Design Project



Homework 11: Reliability and Safety Analysis

Due: Friday, February 16, at NOON

Team Code Name: ___9xm_____________________________________ Group No. __3___

Team Member Completing This Homework: ____Casey Gaines_______________________

e-mail Address of Team Member: cgaines @ purdue.edu

[pic]

Evaluation:

|Component/Criterion |Score |Multiplier |Points |

|Introduction and Summary |0 1 2 3 4 5 6 7 8 9 10 |X 1 | |

|Reliability Analysis |0 1 2 3 4 5 6 7 8 9 10 |X 3 | |

|Failure Mode, Effects, and Criticality Analysis |0 1 2 3 4 5 6 7 8 9 10 |X 3 | |

|Appendices (format, required info) |0 1 2 3 4 5 6 7 8 9 10 |X 1 | |

|List of References |0 1 2 3 4 5 6 7 8 9 10 |X 1 | |

|Technical Writing Style |0 1 2 3 4 5 6 7 8 9 10 |X 1 | |

| |TOTAL | |

Comments:

Introduction

The 9xm project is a portable Internet radio with an integrated speaker system and wireless capabilities. The device is capable of running off of rechargeable batteries as well as AC power.

Safety is always an issue in consumer products, and the 9xm portable media player is no exception. As a media player, there are few vectors for user injury by system malfunction. However there is still a real possibility. The main concern in regards to safety is the rechargeable battery system. A faulty recharging system could damage the batteries causing battery leakage or even explosion. Great care must be taken in the AC circuitry to prevent possible shorts, which could lead to fires.

Consumers desire products that will last without issues preventing use. In reality, products do fail and require repair. In the 9xm device, the power related circuitry is a notable issue. A failure in the power regulation could cause a system shutdown at best; excessive heat, fire, or irreparable damage to components at worst. This report will cover the reliability analysis of high probability-to-failure components as well as the device’s failure mode, effects, and criticality analysis (FMECA).

2. Reliability Analysis

While all components have a possibility of failing, the parts most prone to failure, due to heat and/or complexity, will be covered in depth in this section. Each part has a specific Mean-Time-Between-Failure (MTBF) based on several parameters. Each parameter will be explained along with the reasoning behind the given value. The following parts will be covered:

- Micrel MIC39100 2.5V LDO Regulator

- NEC UPC2905BT1D-E1-AT 5V LDO Regulator

- Epson S1D13A04 LCD Controller

- Cirrus Logic EP9302 ARM9 Microcontroller

Micrel MIC39100 2.5V LDO Regulator

The failures per 10^6 hours for a small microcircuit is defined as:

(p = (C1*(T + C2*(E)*(Q*(L [1]

C1: This parameter is derived from the number of gates or transistors within a microcircuit package. Different types of transistors generate different values. As a regulator, there are bipolar transistors within the package. The transistor count is low, approximately less than 100. Using the MIL-HDBK-217F document, the C1 value used for this device is 0.010.

(T: The temperature factor takes the worst-case junction temperature along with power consumption and thermal resistance. The worst-case junction temperature given in the datasheet [2] is 125 C, and the device is a linear bipolar device, the (T value is found to be 50 [1].

C2: C2 is the package failure rate for microcircuits. This device is in a SMT package [2]. The SMT model has 8 functional pins. The C2 value from the document [1] for these parameters is 0.0026.

(E: The environmental factor indicates where the product will spend most of its life and how it will be treated (bumping, moving, weather, etc). As this is a basic home consumer device, a Ground Fixed (Gf) designation has been given to this part. This correlates to a value of 2.0 [1].

(Q: This is the quality factor. A part designed to military specifications can have a factor as low as 0.25, however as this is a commercial product, a higher value is required. A value of 3 is a good estimate, as the requirements are not as stringent as military standards, but manufacturing processes have been vastly improved.

(L: As a part matures, manufacturing processes improve on the part, and chances for failure are reduced. The datasheet for this part [2] was released in August 2005, or 1.5 years ago at the current revision of this document. This corresponds to a learning factor of 1.2.

These factors together bring the number of failures per 10^6 hours to:

(p = (0.01 * 50 + 0.0026 * 2.0) * 3 * 1.2 = 1.8187 Failures/ 10^6 hours.

The MTBF (1 / (p) is 5.498e5 Hours.

NEC UPC2905BT1D-E1-AT 5V LDO Regulator

The failures per 10^6 hour formula follows the same formula as the previous regulator, which is repeated for reference:

(p = (C1*(T + C2*(E)*(Q*(L [1]

C1: Estimating the number of transistors is more difficult; the datasheet gives little info toward this. A reasonable estimate is between 100-300 bipolar transistors. C1 = 0.02.

(T: The maximum junction temperature for this device is 150 C [3]. Being a bipolar device, this returns a value of 180 [1].

C2: The regulator is a 3 pin package, following the SMT packaging category, as it is the closest type. The closest parameter for this device is 0.0012.

(E: The environment is the same as the other devices, Gf = 2.0.

(Q: This part is not built to military standards, so a value of 2 or above is appropriate. An estimate value of 3 is given.

(L: The document [3] was released in January 2006, which assumes at least one year of manufacturing. A learning factor of 1.5 is given.

The total failures per 10^6 hours is: (p = 16.211 failures/10^6 hours.

MTBF = 1 / Yp = 6.1687e4 hours.

Epson S1D13A04 LCD Controller

The failure per 10^6 hours for a VLSI device such as this is calculated differently than a smaller transistor based device. The formula is given as:

(p = (bd*(MFG*(T*(CD + (bp*(E*(Q*(PT + (eos Failures/10^6 hrs.

(bd: Die base failure rate: For a logic and custom die, the value is 0.16, else for a gate array the value is 0.24. The LCD controller is a custom die, so 0.16 is assigned.

(MFG: Manufacturing processing correction factor. Usage of QML/QPL reduces the factor from 2.0 to 0.55. The documentation does not specify either way to a value of 2.0 is used as a more conservative value.

(T: As a digital VLSI chip, the relevant parameter equates to 0.71 [1].

(CD: Die Complexity Correction factor. As the feature size decreases and die size increases, the probability for failure increases [1]. The LCD display documentation does not mention the die size or feature size (in microns), though a reasonable guess is that the die is smaller than the package. The package is 1.96 cm^2 [4], a conservative estimate for die size would be approximately 1 cm^2 and a feature size of 1 micron. The value is 25 given these parameters [1].

(bp: Package base failure rate. This parameter is based on the number of active pins in the package. The LCD controller has 128 pins leading to a failure rate of 0.0044.

(E: The environmental factor is the same for every part, Gf = 2.0.

(Q: The chip is not build to military standards; the value of 3 is given similar to the other parts in the analysis.

(PT: Package type correction factor: The controller is a SMT chip, though it is not specified to be hermetic or nonhermetic [4]. The larger parameter value of 6.1 will be used.

(eos: Electrical Overstress Failure Rate: This parameter measures the probability of failure due to electrostatic discharge. The documentation does not specify this, so the 0-1000 V ESD range is chosen, corresponding to 0.065 [1].

The total probability of failure is:

(p = 5.9060 failures/10^6 Hours

MTBF = 1.693e5 Hours.

Cirrus Logic EP9302 ARM9 Microcontroller

The failure per 10^6 hours for the ARM9 microcontroller follows the same formula as the LCD controller, shown below as reference.

(p = (bd*(MFG*(T*(CD + (bp*(E*(Q*(PT + (eos Failures/10^6 hrs.

(bd: The ARM9 microcontroller is a custom die, so 0.16 is assigned.

(MFG: Usage of QML/QPL reduces the factor from 2.0 to 0.55. The documentation does not specify either way to a value of 2.0 is used as a more conservative value.

(T: This chip is a digital VLSI chip, so 0.71 is used [1].

(CD: The ARM9 documentation does not mention the die size or feature size (in microns), though a reasonable guess is that the die is smaller than the package. The package is 7.84 cm^2 [5], a conservative estimate for die size would be approximately 1-2 cm^2 and a feature size of 1 micron. The value is 37 given these parameters [1].

(bp: The microcontroller has 208 pins leading to a failure rate of 0.00578.

(E: The environmental factor is the same for every part, Gf = 2.0.

(Q: The chip is not build to military standards; the value of 3 is given similar to the other parts in the analysis.

(PT: Package type correction factor: The controller is a SMT chip, though it is not specified to be hermetic or nonhermetic [4]. The larger parameter value of 6.1 will be used.

(eos: Electrical Overstress Failure Rate: This parameter measures the probability of failure due to electrostatic discharge. The documentation does not specify this, so the 0-1000 V ESD range is chosen, corresponding to 0.065 [1].

The total probability of failure is:

(p = 8.683 failures/10^6 Hours

MTBF = 1.1517e5 Hours.

Adequate heat sinking for these parts, the regulators in particular can reduce the temperature related factors in the probability of failure which can extend the mean lifetime of these devices significantly. Choosing more mature parts can also reduce bugs inherent in new manufactures. While failures cannot be avoided, they can be reduced by taking proper measures to extend their lifetimes.

3. Summary

The main components prone to failure, the two regulators, LCD controller, and ARM9 microcontroller, have been analyzed for failure rates and mean time between failures. Assuming the failures to be independent, the overall MTBF (for these components) is 1 / Σ λi = 30657.3 hours. This is a conservative estimate. With proper heat management and additional safety measures, this MTBF can be significantly extended.

User safety issues are minimal, however one major issue involving the battery charging system will need extra care and additional hazard detection circuitry to ensure that the batteries to not become damaged due to overcharging. Minor issues such as a possible overheating of the LCD backlight are of concern as well. In the end a safe, reliable product is the main goal of this project and every measure will be taken to ensure this goal.

List of References

1] MIL-HDBK-217F – Reliability Prediction of Electronic Equipment.

2] Micrel MIC39100 2.5V LDO Regulator



3] NEC UPC2905BT1D-E1-AT 5V LDO Regulator.

4] Epson S1D13A04 LCD Controller. - MTF-T035DHSLN-A

5] Cirrus Logic EP9302

Appendix A: Schematic Functional Blocks

[pic]

Figure 1: Accelerometer Block

[pic]

Figure 2: Audio Block

[pic]

Figure 3: Battery Monitor Block

[pic]

Figure 4: LCD Controller Block

[pic]

Figure 5: LED Backlight Controller

Appendix B: FEMCA Worksheet

|Failure No. |Failure Mode |Possible Causes |Failure Effects |Method of Detection |Criticality |Remarks |

|1 |No output/incorrect output on|Bypass Caps shorted. |Unit fails to detect |Observation. |Low | |

| |ATD* pins |No supply voltage. |tilting/random detections. | | | |

| | |PD pin stuck high. | | | | |

| | |Output cap failure. | | | | |

Figure 1a: Accelerometer Failure Modes

|Failure No. |Failure Mode |Possible Causes |Failure Effects |Method of Detection |Criticality |Remarks |

|2 |No output to speaker from |No voltage to chip. |No sound from associated |Observation |Low |Audio required for device usability. |

| |TS4831 |Failure of any component in |speaker. | | | |

| | |section possible. | | | | |

| | |Chip stuck in standby | | | | |

|3 |No output from either TS4831 |No voltage to chips. |No sound from either speaker.|Observation |Low |Audio required for device usability. |

| | |Chips stuck in standby. | | | | |

| | |No input signal. | | | | |

|4 |Output signal gain is too |Failure in a part affects gain |Sound from speakers loud, |Observation |Low | |

| |high |processing |unaffected by system volume | | | |

Figure 2a: Audio Failure Modes

|Failure No. |Failure Mode |Possible Causes |Failure Effects |Method of Detection |Criticality |Remarks |

|5 |Battery Charger Failure |Out of tolerance supply voltage. |Batteries do not recharge or |Observation. |High |Leaking/exploding batteries can lead |

| | |ESD damage. |overcharge. Possible battery|Battery monitor. | |to user injury/death. |

| | |Bias cap failure |leakage/explosion. | | | |

|6 |Battery monitor failure |Out of tolerance supply voltage. |Incorrect battery readings. |Observation |Low | |

| | |ESD damage. | | | | |

|7 |Low/No output voltage |Dead Batteries |Device inoperable |Observation |Low | |

| | |Part failure causing short. | | | | |

|8 |Output voltage too high |Improper batteries. |Possible unit damage. |Observation |Low | |

| | |Wall DC voltage too high. | | | | |

| | |Battery monitor overcharging | | | | |

| | |batteries | | | | |

Figure 3a: Battery Circuitry Failure Modes

|Failure No. |Failure Mode |Possible Causes |Failure Effects |Method of Detection |Criticality |Remarks |

|9 |Clock divider stalls. |Input clock from ARM9 fails |Display does not update. |Observation |Low | |

| | |Reset pin held low | | | | |

|10 |Clock divider outputs nothing|Improper supply voltage. |Display does not update |Observation |Low | |

| |or garbage |Bypass cap shorted. |Display updates irregularly | | | |

|11 |Touch panel controller |Improper supply voltage |User taps not detected |Observation |Low |User cannot interact with device |

| |outputs nothing or garbage |Damaged chip |Random taps detected | | | |

| | |LCD controller sending invalid | | | | |

| | |data | | | | |

|12 |ARM9 sends invalid data on |Software bug |LCD displays random images |Observation |Low | |

| |memory bus |ARM9 failure | | | | |

|13 |ARM9 fpframe, fpshift, or |Software bug |Display updates incorrectly |Observation |Low | |

| |fpline stuck high or low |ARM9 failure | | | | |

|14 |ARM9 fails to operate |Improper supply voltages |Device does not run |Observation |Low | |

| |ARM9 operates unreliably |Shorted bypass cap |Software behaves unreliably | | | |

| | |Reset tied low | | | | |

Figure 4a: LCD/ARM9 Interface Failure Modes

|Failure No. |Failure Mode |Possible Causes |Failure Effects |Method of Detection |Criticality |Remarks |

|15 |Low/No output voltage |Chip fails |LCD backlight fails to light |Observation |Low | |

| | |Improper input voltage | | | | |

| | |Failure of any part on diagram | | | | |

|16 |Output voltage too high |Input voltage out of range |LCD backlight too bright |Observation |High |Screen can become hot to touch. |

| | |Failure of any part on diagram |Possible damage | | |Possible injury |

Figure 5a: LED Backlight Driver Failure Modes

-----------------------

NOTE: This is the third in a series of four “professional component” homework assignments, each of which is to be completed by one team member. The completed homework will count for 20% of the individual component of the team member’s grade. The body of the report should be 3-5 pages, not including this cover page, references, attachments or appendices.

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download