Download Design Project - Purdue Engineering

ECE 477: Digital Systems Senior
Design
Last Modified: 08-03-2017
Reliability and Safety Analysis
Year: 2017 Semester: Spring
Creation Date: 3/30/2017
Author: Sneh Patel
Team: 13
Project: RA-1
Last Modified: August 3, 2017
Email: [email protected]
Assignment Evaluation:
Item
Assignment-Specific Items
Reliability Analysis
MTTF Tables
FMECA Analysis
Schematic of Functional
Blocks (Appendix A)
FMECA Worksheet
(Appendix B)
Writing-Specific Items
Spelling and Grammar
Formatting and Citations
Figures and Graphs
Technical Writing Style
Total Score
5: Excellent 4: Good
Score (0-5)
Weight
Points
5
4
5
x2
x3
x2
10
12
10
5
x2
10
5
x3
15
5
4
5
5
x2
x1
x2
x3
10
4
10
15
96
3: Acceptable 2: Poor
Notes
1: Very Poor 0: Not attempted
Comments: Good work! The report is well written and meets most of the requirements.
https://engineering.purdue.edu/ece477
Page 1 of 12
ECE 477: Digital Systems Senior
Design
Last Modified: 08-03-2017
1.0 Reliability Analysis
The components that are most likely to fail here are the LD1117 Low Dropout Regulator [1], the
V7805 2000R DC/DC converter [2], the SN74HC595 serial to parallel shift register [3], and the
STM32F407VGT6 microcontroller [4]. The LD1117 Low Dropout regulator was selected
because it generates a lot of heat. The V7805 2000R was selected because it is responsible for
regulating the voltage and will also have a lot of current going through it. The SN74HC595 was
selected because it will be connected to the output of the DC/DC converter and may fail if too
much voltage or current is provided to it. The STM32F407VGT6 microcontroller was selected
because it is the most complex chip on our circuit and has 100 I/O pins.
The model we are using can be found in the Military Handbook MIL-Hdbk-217f[5]:
λP = (C1 * πT + C2 * πE) * πQ * πL
The mean time to failure (MMTF) in years is:
MTTF = 106 / (24 * 365 * λP)
The assumptions are:
 The quality factor (πQ) for commercial products is taken to be 10
 The learning factor (πL) is taken to be 1 as the products are all 2 years old at least
 The environment factor (πE) is taken to be 2.0
V7805 2000R DC/DC converter:
The V7805 2000R DC/DC converter [1] has about 100 to 300 bipolar transistors and therefore
the die complexity rate was taken to be 0.02 according to the MIL-Hdbk-217f. As the V7805
2000R is a 3-pin IC and is a surface mount device, the packaging coefficient was taken to be
0.00092. The temperature factor was taken to be 3.3 as the worst-case temperature would be
taken to be about 85 °C as it runs a lot cooler than a voltage regulator. According to the formulas
found in the MIL-Hdbk-217f, the Failure rate per million hours was found to be 0.6784 and the
mean time to failure in years was found to be 168 years.
Parameter name
Description
Value
Comments
C1
Die complexity failure
rate
0.02
πT
Temperature
coefficient
3.3
C2
Package Failure rate
0.00092
πE
Environment Factor
2.0
πQ
πL
Quality Factor
Learning Factor
10
1
Based on the MIL-Hdbk217f for devices with 100 to
300 bipolar transistors
This is based on the worst
case junction temperature
of 85 °C
Based on the equation
provided in the MIL-Hdbk217f for an SMT with 3
pins
MIL-Hdbk-217f value for
mobile devices
Commercial Part
Used for devices older than
https://engineering.purdue.edu/ece477
Page 2 of 12
ECE 477: Digital Systems Senior
Design
Last Modified: 08-03-2017
2 years in production
λP
MTTF
Failure rate per million 0.6784
hours
Mean Time to Failure
168.27
Approximately 168 years
for one device to fail
LD1117 Low Dropout Regulator:
The LD1117 Low Dropout Regulator [2] has about 100 to 300 bipolar transistors and therefore
the die complexity rate was taken to be 0.02 according to the MIL-Hdbk-217f. As the LD1117 is
a 3-pin IC and is a surface mount device, the packaging coefficient was taken to be 0.00092. The
temperature factor was taken to be 5.9 as the worst-case temperature would be 125 °C.
According to the formulas found in the MIL-Hdbk-217f, the Failure rate per million hours was
found to be 1.1784 and the mean time to failure in years was found to be 97 years.
Parameter name
Description
Value
Comments
C1
Die complexity failure
rate
0.02
πT
Temperature
coefficient
5.9
C2
Package Failure rate
0.00092
πE
Environment Factor
2.0
πQ
πL
Quality Factor
Learning Factor
10
1
Based on the MIL-Hdbk217f for devices with 100 to
300 bipolar transistors
This is based on the worst
case junction temperature
of 125 °C
Based on the equation
provided in the MIL-Hdbk217f for an SMT with 3
pins
MIL-Hdbk-217f value for
mobile devices
Commercial Part
Used for devices older than
2 years in production
λP
Failure rate per million 1.1784
hours
Mean Time to Failure
96.678
MTTF
Approximately 97 years for
one device to fail
SN74HC595 serial to parallel shift register:
The SN74HC595 serial to parallel shift register [3] has less than 100 bipolar transistors and
therefore the die complexity rate was taken to be 0.01 according to the MIL-Hdbk-217f. As the
SN74HC595 is a 16-pin IC and is a surface mount device, the packaging coefficient was taken to
be 0.0056. The temperature factor was taken to be 5.9 as the worst case temperature would be
https://engineering.purdue.edu/ece477
Page 3 of 12
ECE 477: Digital Systems Senior
Design
Last Modified: 08-03-2017
125 °C. According to the formulas found in the MIL-Hdbk-217f, the Failure rate per million
hours was found to be 0.702 and the mean time to failure in years was found to be 162.61 years.
Parameter name
Description
Value
Comments
C1
Die complexity failure
rate
0.01
πT
Temperature
coefficient
5.9
C2
Package Failure rate
0.0056
πE
Environment Factor
2.0
πQ
πL
Quality Factor
Learning Factor
10
1
Based on the MIL-Hdbk217f for devices with 0 to
100 bipolar transistors
This is based on the worst
case junction temperature
of 125 °C
Based on the equation
provided in the MIL-Hdbk217f for an SMT with 16
pins
MIL-Hdbk-217f value for
mobile devices
Commercial Part
Used for devices older than
2 years in production
λP
Failure rate per million 0.702
hours
Mean Time to Failure
162.61
MTTF
Approximately 163 years
for one device to fail
STM32FVGT6 Microcontroller:
The STM32F407VGT6 is a 32-bit microcontroller [4] and therefore the die complexity rate was
taken to be 0.24 according to the MIL-Hdbk-217f. As the SN74HC595 is a 16-pin IC and is a
surface mount device, the packaging coefficient was taken to be 0.0056. The temperature factor
was taken to be 5.9 as the worst case temperature would be 85 °C. According to the formulas
found in the MIL-Hdbk-217f, the Failure rate per million hours was found to be 9 and the mean
time to failure in years was found to be 13 years.
Parameter name
Description
Value
Comments
C1
Die complexity failure
rate
0.24
πT
Temperature
coefficient
3.3
C2
Package Failure rate
0.054
Based on the MIL-Hdbk217f for devices with 0 to
100 bipolar transistors
This is based on the worst
case junction temperature
of 85 °C
Based on the equation
provided in the MIL-Hdbk217f for an SMT with 100
pins
https://engineering.purdue.edu/ece477
Page 4 of 12
ECE 477: Digital Systems Senior
Design
πE
Environment Factor
2.0
πQ
πL
Quality Factor
Learning Factor
10
1
λP
Failure rate per million 9
hours
Mean Time to Failure
12.684
MTTF
Last Modified: 08-03-2017
MIL-Hdbk-217f value for
mobile devices
Commercial Part
Used for devices older than
2 years in production
Approximately 13 years for
one device to fail
2.0 Failure Mode, Effects, and Criticality Analysis (FMECA)
For this project, we identified three different criticality levels for part failure: low, medium, and
high. A low criticality failure is associated with no harm to the user or the rest of the project. A
low criticality failure is usually easily fixable. For example, an LED failure is classified as a low
criticality failure. Low criticality errors should have failure rate of 10-6 or less. A medium
criticality failure is one which causes no harm to the user but have the potential to damage the
system. Heating up of the voltage regulator is an example of a medium criticality failure. These
errors should have a failure rate that is limited to 10-7. A high criticality failure is defined as one
that has the potential to harm users. These kinds of errors should have a failure rate of no more
than 10-9. The different pieces of our robotic arm have been assembled together using nuts and
bolts. Due to the mechanical movement of the arm, the nuts may get loose and result in the arm
collapsing on the user. This is a potential high criticality failure.
Our PCB harbors 4 major hardware components: RN4020 Bluetooth module, LCD,
microcontroller, and power circuitry. We anticipate that the most common failures modes will be
extreme current drawn by the servos, communication lag with the RN4020 module, and
mechanical failure of the arm chassis.
3.0 Sources Cited:
[1] CUI INC, “NON-ISOLATED SWITCHING REGULATOR.” [Online]. Available:
http://www.cui.com/product/resource/v78xx-2000.pdf. [Accessed: 31-Mar-2017].
[2] Microelectronics, ST. "Adjustable And Fixed Low Drop Positive Voltage Regulator". N.p.,
2017. Web. 1 Apr. 2017.
[3] TI,. "8 Bit Shift-Registers". Texas Instruments. N.p., 2017. Web. 1 Apr. 2017.
[4] S. Microelectronics, "STM32F405xx STM32F407xx,". [Online]. Available:
http://www.st.com/content/ccc/resource/technical/document/datasheet/ef/92/76/6d/bb/c2/
4f/f7/DM00037051.pdf/files/DM00037051.pdf/jcr:content/translations/en.DM00037051.
pdf. Accessed: Feb. 03, 2017.
[5] DOD,. "Reliability Of Prediction Equipment". N.p., 2017. Web. 1 Apr. 2017.
https://engineering.purdue.edu/ece477
Page 5 of 12
ECE 477
Digital Systems Senior Design Project
Spring 2009
Appendix A: Schematic Functional Blocks
.
Fig 2. Header for motors
Fig 3. Power input using barrel jack connector
Fig 1. LCD Circuit
-6-
ECE 477
Digital Systems Senior Design Project
Spring 2009
Fig 5. DC - DC converter with 5V output
Fig 4. RN 4020 Bluetooth circuit
Fig 6. LDO 5V to 3V
-7-
ECE 477
Digital Systems Senior Design Project
Spring 2009
Fig 8. Programming header
Fig 7. Microprocessor
-8-
ECE 477
Digital Systems Senior Design Project
Spring 2009
Appendix B: FMECA Worksheet
Subsystem A: LCD Circuit
Failure
Failure Mode
No.
A1
Wrong data
appearing on the
LCD display.
A2
A3
Possible Causes
Incorrect SPI
settings, damaged
shift register IC,
No data appearing Damaged shift
on the LCD
register IC, incorrect
display.
SPI settings,
damaged LCD
display
LCD display is
Damaged LCD
not powered.
display
Failure Effects
Method of
Detection
Observation
Low
LCD does not
display any data.
Observation
Low
LCD backlight
will not be on.
Observation
Low
LCD has output
that cannot be
read or jibberish.
Criticality
Remarks
Assuming shift register
is working correctly.
Subsystem B: Power Supply
Failure
Failure Mode
No.
B1
Short circuit
Possible Causes
If any of the
connections are
wrong or touching
wires
Failure Effects
Short circuiting
the entire PCB
and burning the
micro
-9-
Method of
Detection
Check using
multimeter in
resistance mode
to check for
short
Criticality
High
Remarks
ECE 477
Digital Systems Senior Design Project
Spring 2009
B2
Incorrect Voltage
Wrong values of
capacitors and
resistors in the power
supply circuit
Might result in
overheating and
even burning of
some components
Use multimeter Low
to check voltage
at all major
junctions
B3
Incorrect current
rating
Failure of the
V7805 DC DC
converter
Use ammeter to
check worst
case scenario
Med
B4
Failure of any of
the voltage
regulators
The V7805-2000R is
rated for 2A. More
current is drawn due
to a high stall current
on the servo motors
Defective piece
Unexpected
behavior
Test part before
placing on the
PCB
Low
Subsystem C: RN4020 Module
Failure
Failure Mode
No.
C1
RN4020 not able
to communicate
with the
microcontroller.
C2
RN4020 not able
to communicate
with the
application.
Possible Causes
Damaged RN4020,
incorrect
communication
settings.
Damaged RN4020,
incorrect
communication
settings.
Failure Effects
Loss of remote
control setting,
microcontroller
could run in an
infinite loop
Loss of remote
control setting.
-10-
Method of
Detection
Inspection of
Tx, Rx on
microcontroller.
Inspection of
Tx, Rx on
RN4020.
Criticality
Low
Low
Remarks
ECE 477
C3
Digital Systems Senior Design Project
RN4020 sending
wrong data to
phone/
microcontroller.
Incorrect
communication
settings.
Loss of remote
control setting.
Observation
Spring 2009
Low
Assuming RN4020 is
not damaged.
Subsystem D: Microcontroller
Failure
Failure Mode
No.
D1
Microcontroller
resetting
unexpectedly
D2
Microcontroller
being
unresponsive
Possible Causes
Failure Effects
Damage to reset
Unresponsive
button or reset circuit, microcontroller,
capacitors shorted
constant resetting
Damage to
microcontroller,
capacitors shorted
Microcontroller
heating up,
product does not
function at all
Method of
Detection
Observation
Criticality
Medium
Observation
Medium
Remarks
Assuming the
microcontroller is not
constantly resetting
Subsystem E: Servo Motors
Failure
Failure Mode
No.
E1
The servo not
moving to correct
position
Possible Causes
Incorrect
microcontroller
settings.
Failure Effects
Replay
mode/Remote
control mode will
not function.
-11-
Method of
Detection
Observation
Criticality
Medium
Remarks
ECE 477
Digital Systems Senior Design Project
Spring 2009
E2
Servo not moving
at all
Damage to servo,
incorrect
microcontroller
settings.
Replay
mode/Remote
control mode will
not function.
Observation
Medium
E3
Servo not sending
data back
Damage to servo,
incorrect
microcontroller
settings.
Record mode will
not function.
Observation
Medium
-12-
Assuming no damage to
servo motor.