Reliability Engineering

1
Reliability Engineering
New HorizonsShedding Light On Frontier Worlds
Ralph Instrument Critical Design ReviewAug 5
6, 2003

• Richard Flores
• Ralph Reliability Engineer
• (303) 939-4736
• rflores_at_ball.com

2
Status of Reliability Analyses
Activity
Status
Status as of 2 July
Analyses will be completed upon completion of
the design.
Analyses performed concurrent with the design
process
3
Failure Modes, Effects and Criticality Analysis
(FMECA) Verifies Robustness of Ralph Design
Purpose To identify and control potential
risks through the systematic identification
of potential failure modes and
their corresponding effects

• Approach
• Methodology and severity categories are defined
  in BATC 2202223, Ralph Product Assurance
  Implementation Plan
• Performed at the Detector Electronics (DE) PWA
  interface to Low Voltage Power Supply (LVPS) and
  Command and Data Handler (C DH) Electronics
  through coordination between BATC and SwIR. SwRI
  will perform FMECA at the interface between LVPS,
  and C DH to the spacecraft
• Severity categories assigned to each failure mode

4
Assembly Controls Result In Low Probability of a
Category III Failure

• Results/Conclusions
• No Category I (Catastrophic) or Category II
  (Critical) failure modes
• One Category III (Marginal) failure modes
• Redundancy allows for 27 Category IV (Minor)
  failure modes
• No failure mechanisms propagate across the DE
  interface with the LVPS and C DH
• The SwRI FMECA shows (TBD)
• No failure of any part will result in any safety
  concerns
• Discussion of Category III Failure Mode
• Failure mode is the open contact of an A-B relay
• Due to contamination
• Misalignment of mechanism
• Insufficient electrical drive to relay coil
• Risk mitigation
• DPA of relay purchase lot
• X-Ray of relay and BATC relay handling procedures
• Design review of electrical drive to relay coil
  with relay electrical testing

The Category III failure mode risk is mitigated
Results show instrument to be of a robust design
5
No Single Point Failures Identified
Purpose To identify and control components,
functional elements, or parts where a single
failure could cause a system,
subsystem, or component failure that could
result in loss of life,
loss of mission objective, or serious degradation
of mission objectives
A systematic analysis of the design has been
performed to identify and control single point
failures

• Methodology
• The FMECA and Engineering Review are the
  mechanism for identifying single point failures
• Controls are identified in the FMECA report
• Definitions
• Single Point Failure Any single hardware
  failure which results in irreversible degradation
  of Ralph Instrument mission performance
• Compensating Features Special inspections,
  procedures, tests, controls, instructions,
  drawing notes, or other provisions applied to a
  single-point failure item to improve reliability
  and lessen chances of failure
• Single Point Failure (SPF)
• Structural Elements
• Optical elements
• Electrical connector pin-to-pin shorts

Definition source MIL-STD-1543B
SPF Analysis documented in SER TBD
6
Part Stress Analysis Performed to Verify
Compliance to Program Derating Criteria
Purpose To Verify compliance to program parts
derating requirements

• Approach
• BATC derating guidelines
• Performed on each electrical/electromechanical
  part
• Maximum calculated electrical stress
• Worst case operating part temperatures based on
  thermal analyses
• Status
• Analysis performed on preliminary flight drawings
• Update will be performed on released flight
  drawings by July 27
• Results
• Found ten parts that violate program derating
  criteria. No parts exceeded maximum
  manufacturers ratings.
• Maximum junction temperature is unknown at this
  time

Parts derating per BATC GL PA.4.1.007
Analysis results documented in SER TBD
7
Parts Exceeding Guidelines
8
Limited-Life Analysis

• Underlying Assumptions
• Analysis considers all items that are subject to
  possible reliability degradation because of
  wear-out, age, or operating time
• All lifetime phases are considered including
  in-house testing, ground storage, and on-orbit
  operation
• A limited life item is any item whose expected
  life is less than twice the required life
• Approach
• Determine mission required operating time or
  cycles for BATC and SwRI items
• Determine the items expected useful life
• The ratio of expected life to required life must
  be equal to or greater than 2 with life margin
  equal to or greater than 1
• Results/Conclusions
• No limited life items exist in the Ralph design
• All life ratios are greater than 2

9
Limited-Life Analysis Shows Ralph Design Has
Sufficient Life Margin Over The Mission Profile
10
Worst Case Analysis of Critical Circuits Have EOL
Parameters That Pass
Purpose To verify that selected circuits will
perform within specifications for the most
unfavorable combination of
realizable circuit conditions and part parameter
variations through end of
mission

• Approach
• Will be performed on DE critical circuits
• Circuits not yet identified
• BATC will coordinate with SwRI to present their
  WCA findings
• Includes part variations due to initial
  tolerance, temperature, end-of-life and radiation
• Results
• BATC DE Circuits WCA incomplete
• Both BATC DE and SwRI LVPS and C DH to be
  completed by (August 1)

Performed on critical circuits only
Analysis results documented in SER TBD