Design Project



Homework 11: Reliability and Safety Analysis

Team Code Name: ____POSitron________________________________ Group No. _7____

Team Member Completing This Homework: ___Katie Taller__________________________

E-mail Address of Team Member: __ktaller________ @ purdue.edu

Evaluation:

|SCORE |DESCRIPTION |

|10 |Excellent – among the best papers submitted for this assignment. Very few corrections needed for version submitted in |

| |Final Report. |

|9 |Very good – all requirements aptly met. Minor additions/corrections needed for version submitted in Final Report. |

|8 |Good – all requirements considered and addressed. Several noteworthy additions/corrections needed for version |

| |submitted in Final Report. |

|7 |Average – all requirements basically met, but some revisions in content should be made for the version submitted in the|

| |Final Report. |

|6 |Marginal – all requirements met at a nominal level. Significant revisions in content should be made for the version |

| |submitted in the Final Report. |

|* |Below the passing threshold – major revisions required to meet report requirements at a nominal level. Revise and |

| |resubmit. |

* Resubmissions are due within one week of the date of return, and will be awarded a score of “6” provided all report requirements have been met at a nominal level.

Comments:

1. Introduction

The POSitron is a kiosk and dispensing system to provide a point of sale for a convenience store that maximizes available space and is efficient while maintaining ease of use. The basic functions of the kiosk are to find and select products to purchase, fetch product lists and prices from a web server, dispense products in an optimal packing order, and deliver them to the customer. Reliability is a critical component of the communication between the kiosk, microcontroller, and database. If communication fails, not one part of the system will be functional on its own. The system will also need to be reliable in order to ensure the dispensing and conveyor motors, infrared sensors, and load cell function as intended in order to correctly dispense products to the customer. Safety is a large factor in the dispensing mechanism of the system because it contains moving dispensing arms and a conveyor belt. The customers will only interface with the kiosk and the reservoir while the dispensing system will only be exposed to the store employees, who would have had proper safety training.

2. Reliability Analysis

A component most likely to fail or have reliability issues is the Freescale ColdFire 52233. This is due to the high degree of complexity of the microcontroller. It has 80 I/O pins and will be utilizing many peripherals including the ADC, PWM, and EPHY. The other components for analysis were chosen for failure analysis due to heat dissipation rather than complexity. Within the power circuitry, both voltage regulators, the LM2675M-ADJ-ND step down voltage regulator and the LT1762-ADJ low dropout voltage regulator, would be most likely to have reliability issues or fail. Failure of these components could result from current or voltage spikes. Another component that has an increased probability of failure due to heat is the Si5406CDC N-channel MOSFET that switches power for the conveyor motor. The final component for failure analysis is the LM324N quad-package operational amplifier that is used to amplify the signal received from the infrared detector to a value that is readable by the microcontroller.

Below are tables for the parameters used to calculate the number of failures per 106 hours and mean time to failure (MTTF) for the components that are most likely to fail. Any assumptions that had to be made during the analysis are explained beneath each table.

Microcontroller – Freescale Coldfire 52233

|Parameter name |Description |Value |Comments |

|C1 |Die complexity |0.016 |SRAM 32K bytes |

|πT |Temperature |5.8 |TJ =130 degrees C |

|C2 |Package |0.032 |80 pins |

|πE |Environment |4 | |

|πQ |Quality |10 | |

|πL |Learning |1 | |

λP = (C1 πT + C2 πE) π Q πL

λP = 2.208 per 106 hours

MTTF = 453,000 hours

The model that was used for the microcontroller was the Microelectronic Circuits, where λP = (C1 πT + C2 πE) πQ πL. An assumption for this calculation was made with the environmental factor πE . The table from the MIL-HDBK-217F had codes for environments that were not explained within the handbook. After some research, it appeared that the environment AIC was standard so a value of four was assigned because the component won’t be in a high stress environment. A quality factor of ten was assumed because the microcontroller is a commercial component.

N Channel MOSFET – Si5406CDC

|Parameter name |Description |Value |Comments |

|λb |Base |0.012 |MOSFET |

|πT |Temperature |6.7 |TJ =150 degrees C |

|πA |Application |0.7 |Switching |

|πQ |Quality |8 | |

|πE |Environmental |13 | |

λP = λb πT πA πQ πE

λP = 5.853 per 106 hours

MTTF = 171,000 hours

The model used for this N channel MOSFET was Transistors, Low Frequency, Si FET. This model uses the calculation λP = λb πT πA πQ πE. A quality factor of eight (rather than ten as suggested for commercial products) was assumed because it was the highest number that the Quality Factor chart contained for these transistors. As with the microcontroller, the environmental factor that corresponded with the AIC environment was selected and therefore assigned a value of thirteen.

Step Down Voltage Regulator – LM2675M-ADJ-ND

|Parameter name |Description |Value |Comments |

|C1 |Die complexity |0.020 | |

|πT |Temperature |180 |TJ =150 degrees C |

|C2 |Package |0.0034 |8 pins |

|πE |Environment |4 | |

|πQ |Quality |10 | |

|πL |Learning |1 | |

λP = (C1 πT + C2 πE) π Q πL

λP = 36.136 per 106 hours

MTTF = 28,000 hours

The model used for the voltage regulator was Microelectronic Circuits. A quality factor of ten was assumed because it is a commercial product, and the environment AIC coefficient of four was used because this regulator is a standard component. The reliability analysis for the LM2675M-ADJ-ND step down voltage regulator is identical to the LT1762-ADJ low dropout voltage regulator. They have the same coefficients for λb, πT, πS, πC, πQ, and πE and therefore the same λP and MTTF values. To avoid redundancy, a separate table for the low dropout regulator was not created.

Quad Operational Amplifier – LM324N

|Parameter name |Description |Value |Comments |

|C1 |Die complexity |0.020 | |

|πT |Temperature |2.8 |TJ =70 degrees C |

|C2 |Package |.0062 |14 pins |

|πE |Environment |4 | |

|πQ |Quality |10 | |

|πL |Learning |1 | |

λP = (C1 πT + C2 πE) π Q πL

λP = 0.646 per 106 hours

MTTF = 1,547,000 hours

The Microelectronic Circuits model was used to analyze this operational amplifier. Both the environmental and quality factors were assumed to be four and ten, respectively, because the operational amplifier is a standard commercial product and will not be used in a high stress environment.

The reliability of these components varies from the voltage regulator lasting twenty-eight thousand hours to the operational amplifiers lasting over 1.5 million hours. The biggest factor for these differences is the temperature coefficient. Components that run at higher temperatures generally have a higher probability of failure.

In order to improve the reliability of the design, an initial step would be to ensure components such as resistors and capacitors were chosen at the correct values. For example, this is very important for the operational amplifiers, which need to amplify the infrared detector signal to 3.3 volts so that it is read correctly by the microcontroller. Another step to increase reliability is to ensure that each solder point is connected correctly.

Changes to the entire system could be made in order to improve safety and reliability when working with the dispensing system. One factor for reliability is that the products within the hoppers may not fall straight down within the hopper and could cause a jam. The hoppers could be designed to be fully enclosed in order to ensure that the products fall through the hoppers as expected every time. In order to improve safety of the dispensing system, hand guards could be added to the conveyor belt in order to prevent pinching fingers. Guards could also be added to the dispensing arm and servo motors because moving parts always have a chance for injury to occur. Finally, the entire dispensing system and kiosk could be constructed out of a material other than wood, which has the chance of catching on fire with a single spark from an electrical component.

3.0 Failure Mode, Effects, and Criticality Analysis (FMECA)

The criticality of the failure modes in the FMECA analysis was divided up into three levels. The low criticality label is given to a failure mode that only results in loss of functionality within the design. Here, no permanent damage occurs and a simple solution, such as editing software or re-soldering a pin, is possible. A medium criticality level is assigned when there is a loss of functionality and permanent damage is done to components. If a medium failure occurs, the only way to fix the problem is to replace the component. This level requires more time and a higher cost to remedy the failure. The high criticality level is reserved for only when injury or death could occur to a user. This project has no failure modes in which a user could become seriously injured, so a high criticality was not assigned during this analysis.

4.0 Summary

Reliability and safety is important throughout the entire design and manufacturing process. The reliability analysis showed how the probability of the amount of time before a failure could vary greatly from one component to another. The voltage regulator in this design has a much higher probability for failure than the operational amplifier, largely due to the temperature coefficient. In the event of a failure, FMECA analysis can show how critical the failure mode is. Reliability and FMECA analysis can warn of possible failures so that designers can be prepared and add redundancies to the design in the event that component failure occurs.

List of References

1] “Military Handbook: Reliability Prediction of Electronic Equipment” [Online]. Available:

[2] “MCF52235 ColdFire Microcontroller Data Sheet” [Online]. Available:

[3] “N-Channel 12-V (D-S) MOSFET Data Sheet” [Online]. Available:

[4] “LM2675 Simple Switcher Power Converter High Efficiency 1A Step-Down Voltage Regulator” [Online]. Available:

[5] “50mA, Low Noise, LDO Micropower Regulators” [Online]. Available:

[6] “LM324 Quad Operational Amplifier” [Online]. Available:

[7] “Crystal Oscillator Troubleshooting Guide” [Online]. Available:

Appendix A: Schematic Functional Blocks

[pic]

[pic]

[pic]

[pic]

[pic]

Appendix B: FMECA Worksheet

Microcontroller

|Failure No. |Failure Mode |Possible Causes |Failure Effects |Method of Detection |Criticality |Remarks |

|1A |Output is always high or low |Software error |Parts, including motors and |Observation, motors won’t |Low | |

| | | |infrared sensors, will not |spin | | |

| | | |function properly | | | |

|1B |Output signal is |Initialization error, floating pin|Parts, including motors and |Observation, motors won’t |Low | |

| |non-deterministic | |infrared sensors, will not |spin | | |

| | | |function properly | | | |

|1C |Loop gain between XTAL and |Incorrect values for R23, C12, or |Crystal oscillator does not |Observation |Low | |

| |EXTAL is too high |C13 were chosen |clock correctly | | | |

Power Supply

|Failure No. |Failure Mode |Possible Causes |Failure Effects |Method of Detection |Criticality |Remarks |

|2A |Output is always 0V |Damaged component, external short |Loss of functionality |Observation |Medium |Criticality is medium due to a |

| | | | | | |possible external short |

|2B |Current draw spike |Voltage regulator failure |Damage parts |Observation |Medium | |

|2C |Voltage spike |Capacitor failure, large voltage |Unexpected motor operation |Observation |Low | |

| | |ripple | | | | |

I/O

|Failure No. |Failure Mode |Possible Causes |Failure Effects |Method of Detection |Criticality |Remarks |

|3A |MOSFET doesn’t switch |Diode failure, input signal |Conveyor motor won’t operate |Observation |Low | |

| | |incorrect, floating pin |correctly | | | |

|3B |Op Amp doesn’t amplify as |Incorrect signal from IR sensor, |Signal is unreadable to |Observation |Low | |

| |needed |incorrect resistor values |micro, no conveyor data | | | |

| | | |available | | | |

|3C |Flyback current spike |Diode failure |MOSFET is damaged |Observation |Medium | |

Ethernet

|Failure No. |Failure Mode |Possible Causes |Failure Effects |Method of Detection |Criticality |Remarks |

|4A |Transformer doesn’t operate |Incorrect input, floating pin |RJ45 connector is no longer |Observation |Low | |

| |as intended | |isolated, damage to ethernet | | | |

| | | |connection | | | |

COM

|Failure No. |Failure Mode |Possible Causes |Failure Effects |Method of Detection |Criticality |Remarks |

|5A |Transceiver failure |External short |Damage microcontroller pins |Observation |Medium | |

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download