ G_v = -\frac{R4}{R3} $. \section{Potential Divider - OP-AMP Virtual ground reference} A functional group, is an ideally small in number collection of components, that interact to provide a function or task within a system. As the resistors work to provide a specific function, that of a potential divider to program a given voltage, we can treat them as a functional group. This functional group has two members, $R1$ and $R2$. Using the EN298 specification for resistor failure ~\cite{en298}[App.A] we can assign failure modes of $OPEN$ and $SHORT$ to the resistors. \ifthenelse {\boolean{dag}} { We can now represent a resistor in terms of its failure modes as a directed acyclic graph (DAG) (see figure \ref{fig:rdag}). \begin{figure}[h+] \centering \begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep] \tikzstyle{every pin edge}=[<-,shorten <=1pt] \tikzstyle{fmmde}=[circle,fill=black!25,minimum size=30pt,inner sep=0pt] \tikzstyle{component}=[fmmde, fill=green!50]; \tikzstyle{failure}=[fmmde, fill=red!50]; \tikzstyle{symptom}=[fmmde, fill=blue!50]; \tikzstyle{annot} = [text width=4em, text centered] \node[component] (R) at (0,-3) {$R$}; \node[failure] (RSHORT) at (\layersep,-2) {$R_{SHORT}$}; \node[failure] (ROPEN) at (\layersep,-4) {$R_{OPEN}$}; \path (R) edge (RSHORT); \path (R) edge (ROPEN); \end{tikzpicture} \caption{DAG representing a reistor and its failure modes} \label{fig:rdag} \end{figure} } { } Thus for the potential~divider stage $R1$ has failure modes $\{R1\_OPEN, R1\_SHORT\}$ and $R2$ has failure modes $\{R2\_OPEN, R2\_SHORT\}$. %\clearpage \section{Failure Mode Analysis of the Potential Divider} \ifthenelse {\boolean{pld}} { Modelling this as a functional group, we can draw a simple closed curve to represent each failure mode, taken from the components R1 and R2, in the potential divider, shown in figure \ref{fig:fg1}. \begin{figure}[h] \centering \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/fg1.png} % fg1.jpg: 430x271 pixel, 72dpi, 15.17x9.56 cm, bb=0 0 430 271 \caption{potential divider failure modes} \label{fig:fg1} \end{figure} } { } \ifthenelse {\boolean{dag}} { Modelling this as a functional group, we can draw this as a directed graph failure modes, taken from the components R1 and R2, in the potential divider, shown in figure \ref{fig:fg1dag}. \begin{figure} \centering \begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep] \tikzstyle{every pin edge}=[<-,shorten <=1pt] \tikzstyle{fmmde}=[circle,fill=black!25,minimum size=30pt,inner sep=0pt] \tikzstyle{component}=[fmmde, fill=green!50]; \tikzstyle{failure}=[fmmde, fill=red!50]; \tikzstyle{symptom}=[fmmde, fill=blue!50]; \tikzstyle{annot} = [text width=4em, text centered] \node[component] (R1) at (0,-4) {$R_1$}; \node[component] (R2) at (0,-6) {$R_2$}; \node[failure] (R1SHORT) at (\layersep,-2) {$R1_{SHORT}$}; \node[failure] (R1OPEN) at (\layersep,-4) {$R1_{OPEN}$}; \node[failure] (R2SHORT) at (\layersep,-6) {$R2_{SHORT}$}; \node[failure] (R2OPEN) at (\layersep,-8) {$R2_{OPEN}$}; \path (R1) edge (R1SHORT); \path (R1) edge (R1OPEN); \path (R2) edge (R2SHORT); \path (R2) edge (R2OPEN); % Potential divider failure modes % %\node[symptom] (PDHIGH) at (\layersep*2,-4) {$PD_{HIGH}$}; %\node[symptom] (PDLOW) at (\layersep*2,-6) {$PD_{LOW}$}; %\path (R1OPEN) edge (PDHIGH); %\path (R2SHORT) edge (PDHIGH); %\path (R2OPEN) edge (PDLOW); %\path (R1SHORT) edge (PDLOW); \end{tikzpicture} \caption{DAG representing the functional group `Potential Divider'} \label{fig:fg1dag} \end{figure} } { } We can now look at each of these base component failure modes, and determine how they will affect the operation of the potential divider. %Each failure mode scenario we look at will be given a test case number, %which is represented on the diagram, with an asterisk marking %which failure modes is modelling (see figure \ref{fig:fg1a}). \ifthenelse {\boolean{pld}} { Each labelled asterisk in the diagram represents a failure mode scenario. The failure mode scenarios are given test case numbers, and an example to clarify this follows in table~\ref{pdfmea}. \begin{figure}[h+] \centering \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/fg1a.png} % fg1a.jpg: 430x271 pixel, 72dpi, 15.17x9.56 cm, bb=0 0 430 271 \caption{potential divider with test cases} \label{fig:fg1a} \end{figure} } { } \ifthenelse {\boolean{dag}} { For this example we can look at single failure modes only. For each failure mode in our {\fg} `potential~divider' we can assign a test case number (see table \ref{pdfmea}). Each test case is analysed to determine the `symptom' on the potential diverders operation. For instance were the resistor $R_1$ to go open, the circuit would not be grounded and the voltage output from it would be the +ve supply rail. This would mean the symptom of the failed potential divider, would be that it gives an output high voltage reading. We can now consider the {\fg} as a component in its own right, and its symptoms as its failure modes. From table \ref{pdfmea} we can see that resistor failures modes lead to some common `symptoms'. By drawing connecting lines in a graph, from the failure modes to the symptoms we can show the relationships between the component failure modes and resultant symptoms. %The {\fg} can now be considered a derived component. This is represented in the DAG in figure \ref{fig:fg1adag}. \begin{figure}[h+] \centering \begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep] \tikzstyle{every pin edge}=[<-,shorten <=1pt] \tikzstyle{fmmde}=[circle,fill=black!25,minimum size=30pt,inner sep=0pt] \tikzstyle{component}=[fmmde, fill=green!50]; \tikzstyle{failure}=[fmmde, fill=red!50]; \tikzstyle{symptom}=[fmmde, fill=blue!50]; \tikzstyle{annot} = [text width=4em, text centered] \node[component] (R1) at (0,-4) {$R_1$}; \node[component] (R2) at (0,-6) {$R_2$}; \node[failure] (R1SHORT) at (\layersep,-2) {$R1_{SHORT}$}; \node[failure] (R1OPEN) at (\layersep,-4) {$R1_{OPEN}$}; \node[failure] (R2SHORT) at (\layersep,-6) {$R2_{SHORT}$}; \node[failure] (R2OPEN) at (\layersep,-8) {$R2_{OPEN}$}; \path (R1) edge (R1SHORT); \path (R1) edge (R1OPEN); \path (R2) edge (R2SHORT); \path (R2) edge (R2OPEN); % Potential divider failure modes % \node[symptom] (PDHIGH) at (\layersep*2,-4) {$PD_{HIGH}$}; \node[symptom] (PDLOW) at (\layersep*2,-6) {$PD_{LOW}$}; \path (R1OPEN) edge (PDHIGH); \path (R2SHORT) edge (PDHIGH); \path (R2OPEN) edge (PDLOW); \path (R1SHORT) edge (PDLOW); \end{tikzpicture} \caption{Failure symptoms of the `Potential Divider'} \label{fig:fg1adag} \end{figure} } { } \begin{table}[ht] \caption{Potential Divider: Failure Mode Effects Analysis: Single Faults} % title of Table \centering % used for centering table \begin{tabular}{||l|c|c|l|l||} \hline \hline \textbf{Test} & \textbf{Pot.Div} & \textbf{ } & \textbf{General} \\ \textbf{Case} & \textbf{Effect} & \textbf{ } & \textbf{Symtom Description} \\ % R & wire & res + & res - & description \hline \hline TC1: $R_1$ SHORT & LOW & & LowPD \\ TC2: $R_1$ OPEN & HIGH & & HighPD \\ \hline TC3: $R_2$ SHORT & HIGH & & HighPD \\ TC4: $R_2$ OPEN & LOW & & LowPD \\ \hline \hline \end{tabular} \label{pdfmea} \end{table} \ifthenelse {\boolean{pld}} { We can now collect the symptoms of failure. From the four base component failure modes, we now have two symptoms, where the current balance/virtual ground will give an incorrect low voltage (which we can term $LowPD$) or an incorrect high voltage (which we can term $HighPD$). We can represent the collection of these symptoms by drawing connecting lines between the test cases and naming them (see figure \ref{fig:fg1b}). % \begin{figure}[h+] % \centering % \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/fg1b.png} % % fg1b.jpg: 430x271 pixel, 72dpi, 15.17x9.56 cm, bb=0 0 430 271 % \caption{Collection of current balance/virtual ground failure mode symptoms} % \label{fig:fg1b} % \end{figure} %\clearpage We can now make a `derived component' to represent this current balance/virtual ground. This can be named \textbf{PD}. This {\dc} will have two failure modes. We can use the symbol $\bowtie$ to represent taking the analysed {\fg} and creating from it, a {\dc}. %We could represent it algebraically thus: $ \bowtie(PotDiv) = % \begin{figure}[h+] % \centering % \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/dc1.png} % % dc1.jpg: 430x619 pixel, 72dpi, 15.17x21.84 cm, bb=0 0 430 619 % \caption{From functional group to derived component} % \label{fig:dc1} % \end{figure} } { } \ifthenelse {\boolean{dag}} { We can now represent the current balance/virtual ground as a {\dc}. Because have its symptoms or failure mode behaviour, we can treat these as the failure modes of a a new {\dc}. We can represent that as a DAG (see figure \ref{fig:dc1dag}). \begin{figure}[h+] \centering \begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep] \tikzstyle{every pin edge}=[<-,shorten <=1pt] \tikzstyle{fmmde}=[circle,fill=black!25,minimum size=30pt,inner sep=0pt] \tikzstyle{component}=[fmmde, fill=green!50]; \tikzstyle{failure}=[fmmde, fill=red!50]; \tikzstyle{symptom}=[fmmde, fill=blue!50]; \tikzstyle{annot} = [text width=4em, text centered] \node[component] (PD) at (0,-3) {$PD$}; \node[symptom] (PDHIGH) at (\layersep,-2) {$PD_{HIGH}$}; \node[symptom] (PDLOW) at (\layersep,-4) {$PD_{LOW}$}; \path (PD) edge (PDHIGH); \path (PD) edge (PDLOW); \end{tikzpicture} \caption{DAG representing a Potential Divider (PD) its failure symptoms} \label{fig:dc1dag} \end{figure} } { } Because the derived component is defined by its failure modes and the functional group used to derive it, we can use it as a building block for other {\fgs} in the same way as we used the resistors $R1$ and $R2$. \clearpage \section{Failure Mode Analysis of the OP-AMP Gain Section} Let use now consider the op-amp. According to FMD-91~\cite{fmd91}[3-116] an op amp may have the following failure modes: latchup(12.5\%), latchdown(6\%), nooperation(31.3\%), lowslewrate(50\%). The op-amp gain section use resistors $R4$ and $R3$ to determine the amount of negative gain. Each of the reistors have two failure modes $SHORT$ and $OPEN$. For our gain stage amplifier section, we have a {\fg} comprising the opamp, R3 and R4. \paragraph{Functional group context} We have to consider the context the amplifier is used it to determine its failure mode symptoms. If this were to be a instrumentaion amplifier, the low slew failure mode may not be a problem at all but could affect an audio amplifier by introducing low-pass filtering. TC2, TC1 and TC7, where there is no gain or ref voltage is output, could be very bad for an instrumentation amplifier because the oputput may be in a valid reading range for the application. For the purpose of example we shall consider this amplifier to be an instumentation amplifier. \begin{table}[ht] \caption{Inverting Amplifier Gain Stage: Failure Mode Effects Analysis: Single Faults} % title of Table \centering % used for centering table \begin{tabular}{||l|c|c|l|l||} \hline \hline \textbf{Test} & \textbf{Amplifier} & \textbf{ } & \textbf{General} \\ \textbf{Case} & \textbf{Effect} & \textbf{ } & \textbf{Symtom Description} \\ % R & wire & res + & res - & description \hline \hline TC1: $R3_{OPEN}$ & Ref V. Output & & \\ TC2: $R3_{SHORT}$ & High Gain & & OUT\_OF\_RANGE \\ \hline TC3: $R4_{OPEN}$ & High Gain & & OUT\_OF\_RANGE \\ TC4: $R4_{SHORT}$ & No Gain & & \\ \hline TC5: $OPAMP$ LatchUP & High Output +Ve & & OUT\_OF\_RANGE \\ TC6: $OPAMP$ LatchDown & Low Output -Ve & & OUT\_OF\_RANGE \\ \hline TC7: $OPAMP$ No Operation & Low Output -Ve & & OUT\_OF\_RANGE \\ TC8: $OPAMP$ Low Slew & Low pass filter & & \\ \hline %TC7: $R_2$ OPEN & LOW & & LowPD \\ \hline \hline \end{tabular} \label{ampfmea} \end{table} \ifthenelse {\boolean{pld}} { We can represent these failure modes of this {\fg} on a diagram (see figure~\ref{fig:op1}). \begin{figure}[h+] \centering \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/op1.png} % op1.jpg: 406x221 pixel, 72dpi, 14.32x7.80 cm, bb=0 0 406 221 \caption{Op Amp failure modes} \label{fig:op1} \end{figure} } { } \ifthenelse {\boolean{dag}} { We can represent the failure modes of this {\fg} on a DAG (see figure~\ref{fig:op1dag}). \begin{figure} \centering \begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep] \tikzstyle{every pin edge}=[<-,shorten <=1pt] \tikzstyle{fmmde}=[circle,fill=black!25,minimum size=30pt,inner sep=0pt] \tikzstyle{component}=[fmmde, fill=green!50]; \tikzstyle{failure}=[fmmde, fill=red!50]; \tikzstyle{symptom}=[fmmde, fill=blue!50]; \tikzstyle{annot} = [text width=4em, text centered] \node[component] (OPAMP) at (0,-4) {$OPAMP$}; \node[failure] (OPAMPLU) at (\layersep,-0) {latchup}; \node[failure] (OPAMPLD) at (\layersep,-2) {latchdown}; \node[failure] (OPAMPNP) at (\layersep,-4) {noop}; \node[failure] (OPAMPLS) at (\layersep,-6) {lowslew}; \path (OPAMP) edge (OPAMPLU); \path (OPAMP) edge (OPAMPLD); \path (OPAMP) edge (OPAMPNP); \path (OPAMP) edge (OPAMPLS); \node[component] (R3) at (0,-9) {$R3$}; \node[failure] (R3SHORT) at (\layersep,-8) {SHORT}; \node[failure] (R3OPEN) at (\layersep,-10) {OPEN}; \path (R3) edge (R3SHORT); \path (R3) edge (R3OPEN); \node[component] (R4) at (0,-14) {$R4$}; \node[failure] (R4SHORT) at (\layersep,-13) {SHORT}; \node[failure] (R4OPEN) at (\layersep,-15) {OPEN}; \path (R4) edge (R4SHORT); \path (R4) edge (R4OPEN); \end{tikzpicture} % End of code \caption{DAG representing failure modes of an Op-amp} \label{fig:op1dag} \end{figure} } { } %\clearpage \section{{\fg} forrmed from OP amp and the potential divider {\dcs}} We can now consider bringing the OP amp and the current balance/virtual ground together to model the non inverting amplifier. We have the failure modes of the functional group for the current balance/virtual ground, so we do not need to consider the individual resistor failure modes that define its behaviour. \ifthenelse {\boolean{pld}} { We can make a new functional group to represent the amplifier, by bringing the component \textbf{opamp} and the component current balance/virtual ground \textbf{PD} into a new functional group. This functional group has the failure modes from the op-amp component, and the failure modes from the current balance/virtual ground {\dc}, represented by figure~\ref{fig:fgamp}. \begin{figure}[h+] \centering \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/fgamp.png} % fgamp.jpg: 430x330 pixel, 72dpi, 15.17x11.64 cm, bb=0 0 430 330 \caption{Amplifier Functional Group} \label{fig:fgamp} \end{figure} We can now place test cases on this (note this analysis considers single failure modes only where we want to model multiple failures, we can over lap contours, and place the test cases in overlapping regions) see figure~\ref{fig:fgampa}. \begin{figure}[h+] \centering \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/fgampa.png} % fgampa.jpg: 430x330 pixel, 72dpi, 15.17x11.64 cm, bb=0 0 430 330 hno \caption{Amplifier Functional Group with Test Cases} \label{fig:fgampa} \end{figure} } { } \ifthenelse {\boolean{dag}} { We can now crate a {\fg} for the non-inverting amplifier by bringing together the failure modes from \textbf{opamp} and \textbf{PD}. Each of these failure modes will be given a test case for analysis, and this is represented in table \ref{ampfmea}. } { } \clearpage \begin{table}[ht] \caption{Inverting Amplifier: Failure Mode Effects Analysis: Single Faults} % title of Table \centering % used for centering table \begin{tabular}{||l|c|c|l|l||} \hline \hline \textbf{Test} & \textbf{Amplifier} & \textbf{ } & \textbf{General} \\ \textbf{Case} & \textbf{Effect} & \textbf{ } & \textbf{Symtom Description} \\ % R & wire & res + & res - & description \hline \hline % TC1: $R3_{OPEN}$ & Output High & & AMPHigh \\ % TC2: $R3_{SHORT}$ & Output Low : Low gain& & AMPLow \\ \hline % % TC3: $R4_{OPEN}$ LatchUP & Output High & & AMPHigh \\ % TC4: $R4_{SHORT}$ LatchDown & Output Low : Low gain& & AMPLow \\ \hline % % TC5: $OPAMP$ LatchUP & Output High & & AMPHigh \\ % TC6: $OPAMP$ LatchDown & Output Low : Low gain& & AMPLow \\ \hline % TC7: $OPAMP$ No Operation & Output Low & & AMPLow \\ % TC8: $OPAMP$ Low Slew & Low pass filtering & & LowPass \\ \hline TC9: $PD$ LowPD & Output High & & AMPHigh \\ TC10: $PD$ HighPD & Output Low : Low Gain& & AMPLow \\ \hline %TC7: $R_2$ OPEN & LOW & & LowPD \\ \hline \hline \end{tabular} \label{ampfmea} \end{table} Let us consider, for the sake of example, that the voltage follower (very low gain of 1.0) amplification chracteristics from TC2 and TC6 can be considered as low output from the OPAMP for the application in hand (say milli-volt signal amplification). For this amplifier configuration we have three failure modes, $AMPHigh, AMPLow, LowPass$.%see figure~\ref{fig:fgampb}. \ifthenelse {\boolean{pld}} { We can now derive a `component' to represent this amplifier configuration (see figure ~\ref{fig:noninvampa}). %\begin{figure}[h+] % \centering % \includegraphics[width=200pt,keepaspectratio=true]{./invopamp/noninvampa.png} % % noninvampa.jpg: 436x720 pixel, 72dpi, 15.38x25.40 cm, bb=0 0 436 720 % \caption{Non Inverting Amplifier Derived Component} % \label{fig:noninvampa} %\end{figure} } { } \ifthenelse {\boolean{dag}} { %% text for figure below The non-inverting amplifier can be drawn as a DAG using the results from table~\ref{ampfmea} (see~figure~\ref{fig:noninvdag0}). Note that the current balance/virtual ground, $PD$, is treated as a component with a set of failure modes, and its error sources and analysis have been hidden in this diagram. $PD$ is considered to be a {\dc}. \begin{figure} \centering \begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep] \tikzstyle{every pin edge}=[<-,shorten <=1pt] \tikzstyle{fmmde}=[circle,fill=black!25,minimum size=30pt,inner sep=0pt] \tikzstyle{component}=[fmmde, fill=green!50]; \tikzstyle{failure}=[fmmde, fill=red!50]; \tikzstyle{symptom}=[fmmde, fill=blue!50]; \tikzstyle{annot} = [text width=4em, text centered] \node[component] (OPAMP) at (0,-4) {$OPAMP$}; \node[failure] (OPAMPLU) at (\layersep,-0) {latchup}; \node[failure] (OPAMPLD) at (\layersep,-2) {latchdown}; \node[failure] (OPAMPNP) at (\layersep,-4) {noop}; \node[failure] (OPAMPLS) at (\layersep,-6) {lowslew}; \path (OPAMP) edge (OPAMPLU); \path (OPAMP) edge (OPAMPLD); \path (OPAMP) edge (OPAMPNP); \path (OPAMP) edge (OPAMPLS); \node[component] (PD) at (0,-9) {$PD$}; \node[symptom] (PDHIGH) at (\layersep,-8) {$PD_{HIGH}$}; \node[symptom] (PDLOW) at (\layersep,-10) {$PD_{LOW}$}; \path (PD) edge (PDHIGH); \path (PD) edge (PDLOW); \node[symptom] (AMPHIGH) at (\layersep*4,-3) {$AMP_{HIGH}$}; \node[symptom] (AMPLOW) at (\layersep*4,-5) {$AMP_{LOW}$}; \node[symptom] (AMPLP) at (\layersep*4,-7) {$LOWPASS$}; \path (PDLOW) edge (AMPHIGH); \path (OPAMPLU) edge (AMPHIGH); \path (PDHIGH) edge (AMPLOW); \path (OPAMPNP) edge (AMPLOW); \path (OPAMPLD) edge (AMPLOW); \path (OPAMPLS) edge (AMPLP); \end{tikzpicture} % End of code \caption{DAG representing failure modes and symptoms of the Non Inverting Op-amp Circuit} \label{fig:noninvdag0} \end{figure} } { } %failure mode contours). %\clearpage \clearpage \section{Failure Modes from non inverting amplifier as a Directed Acyclic Graph (DAG)} \ifthenelse {\boolean{pld}} { We can now represent the FMMD analysis as a directed graph, see figure \ref{fig:noninvdag1}. With the information structured in this way, we can trace the high level failure mode symptoms back to their potential causes. } { } \ifthenelse {\boolean{dag}} { We can now expand the $PD$ {\dc} and now have a full FMMD failure mode model drawn as a DAG, which we can use to traverse to determine the possible causes to the three high level symptoms, or failure~modes of the non-inverting amplifier. Figure \ref{fig:noninvdag1} shows a fully expanded DAG, from which we can derive information to assist in building models for FTA, FMEA, FMECA and FMEDA failure mode analysis methodologies. } { } \begin{figure} \centering \begin{tikzpicture}[shorten >=1pt,->,draw=black!50, node distance=\layersep] \tikzstyle{every pin edge}=[<-,shorten <=1pt] \tikzstyle{fmmde}=[circle,fill=black!25,minimum size=30pt,inner sep=0pt] \tikzstyle{component}=[fmmde, fill=green!50]; \tikzstyle{failure}=[fmmde, fill=red!50]; \tikzstyle{symptom}=[fmmde, fill=blue!50]; \tikzstyle{annot} = [text width=4em, text centered] % Draw the input layer nodes %\foreach \name / \y in {1,...,4} % This is the same as writing \foreach \name / \y in {1/1,2/2,3/3,4/4} % \node[component, pin=left:Input \#\y] (I-\name) at (0,-\y) {}; \node[component] (OPAMP) at (0,-4) {$OPAMP$}; \node[component] (R1) at (0,-9) {$R_1$}; \node[component] (R2) at (0,-13) {$R_2$}; %\node[component] (C-3) at (0,-5) {$C^0_3$}; %\node[component] (K-4) at (0,-8) {$K^0_4$}; %\node[component] (C-5) at (0,-10) {$C^0_5$}; %\node[component] (C-6) at (0,-12) {$C^0_6$}; %\node[component] (K-7) at (0,-15) {$K^0_7$}; % Draw the hidden layer nodes %\foreach \name / \y in {1,...,5} % \path[yshift=0.5cm] \node[failure] (OPAMPLU) at (\layersep,-0) {latchup}; \node[failure] (OPAMPLD) at (\layersep,-2) {latchdown}; \node[failure] (OPAMPNP) at (\layersep,-4) {noop}; \node[failure] (OPAMPLS) at (\layersep,-6) {lowslew}; \node[failure] (R1SHORT) at (\layersep,-9) {$R1_{SHORT}$}; \node[failure] (R1OPEN) at (\layersep,-11) {$R1_{OPEN}$}; \node[failure] (R2SHORT) at (\layersep,-13) {$R2_{SHORT}$}; \node[failure] (R2OPEN) at (\layersep,-15) {$R2_{OPEN}$}; % Draw the output layer node % % Connect every node in the input layer with every node in the % % hidden layer. % %\foreach \source in {1,...,4} % % \foreach \dest in {1,...,5} \path (OPAMP) edge (OPAMPLU); \path (OPAMP) edge (OPAMPLD); \path (OPAMP) edge (OPAMPNP); \path (OPAMP) edge (OPAMPLS); \path (R1) edge (R1SHORT); \path (R1) edge (R1OPEN); \path (R2) edge (R2SHORT); \path (R2) edge (R2OPEN); % Potential divider failure modes % \node[symptom] (PDHIGH) at (\layersep*2,-11) {$PD_{HIGH}$}; \node[symptom] (PDLOW) at (\layersep*2,-13) {$PD_{LOW}$}; \path (R1OPEN) edge (PDHIGH); \path (R2SHORT) edge (PDHIGH); \path (R2OPEN) edge (PDLOW); \path (R1SHORT) edge (PDLOW); \node[symptom] (AMPHIGH) at (\layersep*4,-6) {$AMP_{HIGH}$}; \node[symptom] (AMPLOW) at (\layersep*4,-8) {$AMP_{LOW}$}; \node[symptom] (AMPLP) at (\layersep*4,-10) {$LOWPASS$}; \path (PDLOW) edge (AMPHIGH); \path (OPAMPLU) edge (AMPHIGH); \path (PDHIGH) edge (AMPLOW); \path (OPAMPNP) edge (AMPLOW); \path (OPAMPLD) edge (AMPLOW); \path (OPAMPLS) edge (AMPLP); % %\node[symptom,pin={[pin edge={->}]right:Output}, right of=C-1a] (O) {}; % \node[symptom, right of=C-1a] (s1) {s1}; % \node[symptom, right of=C-2a] (s2) {s2}; % % % % \path (C-2b) edge (s1); % \path (C-1a) edge (s1); % % \path (C-2a) edge (s2); % \path (C-1b) edge (s2); % % %\node[component, right of=s1] (DC) {$C^1_1$}; % % %\path (s1) edge (DC); % %\path (s2) edge (DC); % % % % % Connect every node in the hidden layer with the output layer % %\foreach \source in {1,...,5} % % \path (H-\source) edge (O); % % % Annotate the layers % \node[annot,above of=C-1a, node distance=1cm] (hl) {Failure modes}; % \node[annot,left of=hl] {Base Components}; % \node[annot,right of=hl](s) {Symptoms}; %\node[annot,right of=s](dcl) {Derived Component}; \end{tikzpicture} % End of code \caption{Full DAG representing failure modes and symptoms of the Non Inverting Op-amp Circuit} \label{fig:noninvdag1} \end{figure} \section{Extracting Fault Trees from the DAG} We can derive an FTA~\cite{nucfta}~\cite{nasafta} diagram for a top level event, by tracing back through the DAG. Where we come to a node with more than one error source, this becomes an `xor' gate in the FTA diagram. Tracing back from the top level event $AMP_{low}$ we are lead to the $OPAMP_{latchdown}$ and $OPAMP_{noop}$. These two events can cause the symptom $AMP_{low}$. We can also trace back down to the symptom $PD_{high}$. Thus we have three possible cause for $AMP_{low}$, and so we can draw a three input `xor' gate below $AMP_{low}$, to which $OPAMP_{latchdown}$, $OPAMP_{noop}$ and $PD_{high}$ connect to from below\footnote{XOR is used here, because we have analysed for single failures only.} %This is a weakness in FTA diagrams, as it is clumsy to represent %conjunction and dis-junction sourced from the same failure modes}. $OPAMP_{latchdown}$ and $OPAMP_{noop}$ are base level or component events, and so we cannot trace them down any further. $PD_{high}$ is a symptom, and can be traced further. $PD_{high}$ can occur by either event $R1_{open}$ or $R2_{short}$. We can place an xor gate below $PD_{high}$ and connect the events $R1_{open}$ or $R2_{short}$ to it. The FTA diagram directly derived from the FMMD DAG is shown in figure \ref{fig:noninvfta}. \begin{figure} \begin{tikzpicture}[ % Gates and symbols style and/.style={and gate US,thick,draw,fill=blue!40,rotate=90, anchor=east,xshift=-1mm}, or/.style={xor gate US,thick,draw,fill=blue!40,rotate=90, anchor=east,xshift=-1mm}, be/.style={circle,thick,draw,fill=white!60,anchor=north, minimum width=0.7cm}, tr/.style={buffer gate US,thick,draw,fill=white!60,rotate=90, anchor=east,minimum width=0.8cm}, % Label style label distance=3mm, every label/.style={blue}, % Event style event/.style={rectangle,thick,draw,fill=yellow!20,text width=2cm, text centered,font=\sffamily,anchor=north}, % Children and edges style edge from parent/.style={very thick,draw=black!70}, edge from parent path={(\tikzparentnode.south) -- ++(0,-1.05cm) -| (\tikzchildnode.north)}, level 1/.style={sibling distance=7cm,level distance=1.4cm, growth parent anchor=south,nodes=event}, level 2/.style={sibling distance=7cm}, level 3/.style={sibling distance=6cm}, level 4/.style={sibling distance=3cm} %% For compatability with PGF CVS add the absolute option: % absolute ] %% Draw events and edges %\node (g1) [event] {AMP Low} % % child { node (g1) { triple or gate } % % child { node (PDHigh) { double or gate } % child { node (g2) {G02} { % child {node (r1o) {$R1_{open}$}} % child {node (r2s) {$R2_{short}$}} % } % } % } % child {node (opld) {opamp latch down}} % child {node (opnp) {opamp noop}} % % }; \node (g1) [event] {amp low} child { node (g2) {op amp output voltage low} child {node (t1) {pd high} child { node (g4) {current balance/virtual ground voltage high} child {node (b1) {r1 open}} child {node (b2) {r2 short}} } %child { node (g5) {No flow from Component A2} % child {node (t2) {No flow from source2}} % child {node (b3) {Component A2 blocks flow}} %} } child {node (b3) {OP amp latch dn}} child {node (b4) {OP amp no op}} }; %% Place gates and other symbols %% In the CVS version of PGF labels are placed differently than in PGF 2.0 %% To render them correctly replace '-20' with 'right' and add the 'absolute' %% option to the tikzpicture environment. The absolute option makes the %% node labels ignore the rotation of the parent node. %\node [or] at (g1.south) [label=-20:G01] {}; \node [or] at (g2.south) [label=-20:G01] {}; \node [or] at (g4.south) [label=-20:G02] {}; % \node [and] at (g3.south) [label=-20:G03] {}; % \node [or] at (g4.south) [label=-20:G04] {}; % \node [or] at (g5.south) [label=-20:G05] {}; \node [be] at (b1.south) [label=below:B01] {}; \node [be] at (b2.south) [label=below:B02] {}; \node [be] at (b3.south) [label=below:B03] {}; \node [be] at (b4.south) [label=below:B04] {}; % \node [tr] at (t1.south) [label=below:T01] {}; % \node [tr] at (t2.south) [label=below:T02] {}; %% \end{tikzpicture} \label{fig:noninvfta} \caption{Example FTA Derived from the DAG for symptom `Amp Low'} \end{figure} \subsection{The FTA `OR' trap} This example amplifier analysis highlights a weakness in the FTA methodology. Intuitively, the $AMP_{low}$ failure symptom, has three possible causes and it would be tempting, when drawing an FTA diagram \footnote{FTA diagrams are drawn from the top down, starting with high level undesirable events~\cite{nucfta}}, to use a triple input `OR' gate to model these. An `OR' gate would mean that the power-set of all its inputs leads to the resultant failure mode/symptom. In this example we have a combination that breaks this rule. Were the condition $$PD_{high} \wedge OPAMP_{noop}$$ to be true we would have a floating output which is a different error condition to the output being actively low. This means that anyone drawing an OR gate in an FTA diagram should either specify that only single failure modes have been considered possible, or, must consider all power-set combinations of the inputs. \subsection{Information missing in FTA} to expand: Each FTA deals only with one symptom. - therefore only one cut-set is represented by each FTA diagram, throwing away nearly all the information associated with the other top level events. \subsubsection{Further refinements} to expand: Cuts sets and minimal cut sets. show example of detection of mimimal cut sets in the FTA tree \clearpage \section{Extracting/Assisting in FMEA reports from the DAG} A design FMEA, or potential failure mode and effects analysis will typically require the designer to look at the possible effects of all the component failure modes in the system under investigation. FMEA uses the terms `potential causes' and `potential failure modes'. In an FMMD sense, the `potential causes' are component level failure modes and the `potential failure modes' are top-level symptoms. \ifthenelse {\boolean{paper}} { %FMEA - brief description for paper... Design FMEA is methodology for assessing potential reliability/dangerous conditions early in the development cycle. FMEA is used to identify potential failure modes, determine their effect on the operation of the product, and identify actions to mitigate the failures. FMEA relies anticipating what {\em might} go wrong with a product. While anticipating every failure mode is not possible, a development team should collate as complete a list of potential failure modes as possible. With an FMMD sourced failure mode to symptom mapping, this list should be more complete. It will for instance include not only an entry every component failure mode, but has a formal reasoning process behind it, which leads to the symptom. } { See section \ref{pfmea} for an overview of FMEA. FMEA relies anticipating what {\em might} go wrong with a product. While anticipating every failure mode is not possible, a development team should collate as complete a list of potential failure modes as possible. With an FMMD sourced failure mode to symptom mapping, this list should be more complete. It will for instance include not only an entry every component failure mode, but has a formal reasoning process behind it, which leads to the symptom. } We have from the DAG model, a direct path from each component failure mode to top-level symptoms. This allows us to partially fill in the FMEA report. The detectability and severity of the symptom are subjective. The $det$ value could influenced by factors such as features only used by a small percentage of users of a product. In this case the detcability of the problem would be smaller as many users would not activate/use the feature~\cite{bfmea}. %strange is'nt it. Given component failure rates, the probability of the the potential cause occurring can be calculated, given suitable component failure mode statistical references (e.g. FMD-91~\cite{fmd91} and MIL1991~\cite{mil1991}). As these can be determined, they are represented by $Stat()$ in the table~\ref{ampfmea}. \begin{table}[ht] \caption{Non Inverting Amplifier: Failure Mode Effects Analysis: Single Faults} % title of Table \centering % used for centering table \begin{tabular}{||l|l|c|l|c|c|c||} \hline \hline \textbf{Item} & \textbf{Potential Failure} & \textbf{ Sev } & \textbf{Potential} & \textbf{prob} & \textbf{det} & \textbf{RPN} \\ \textbf{Function} & \textbf{mode} & \textbf{ /cost }& \textbf{Cause} & \textbf{/occ } & \textbf{} & \\\hline \hline Non Inverting & $AMP_{high}$ & & $R1_{short} $ & $Stat(R1_{short}) $ & & \\ Amplifier & $AMP_{low}$ & & $R1_{open} $ & $Stat(R1_{open}) $ & & \\ Circuit & $AMP_{low}$ & & $R2_{short} $ & $Stat(R2_{short}) $ & & \\ & $AMP_{high}$ & & $R2_{open}$ & $Stat(R2_{open})$ & & \\ & $AMP_{lowpass}$ & & $OPAMP_{lowslew}$ & $Stat(OPAMP_{lowslew})$ & & \\ & $AMP_{low}$ & & $OPAMP_{latchdown}$ & $Stat(OPAMP_{latchdown})$ & & \\ & $AMP_{high}$ & & $OPAMP_{latchup}$ & $Stat(OPAMP_{latchup})$ & & \\ & $AMP_{low}$ & & $OPAMP_{noop} $ & $Stat(OPAMP_{noop}) $ & & \\ \hline \hline \hline \end{tabular} \label{ampfmea} \end{table} With the partially filled in table the FMEA report only now needs the severity/cost, probability/occurrence and detectability fields filled in to obtain the $RPN$ numbers that define the order of importance of failure modes in FMEA. \subsection{Information missing in FMEA} to expand: Each FMEA looses the reasoning in the FMMD Hierarchy/DAG for linking the symptoms to the potential causes. FMEA can miss symptoms especially where a component failure mode may cause more than one top-level symptom. \section{Extracting/Assisting in FMECA from the DAG} FMECA is a refinement of FMEA and introduces two statistical variables, $\alpha$ and $\beta$. The $\alpha$ value is the probability of of a particular component failure mode occuring.We can trace the DAG from a system level error/top level event, and assign $\alpha$ values according to published statistics~\cite{fmd91}~\cite{mil1992}. As for the FMEA example we can denote this using a $Stat()$ function. The $\beta$ value is the probability that the component failure mode will cause a given system level error. This may be determined hueistically or by field data. A factor of FMECA is criticallity. Each top level event/failure is assigned a criticallity value. This defines how seriously the problem is pervcieved. This must be determined by the safety engineers responsible for the equipment and its environment. \begin{table}[ht] \caption{Non Inverting Amplifier: Failure Mode Effects Critcallity Analysis: Single Faults} % title of Table \centering % used for centering table \begin{tabular}{||l|c|l|c|c|c|c||} \hline \hline \textbf{Item} & \textbf{Potential Failure} & \textbf{Potential} & \textbf{$\alpha$} & \textbf{$\beta$} & \textbf{severity} & \textbf{$C_r$} \\ \textbf{Function} & \textbf{mode} & \textbf{Cause} & \textbf{} & \textbf{} & \textbf{rating} & \\\hline \hline Non Inverting & $AMP_{high}$ & $R1_{short} $ & $Stat(R1_{short}) $ & & & \\ Amplifier & $AMP_{low}$ & $R1_{open} $ & $Stat(R1_{open}) $ & & & \\ Circuit & $AMP_{low}$ & $R2_{short} $ & $Stat(R2_{short}) $ & & & \\ & $AMP_{high}$ & $R2_{open}$ & $Stat(R2_{open})$ & & & \\ & $AMP_{lowpass}$ & $OPAMP_{lowslew}$ & $Stat(OPAMP_{lowslew})$ & & & \\ & $AMP_{low}$ & $OPAMP_{latchdown}$ & $Stat(OPAMP_{latchdown})$ & & & \\ & $AMP_{high}$ & $OPAMP_{latchup}$ & $Stat(OPAMP_{latchup})$ & & & \\ & $AMP_{low}$ & $OPAMP_{noop} $ & $Stat(OPAMP_{noop}) $ & & & \\ \hline \hline \hline \end{tabular} \label{ampfmeca} \end{table} %As the $\alpha$ modes are probabilities, the sum of all $\alpha$ modes for a component must equal one. % Work out the alpha and beta values !!! well alpha is possible, beta and criticallity are not \section{Extracting FMEDA from the DAG} safe failure fractions hmmmm SD SU DD DU \section{Conclusion} We now have a derived component that represents the failure modes of a non-inverting op-amp based amplifier. We can now use this to model higher level designs, where we have systems that use this type of amplifier. If failure mode/reliability statistics were required these could be derived from the model, as each failure mode of the derived component is traceable to one or more base component failure mode causes, for which established statistical literature is available ~\cite{mil1991}~\cite{fmd91}. Software used to edit these diagrams, keeps the model in a directed acyclic graph data structure for this purpose. \clearpage %\end{document}