Reliability and Safety Analysis

Homework 9

FMECA Worksheet

Group 11

Gennady Vayl

Tyler Olsen

Philip Vorsilak

Nick McCarroll

1.0 Introduction

The GPS personal trainer is a device which will allow the user to get a better running or biking workout. It keeps track of the user’s speed and distance covered and makes sure that the user will get a consistent exercise. For example, the user may select that he wants to run 2 miles in 15 minutes. In order to accomplish this, the device will calculate the speed that the user needs to be pursuing during each step of the exercise and inform the user if they are below this speed and need to accelerate.

In this project a design will be implemented for a GPS personal trainer. This device will function from a set of 4 AA batteries and will have two modules, the shoulder and the wrist module. The shoulder module will hold the batteries, main board housing the microcontroller, GPS receiver, power supply, and the thermometer. The wrist module will hold the LCD screen and the controls.

This report will talk about the reliability and safety of the GPS personal trainer. Since the device has to work on the person, it is especially important that critical failures do not occur. Two of the four devices considered are part of the power supply for the GPS personal trainer: the voltage regulator and the low dropout regulator. The third is the level shifter. The last device that is considered is the microcontroller.

2.0 Reliability

For this report, four least reliable devices were selected. These devices were selected because in the life of this product they were the most likely to fail since most will work above room temperature according to their datasheets. All data and formulas for the part failure calculations was obtained from the Military Handbook(MIL-HDBK-217F).

2.1 Voltage Regulator MAX1796 DC-DC Converter

Classification: BiCMOS

Equation: λp = (C1 * πT + C2 * πE) * πQ * πL Failures / 10^6 Hours

Value / Justification / Description
C1 = .02 / 101-300 Transistors / Die Complexity Failure Rate
C2= .0026 / 8 pins / Package Failure Rate
πT= 32 / @150C / Temperature Factor
πE= 4.0 / Gm / Environment Factor
πQ = 10.0 / Commercial part / Quality Factor
πL = 1.0 / 4 years production / Learning Factor

-Tj for πT calculation is given in page 2 of the datasheet (150°C). Therefore πT will be 32.

λp = 6.504 failures/10^6 hr = 6.504-6
MTTF = 1/(6.504-6) = 153752 hours ~ 17.55 years

2.2 Microcontroller Atmel ATmega8L

Classification: Linear Gate/Logic Array

Equation: λp = λBD * πMFG * πT * πCD + λBP * πE * πQ * πPT + λEOS Failures / 10^6 Hours

Value / Justification (Section) / Description
λBD = .16 / Logic device (5.3) / Die Base Failure Rate
πMFG = 2 / Non QML/Non QPL (5.3) / Manufacturing Process Correction Factor
πT= 1.5 / @100C(5.8)(5.11) / Temperature Factor
πCD = 8.9 / See below(5.3) / Die Complexity Correction Factor
πE= 4.0 / Gm(5.10) / Environment Factor
πQ = 10.0 / Commercial part(5.10) / Quality Factor
πpt = 1.0 / Surface mount non-hermetic pack(5.3) / Package Type Correction Factor
λBP = .0028 / 32 pin package(5.3) / Package Base Failure Rate
λEOS=.065 / .5kV ESD susceptibility(5.3) / Optical Overstress Failure Rate

-πT was selected using the Tj equation. Tc = 50°C for ground mobile device(Gm). P = 6V*400mA = 2.4W(Page 237,238 ATmega8l datasheet). θJC = 22 °C/W since die area is less then 14000 mil. Therefore Tj = 50 + 2.4*22 = 102.8°C

-πCD was selected based on the Atmel datasheet and a 1 micron feature size. The width and length of the chip is about .7 cm. The total area would be .49 cm2. Therefore the 0.4 < A < 0.7 cm2 yielding a πCD value of 8.9.

-λBP is an average of the 28 pin(.0027) and 40 pin(.0029) configuration since the ATmega8l has 32 pins.

-λEOS was base don the website: .5kV results is between 0 and 1000 V. Therefore the optical overstress failure rate is .065.

λp = 4.449 failures/10^6 hr = 4.449e-6
MTTF = 1/(3.32e-6) = 224770 hours ~ 25.65 years

2.3 ComparatorLM339

Classification: BiCMOS

Equation: λp = (C1 * πT + C2 * πE) * πQ * πL Failures / 10^6 Hours

Value / Justification / Description
C1 = .02 / Linear 101-300 gates / Die Complexity Failure Rate
C2= .0048 / 14 pins / Temperature Factor
πT= 2.5 / @85C / Package Failure Rate
πE= 4.0 / Gm / Environment Factor
πQ = 10.0 / Commercial part / Quality Factor
πL = 1.0 / >2 years production / Learning Factor

Max Tj = 85C πT= 58

λp = .692 failures/10^6 hr = 6.92e-7
MTTF = 1/(6.92e-7) = 1.44509e6 hours ~ 165.4 years

2.4 Low Voltage Dropout Regulator LT1528

Classification: Linear Bipolar

Equation: λp = (C1 * πT + C2 * πE) * πQ * πL Failures / 10^6 Hours

Value / Justification / Description
C1 = .02 / Linear 101-300 gates / Die Complexity Failure Rate
C2= .0019 / 5 pins / Temperature Factor
πT= 5.2 / @81.4C / Package Failure Rate
πE= 4.0 / Gm / Environment Factor
πQ = 10.0 / Commercial part / Quality Factor
πL = 1.0 / >2 years production / Learning Factor

Max Tj = 81.4°C (Datasheet). Therefore πT= 5.2.

λp = 1.116 failures/10^6 hr = 1.116e-6
MTTF = 1/(1.116e-6) = 896057 hours ~ 102.29 years

2.5 Conclusion

The most critical device prone to failure is to no surprise, the MAX1796 voltage regulator. According to the calculations, under the most strenuous use, this device will fail in about 17 years. The next piece of equipment is the Atmel ATmega8L microcontroller which will theoretically fail in about 25 years. To increase the product life, to that of the microcontroller, we could search for a voltage regulator with a lower maximum operating temperature. To increase the life of the microcontroller, we can run it at a lower voltage, and therefore decrease its temperature. Decreasing heat output of devices by running them at lower voltages will greatly increase the lifespan of the device. We can also purchase military grade parts. They are more expensive, but theoretically have longer life spans.

3.0 Failure Mode, Effects and Criticality Analysis (FMECA)

Table 1. Block descriptions

Block Name / Description
A / Power Supply Circuitry
B / Microcontroller
C / Sensors
D / Output
E / Input

As seen in the above table, there are five major blocks in the design of the GPS

personal trainer. These blocks have been labeled A through E. On the FMECA analysis,

the failures are listed for each block, and numbered.

3.1 Criticality

For the FMECA analysis there are three criticality modes: danger(to human), high and low. The only possibility of danger from our product is battery leakage. The other is incorrect heart measurements, leading to overworking/under working the body. Therefore this criticality will be classified as danger. The other two criticality modes are high and low. Under a high criticality the device will stop functioning completely. The major function of this device is to provide speed and distance information. A malfunction where this cannot be achieved will be classified as high criticality. Under the low criticality mode only certain parts of the device would not function. An example would be if the thermometer malfunctions, the device would still perform its main function, but the user will not know what the exact outside temperature is.

4.0 References

MIL-HDBK-217F (PDF)

Lecture Notes Module 9

Reference Article:Designing for Reliability, Maintainability, and Safety. George Novacek

Atmel ATmega8L

Garmin GPS Receiver

Thermometer

Voltage Regulator

Level Translator

Low Voltage Dropout Regulator