

Ordering No.: CRTA-CE

# Introduction to Concurrent Engineering: Electronic Circuit Design and Production Applications

# 1992

Prepared by:

Reliability Analysis Center PO Box 4700 Rome, NY 13440-8200

Under contract to:

Rome Laboratory Griffiss AFB, NY 13441-5700

DTIC GUALLY LICTICIED 3

# **Reliability Analysis Center**

A DoD Information Analysis Center

Approved for Public Release, Distribution Unlimited

The information and data contained herein have been compiled from government and nongovernment technical reports and from material supplied by various manufacturers and are intended to be used for reference purposes. Neither the United States Government nor IIT Research Institute warrant the accuracy of this information and data. The user is further cautioned that the data contained herein may not be used in lieu of other contractually cited references and specifications.

Publication of this information is not an expression of the opinion of the United States Government or of IIT Research Institute as to the quality or durability of any product mentioned herein and any use for advertising or promotional purposes of this information in conjunction with the name of the United States Government or IIT Research Institute without written permission is expressly prohibited. The Reliability Analysis Center (RAC) is a Department of Defense Information Analysis Center sponsored by the Defense Technical Information Center, managed by the Rome Laboratory (formerly RADC), and operated by IIT Research Institute (IITRI). RAC is chartered to collect, analyze and disseminate reliability information pertaining to systems and parts used therein. The present scope includes integrated circuits, hybrids, discrete semiconductors, microwave devices, optoelectronics and nonelectronic parts employed in military, space, industrial and commercial applications. The scope of the reliability activities include the related disciplines of Maintainability, Testability, Statistical Process Control, Electrostatic Discharge, and Total Quality Management.

The data contained in the RAC databases are collected on a continuous basis from a broad range of sources, including testing laboratories, device and equipment manufacturers, government laboratories and equipment users (government and industry). Automatic distribution lists, voluntary data submittals and field failure reporting systems supplement an intensive data solicitation program. Users of RAC data are encouraged to submit reliability data to RAC to enhance these data collection efforts.

Reliability data and analysis documents covering most of the device types mentioned above are available from the RAC. Also, RAC provides reliability consulting, training, technical and bibliographic inquiry services which are noted at the end of this document.

REQUEST FOR TECHNICAL ASSISTANCE AND INFORMATION ON AVAILABLE RAC SERVICES AND PUBLICATIONS MAY BE DIRECTED TO:

Reliability Analysis Center 201 Mill Street Rome, NY 13440

# TQM Inquiries: (800) 526-4804 Non-Technical Inquiries: (315) 330-4151 (315) 337-0900 (315) 337-9933 Technical Inquiries: (315) 337-9933 TeleFax: (315) 337-9932

#### ALL OTHER REQUESTS SHOULD BE DIRECTED TO:

Rome Laboratory ERSS/Duane A. Gilmour Griffiss AFB, NY 13441-5700

| (800) 526-4804<br>(315) 330-4151               | Telephone:<br>Autovon: | (315) 330-2660<br>587-2660                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |       |
|------------------------------------------------|------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------|
|                                                | -<br>i                 | Accession For                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |       |
| (315) 337-9933                                 | 1                      | RTIS JEARI                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     | 1     |
| (315) 337-9932                                 |                        | ille 125 D<br>Unapponnet D<br>Justicostica                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |       |
|                                                |                        | By                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | 1<br> |
| © 1992, IIT Research Ins<br>All Rights Reserve |                        | North Contraction of the second secon |       |
| iii                                            | ŕ                      | X-1 AN AN                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |       |

| REPORT DOCU                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    | MENT                         | ATION                      | PAC           | GE                  | Form Approved                                                            |  |
|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------|----------------------------|---------------|---------------------|--------------------------------------------------------------------------|--|
| OMB No. 0704-0188<br>Public reporting burden for this collection of information is estimated to                                                                                                                                                                                                                                                                                                                                                                                                                                                                | o average 1 hour per re      | sponse, including the time | for reviewing | g instructions, see | urching, existing data sources, gathering and                            |  |
| maintaining the data needed, and completing and reviewing the colle-<br>including suggestions for reducing this burden, to Washington Headq<br>VA 22202-4302, and to the Office of Management and Budget. Paperwo                                                                                                                                                                                                                                                                                                                                              | ction of information. S      | Send comments regarding    | this burden a | etimate or any of   | ther aspect of this collection of information.                           |  |
| VA 22202-4302, and to the Office of Management and Budget. Paperwo<br>1. AGENCY USE ONLY (Leave Blank)                                                                                                                                                                                                                                                                                                                                                                                                                                                         | 2 REPORT D                   |                            |               |                     | AND DATES COVERED                                                        |  |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |                              |                            |               |                     |                                                                          |  |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                | Septer                       | mber 1992                  |               |                     |                                                                          |  |
| 4. TITLE AND SUBTITLE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |                              |                            |               | 5.                  | FUNDING NUMBERS                                                          |  |
| Introduction to Concurrent Engineering                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | : Electronic Ci              | rcuit Design and           |               |                     | 6528                                                                     |  |
| Production Applications                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |                              |                            |               | I                   |                                                                          |  |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |                              |                            |               |                     |                                                                          |  |
| Norman B. Fuqua                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |                              |                            |               |                     |                                                                          |  |
| 7. PERFORMING ORGANIZATION NAME(S                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | ) AND ADDRE                  | SS(ES)                     |               | RFORMING            | ORGANIZATION                                                             |  |
| Reliability Analysis Center                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |                              |                            |               |                     |                                                                          |  |
| P.O. Box 4700                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |                              |                            |               | CR                  | RTA-CE                                                                   |  |
| Rome, NY 13440-8200                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | ANE AND                      | ADDRESS                    | L             | 10 0001             |                                                                          |  |
| 9. SPONSORING/MONITORING AGENCY N                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | IAME(5) AND                  | auukess(es)                |               |                     | NSORING/MONITORING                                                       |  |
| Defense Technical Information Center                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | (DTIC-AI)                    |                            |               |                     |                                                                          |  |
| Cameron Station                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |                              |                            |               | F                   | F30602-91-C-0002                                                         |  |
| Alexandria, VA 22314-6145                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |                              |                            |               |                     | <u></u>                                                                  |  |
| Hard copies available from the Reliab<br>(Price: \$75.00 U.S., \$85.00 Non-U.S.).                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | oility Analysis              | Center, 201 Mil            | ll Street,    | Rome, NY            | ′ 13440- <del>6</del> 916.                                               |  |
| 12a. DISTRIBUTION/AVAILABILITY STATE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | MENT                         |                            | 12b. D        | DISTRIBUTI          | ON CODE                                                                  |  |
| Approved for public release; distribution unlimited.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |                              |                            | Unclassified  |                     |                                                                          |  |
| 13. ABSTRACT (Maximum 200 words)                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |                              | ·····                      |               |                     |                                                                          |  |
| This document presents an overview of Concurrent Engineering (CE), i.e., the use of <u>Multi-discipline Design Teams</u> to perform the simultaneous design of the product and the process to produce the product. The intent is to encourage product developers, from the outset, to consider all elements of the product life cycle from conception through disposal, including quality, cost, schedule and the user requirements. The document also explores a number of specific tools which may be used to assist the reader in the implementation of CE. |                              |                            |               |                     |                                                                          |  |
| 14. SUBJECT TERMS                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |                              |                            | T             | 15. NUMB            | ER OF PAGES                                                              |  |
| Concurrent Engineering                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         | -                            | pline Design Tea           | ams           |                     | 120                                                                      |  |
| Product Life Cycle<br>Automated Design Tools                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   | Robust Design<br>Design, Dev | gn<br>relopment, Prodi     | action        |                     |                                                                          |  |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                | 200.611, 200                 |                            |               | 16. PRICE COD       | Æ                                                                        |  |
| 17. SECURITY CLASSIFICATION 18. SECURITY CLASSIFIC                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             | CATION 19.                   | SECURITY CLASSIFICAT       |               |                     | DN OF ABSTRACT                                                           |  |
| NSN 7540-01-280-5500                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |                              |                            | I             | P                   | itandard Form 298 (Rev. 2-89)<br>rescribed by ANSI Std. Z349-18<br>8-102 |  |

#### FOREWORD

Concurrent Engineering (CE) utilizes Multi-discipline Design Teams to perform the simultaneous design of the product and all of the life-cycle processes associated with the product that are required to meet the user's needs. CE begins with a complete identification of these user needs, some of which may be conflicting in nature, and then seeks to optimize the design of both the product and the process over this entire spectrum of needs to assure maximum customer satisfaction. Organizations, which fail to take advantage of CE's benefits and fail to utilize CE in their design process, may eventually cease to be competitive in the world marketplace.

CE, which emphasizes Multi-parameter Optimization of the design, is still an emerging concept which means that not all facets of the technology are firmly in place. The automated tools, used as one means of implementing CE, are incomplete or non-existent in some areas, and highly fragmented in others. However, they will continue to be improved, integrated, and made accessible to multi-user engineering workstations. This trend will continue to enhance the synergistic relationship between the various technical disciplines.

The demonstrated effectiveness of a CE design approach in reducing development time and development cost while at the same time enhancing customer satisfaction for commercial products has made this approach prudent for Department of Defense (DoD) also. MIL-STD-499B "Systems Engineering" (when approved) will implement the technical essence of Concurrent Engineering in new DoD procurement contracts by requiring: a) the simultaneous development of system products and life-cycle processes to satisfy user needs, b) the utilization of multidisciplinary teams, and c) a systems engineering methodology. Separate DoD procurement requirements (CALS) also obligate the contractor to consider some form of automated interchange of technical information in lieu of paper deliverables. Combined together, these factors will have significant contractual impact upon Reliability, Maintainability, Safety and Logistics requirements.

vi

•

## **TABLE OF CONTENTS**

| SECTI  | ON 1: THE NEED FOR CONCURRENT ENGINEERING                 | Pa |
|--------|-----------------------------------------------------------|----|
|        | E NEED FOR CONCURRENT ENGINEERING                         |    |
|        | The Problem - Loss of Markets and Loss of Competitiveness |    |
|        | The Solution: Concurrent Engineering                      |    |
| 1.4    | 1.2.1 The Essence of Concurrent Engineering               |    |
|        | 1.2.2 The Process: Translation of the Requirements Into   |    |
|        | The Product                                               |    |
|        | 1.2.3 The Philosophy: Continuous and Aggressive Design    |    |
|        | Incrovement                                               |    |
| Ì.3    | Improvement<br>Some Common Misconceptions Regarding CE    |    |
| 1.5    | The Benefits of Congument Engineering                     |    |
|        | The Benefits of Concurrent Engineering.                   |    |
| 1.5    | Management Challenges of Concurrent Engineering           |    |
| 1.6    | The Multi-Discipline Team Concept                         |    |
| 1.7    | The Need for Concurrent Engineering References            |    |
| SECTI  | ON 2: ROBUST CIRCUIT DESIGN                               |    |
| 2.0 RC | BUST CIRCUIT DESIGN                                       |    |
| 2.1    | Robust Circuit Design Parts Database                      |    |
| 2.2    | Environmental Considerations                              |    |
|        | Robust Circuit Analysis                                   |    |
|        | 2.3.1 Extreme Value Analysis (EVA) or Absolute Worst Case |    |
|        | 2.3.2 Root-Sum-Squared                                    |    |
|        | 2.3.3 Monte Carlo Simulation.                             |    |
|        | 2.3.4 Application of the Various Methods                  |    |
| 2.4    | Taguchi Methods and Design of Experiments                 |    |
| 2.5    |                                                           |    |
| 2.0    | Robabi Cheur Design References                            | •  |
| SECTI  | ON 3: RELIABILITY AND MAINTAINABILITY CONSIDERATIONS      |    |
| 3.0 RE | LIABILITY AND MAINTAINABILITY CONSIDERATIONS              |    |
| 3.1    | Reliability Program                                       |    |
|        | 3.1.1 Reliability Modeling and Prediction                 |    |
|        | 3.1.1.1 Reliability Modeling Methods                      |    |
|        | 3.1.1.2 Reliability Prediction Methods                    |    |
|        | 3.1.1.3 Tailoring Reliability Models and Predictions      |    |
|        | 3.1.2 Part Derating                                       |    |
|        | 3.1.3 Failure Mode, Effects and Criticality Analysis      |    |
|        | 3.1.4 Fault Tree Analysis                                 |    |
|        | 3.1.4.1 Fault Tree Construction                           | 4  |
|        | 3.1.4.2 Qualitative Evaluations - Cut Sets                |    |
|        | 3.1.4.3 Qualitative Importances                           |    |
|        |                                                           |    |

## **TABLE OF CONTENTS (Cont'd)**

|     | _                                       |                                                                | <u>Page</u> |
|-----|-----------------------------------------|----------------------------------------------------------------|-------------|
| 3.0 | RE                                      | LIABILITY AND MAINTAINABILITY CONSIDERATIONS (Cont'd)          |             |
|     |                                         | 3.1.4.4 Common Cause Susceptibilities                          | 44          |
|     |                                         | 3.1.4.5 Quantitative Evaluations                               |             |
|     |                                         | 3.1.4.6 Additional Reference Source                            |             |
|     |                                         | 3.1.5 Sneak Circuit Analysis                                   | <b>46</b>   |
|     |                                         | 3.1.5.1 Topological Pattern Identification                     |             |
|     |                                         | 3.1.5.2 Clue Application                                       |             |
|     |                                         | 3.1.5.3 Recent SCA Developments                                | 47          |
|     |                                         | 3.1.6 Finite Element Analysis                                  |             |
|     |                                         | 3.1.6.1 Fatigue Life Prediction                                |             |
|     |                                         | 3.1.6.2 Creep and Stress Relaxation                            |             |
|     |                                         | 3.1.7 Failure Reporting Analysis and Corrective Action Systems | 51          |
|     |                                         | 3.1.7.1 DoD FRACAS Requirements                                | 54          |
|     |                                         | 3.1.7.2 FRACAS In Industry Applications                        | 55          |
|     | 3.2                                     | Maintainability Program                                        |             |
|     |                                         | 3.2.1 Maintainability Prediction                               |             |
|     | 3.3                                     | Reliability and Maintainability References                     |             |
|     |                                         | 3.3.1 DoD Specifications, Standards, and Handbooks             | 58          |
|     |                                         | 3.3.2 Other Source Documents                                   |             |
|     |                                         | 3.3.3 References                                               | 60          |
|     |                                         |                                                                |             |
|     |                                         | ON 4: PRODUCTION CONSIDERATIONS                                |             |
|     |                                         | ODUCTION CONSIDERATIONS.                                       |             |
|     | 4.1                                     | Producibility Engineering                                      |             |
|     |                                         | 4.1.1 Specific Characteristics of the Design                   |             |
|     |                                         | 4.1.2 Characteristics of Production Planning                   |             |
|     | 4.2                                     | ······································                         |             |
|     | 4.3                                     | Environmental Stress Screening                                 |             |
|     |                                         | 4.3.1 The MIL-STD-2164 Approach to ESS                         |             |
|     |                                         | 4.3.2 The DOD-HDBK-344 Approach to ESS                         |             |
|     |                                         | 4.3.3 Institute of Environmental Sciences                      | 70          |
|     | 4.4                                     | Producibility References                                       | 70          |
| CT/ | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |                                                                |             |
|     |                                         | DN 5: TESTABILITY CONSIDERATIONS                               | -           |
|     |                                         | STABILITY CONSIDERATIONS                                       |             |
|     | 5.1                                     | Design for Testability Objectives and Requirements             |             |
|     | 5.2                                     | Testability Program Monitoring and Control                     | 76          |
|     | 5.3                                     | Testability Design and Analysis                                | 77          |
|     | 5.4                                     | Tailoring a Testability Program                                |             |
|     | 5.5                                     | ANSI/IEEE Standard 1149.1                                      | 79          |
|     | 5.6                                     | Testability References                                         | 80          |

## **TABLE OF CONTENTS (Cont'd)**

Page

| SECTI  | ON 6: COMPLEMENTARY EFFORTS AND ACTIVITIES                  |           |
|--------|-------------------------------------------------------------|-----------|
| 6.0 CC | MPLEMENTARY EFFORTS AND ACTIVITIES                          | 83        |
| 6.1    | Computer-Aided Acquisition and Logistics (CALS)             | 83        |
| 6.2    | MIL-HDBK-59 Requirements                                    | 83        |
| 6.3    | •                                                           | 85        |
| 6.4    | •                                                           | 86        |
|        | 6.4.1 DICE                                                  | 86        |
|        | 6.4.2 CAD Framework Initiatives                             | 86        |
| 、      | 6.4.3 RAMCAD                                                | 87        |
| 6.5    | Complementary Efforts and Activities References             | 87        |
|        | ON 7: CURRENTLY AVAILABLE AUTOMATED TOOLS                   |           |
| 7.0 RE | PRESENTATIVE SAMPLE OF AVAILABLE AUTOMATED TOOLS            | 91        |
| 7.1    | Electrical and Electronic Design Analysis Tools             | 92        |
|        | 7.1.1 Schematic Capture Packages                            | 92        |
|        | 7.1.2 Analog Circuit and Digital Logic Simulation and       |           |
|        | Analysis Tools                                              | <b>93</b> |
| 7.2    |                                                             | 96        |
| 7.3    |                                                             | 97        |
| 7.4    | Reliability Analysis Software Tools                         | <b>98</b> |
|        | 7.4.1 Detail Stress Electronic Reliability Prediction       | 99        |
|        | 7.4.1.1 MIL-HDBK-217 Based Predictions                      | 100       |
|        | 7.4.1.2 Non-MIL-HDBK-217 Based Predictions                  | 100       |
|        | 7.4.2 Reliability Prediction - Part Count                   | 101       |
|        | 7.4.3 Mechanical Reliability Prediction                     |           |
|        | 7.4.4 Nonoperating Reliability Prediction                   |           |
|        | 7.4.5 Failure Modes, Effects and Criticality Analysis Tools |           |
|        | 7.4.6 Fault Tree Analysis Tools                             | 104       |
|        | 7.4.7 MARKOV Reliability Modeling Tools                     | 105       |
|        | 7.4.8 Failure Reporting Analysis and Corrective Action      |           |
|        | System Tools                                                | 106       |
|        | 7.4.9 Automated Sneak Circuit Analysis                      |           |
| 7.5    | Maintainability Analysis Tools                              |           |
| 7.6    | Mathematical/Graphical Analysis Tools                       | 108       |
| 7.7    | Testability Analysis Tools                                  |           |
| 7.8    | Finite Element Analysis Tools                               |           |
| 7.9    | Automated Tool References                                   |           |
|        |                                                             |           |

## TABLE OF CONTENTS (Cont'd)

| SECTION 8: SOME CHALLENGES FOR CE IN TODAY'S AUTOMATION<br>ENVIRONMENT | Page |
|------------------------------------------------------------------------|------|
|                                                                        |      |
| 8.0 SOME CHALLENGES FOR CE IN TODAY'S AUTOMATION<br>ENVIRONMENT        | 115  |
| 8.1 Present Database Limitations                                       | 115  |
| 8.2 Limitations of Today's Automated Tools                             | 115  |
| 8.3 Challenges for CE References                                       | 116  |

## APPENDIX A: RAC PRODUCTS

## LIST OF FIGURES

| A COMPARISON OF SEQUENTIAL AND CONCURRENT    |              |
|----------------------------------------------|--------------|
| ERING                                        | 2            |
| RSS ANALYSIS                                 | 18           |
| TAGUCHI LOSS FUNCTION                        | 20           |
| LOSS FUNCTION EQUATIONS                      | 20           |
| PARAMETER DESIGN                             | 21           |
| SIGNAL-TO-NOISE RATIOS                       | 22           |
| FAULT TREE SYMBOLS                           | 43           |
| BASIC TOPOGRAPHS                             | 48           |
| CLOSED LOOP FAILURE REPORTING AND CORRECTIVE |              |
| SYSTEM.                                      | 53           |
| EXAMPLE CIRCUIT AND APPLICABLE NETLIST       | <b>93</b>    |
|                                              | RSS ANALYSIS |

## LIST OF TABLES

| TABLE 1: | PARTS TYPES VS. PRINCIPLE SOURCES OF VARIATION | 16 |
|----------|------------------------------------------------|----|
| TABLE 2: | MIL-STD-785B APPLICATION MATRIX                | 28 |
| TABLE 3: | USES OF RELIABILITY MODELS AND PREDICTIONS     | 32 |
| TABLE 4: | OBJECTIVES OF A FRACAS PROGRAM                 | 52 |
| TABLE 5: | MIL-STD-470 APPLICATION MATRIX                 | 57 |

# **SECTION 1**

# THE NEED FOR CONCURRENT ENGINEERING

## **1.0 THE NEED FOR CONCURRENT ENGINEERING**

Engineering and production organizations all over the world are under increasing pressure to become more profitable in today's business environment. Defense, non-defense and commercial industries are all facing similar competitive pressures.

#### 1.1 The Problem: Loss of Markets and Loss of Competitiveness

Some of the major deterrents to competitiveness in world markets today are: the failure to meet the user's needs, excessive cost, perceived poor quality and excessive time, required to design and introduce a new product. CE ceeks to improve customer satisfaction by a recognition of all of the user's sometimes conflicting requirements and optimizing the design over the entire spectrum of user needs including cost and quality.

The delays in product introduction are due largely to the serial nature of the historic design process. In this serial structure each speciality labors on the design alone until they have completed their portion of the effort and then passes the design on to the next speciality. This further reinforces a "stovepipe mentality" whereby each technical speciality is interested only in optimizing the design for their specific concern.

With this scenario in place, the individual contributions of each of the various "ilities" (Reliability, Maintainability, Testability, Producibility, etc.) to the total design effort is not coordinated. Each engineer may be an expert in his field and very talented in his own right, but until they all work well together, the development process is inefficient and less than ideal.

Too frequently the perceived philosophy is for the product designers to complete their preliminary design then pass it on to the next discipline when they are satisfied with it and move on to something new. The design process today is much too complex for any one person to totally accomplish alone. Many years ago, a single designer might be expected to have an intuitive knowledge of all of the necessary areas of expertise, but with the higher levels of complexity of today's products, human intuition is less than effective. Today, inputs from experts with experience in a variety of diverse disciplines is needed to assure a viable product design.

## **1.2** The Solution: Concurrent Engineering

CONCURRENT ENGINEERING IS A SYSTEMATIC APPROACH TO THE INTEGRATED, CONCURRENT DESIGN OF PRODUCTS AND THEIR RELATED PROCESSES, INCLUDING MANUFACTURING AND SUPPORT. THIS APPROACH IS INTENDED TO CAUSE THE DEVELOPERS, FROM THE OUTSET, TO CONSIDER ALL ELEMENTS OF THE PRODUCT LIFE CYCLE FROM

# CONCEPTION THROUGH DISPOSAL, INCLUDING QUALITY, COST, SCHEDULE, AND USER REQUIREMENTS. [Reference 2].

As shown in Figure 1, this is in marked contrast to the traditional design approach which fragments product development into a series of isolated engineering specialities, each speciality working on the product in a sequential development manner. The intent of CE is to cause product developers to consider all elements of the product life cycle from conception through disposal, including: quality, cost, schedule, and user requirements.

## SEQUENTIAL ENGINEERING



#### FIGURE 1: A COMPARISON OF SEQUENTIAL AND CONCURRENT ENGINEERING

CE of a Product includes concurrent application of each of the various engineering specialities including the traditional electrical design, mechanical design and thermal design as well as all of the other applicable "ilities": reliability, maintainability, testability, producibility, supportability, safety, logistics, etc.

## 1.2.1 The Essence of Concurrent Engineering

CE utilizes Multi-discipline Design Teams to perform the simultaneous design of the product, the production process and all of the associated product support processes. It emphasizes multi-parameter optimization of the design. CE recognizes that the manufacturing options are often dictated by design choices that may be arbitrary in nature. It seeks to correct this situation by mandating and implementing closer communication between the product design staff and the process design staff. A Multi-discipline Design Team approach accelerates the synergistic relationships between all of the various functional disciplines.

There are three critical elements [Reference 2] related to CE which should be explored in greater depth; The Timing, The Process and The Philosophy.

#### 1.2.2 <u>The Process: Translation of the Requirements Into the Product</u>

The effective and timely contribution of all responsible participants in the design, manufacturing and use cycle, together with the objective identification and evaluation of any necessary trade-offs between potential conflicting requirements, is imperative.

CE may sometimes be viewed as serving at least three different customers: a) the end user of the product being developed, b) the manufacturer of the product, and c) the service organization that will ultimately support the product. Since customers often do not understand the subtleties of their needs and even more frequently the limits of technology, realistic product development becomes a problem-solving process among multiple customers and multiple functional experts working as a team. [4]

A technique that has been found to be effective in assuring that the customers' diverse requirements are adequately reflected in the design of the product is that of Quality Function Deployment (QFD). "Deployment" in this sense means "an extension or broadening of the quality activity" beyond its historical bounds of inspection and process control into the sphere of product development as well. The QFD process begins by considering the product or service from the customer's perspective, i.e., elucidate what the customer would like if the product or service were ideal. These nonparametric "customer perceived quality characteristics" are then translated, by the multi-discipline design team, into "quantifiable design characteristics." QFD thus enables the design team to transition smoothly from the "world of the customer" to "the world of the engineer." [5]

Some of the major elements of this translation process include:

- INTEGRATED PARTICIPATION Continuing integrated participation of multi-function teams in the design of the product, the process and the product's support is essential.
- ITERATION AND CLOSURE OF PRODUCT AND PROCESS DESIGN -The process of integrating multiple engineering, manufacturing, and management functions must provide for the efficient iteration and closure of both the product design and the process design.

- CONFLICT RESOLUTION The methodology must also identify conflicting requirements and support their effective resolution through an objective choice of options based upon a quantitative or a qualitative comparison or trade-off, as appropriate.
- OPTIMIZATION OF BOTH THE PRODUCT AND PROCESS DESIGN It must assure the best possible design, within the given constraints.

## 1.2.3 The Philosophy: Continuous and Aggressive Design Improvement

The philosophy of CE contains a number of key elements including:

- CONTINUOUS, OPEN COMMUNICATION This inclucommunication between customer and vendor, both within customer's organization and the vendor's organizations.
- COMPLETE UNAMBIGUOUS STATEMENT OF USER REQUIREMENTS -This statement of requirements must include definitive priorities of the various requirements to be applied in case a trade-off analysis becomes necessary.
- COMPLETE UNAMBIGUOUS DESCRIPTION OF THE PRODUCT AND ITS RELATED PROCESSES - The goal should be to establish a close working relationship and open lines of communication between the customer and the vendor.
- BASELINE PRODUCT AND PROCESS EVALUATION This evaluation must be completed prior to full scale production. It should include benchmarking of the proposed product against similar world-class products.

#### 1.3 Some Common Misconceptions Regarding CE

There are a number of common misconceptions relating to CE that should be addressed and corrected. The truths regarding CE include the following:

• CE IS NOT A MAGIC FORMULA FOR SUCCESS - A talented design and production team and a lot of hard work is still necessary to assure a successful end product. It means using a scientific approach, making decisions based on data rather than hunches, looking for antecedent causes of problems rather than reacting to superficial symptoms, seeking permanent solutions rather than relying on quick fixes. This is accomplished by utilizing techniques such as experimental design, simulation modeling, and mathematical analyses to seek to provide a

4

deeper understanding of interrelationships and determine root cause effects.

- CE DOES NOT ELIMINATE ANY ENGINEERING FUNCTION In CE all downstream processes are co-designed toward a more all-encompassing, cost-effective design solution. Specialty engineering contributions should accentuate finding root causes and solutions to these problems.
- CE DOES NOT SIMPLY OVERLAP THE DESIGN AND PRODUCTION TASKS The design of both the product and the downstream processes are to be completed prior to the start of any production.
- CE IS NOT JUST DESIGN FOR PRODUCIBILITY, OR DESIGN FOR RELIABILITY, OR DESIGN FOR MAINTAINABILITY - CE involves the optimization and integration of all design disciplines within a costeffective design process.
- CE IS NOT SIMPLY CONSERVATIVE DESIGN CE attempts to optimize the design over a larger set of processes and determines how to achieve the requirements using the lower costs.
- CE DOES NOT IMPLY CONSERVATISM IN THE INCORPORATION OF NEW TECHNOLOGIES IN THE PRODUCT - Thorough understanding of the design and control of their applicable manufacturing processes are the essential elements.
- CE DOES NOT REQUIRE CONSERVATIVE TESTING STRATEGY CE tries to approach one-pass designs; rather than repeated test-and-fix design cycles. In software design, a negative correlation has actually been found [Reference 3] between the reliability of the software and the number of trial debugging runs performed by the designer (i.e., DO IT RIGHT THE FIRST TIME!).
- CE DOES NOT IMPLY CONSERVATIVE INSPECTION STRATEGIES CE seeks to achieve production repeatability through design robustness of both the product and its production process, i.e. a production process that provides adequate means for the monitor and control of its essential parameters.

## **1.4** The Benefits of Concurrent Engineering

Some of the benefits derived from using a concurrent engineering design approach rather than the conventional serial design approach include:

• A SIGNIFICANT REDUCTION IN THE TIME NECESSARY TO ITERATE A DESIGN - Design analyses which formerly took several engineers weeks to determine, can now be accomplished in several hours using automated design tools.

- DEVELOPMENT OF RAPID REPRESENTATIVE PROTOTYPES A prototype which accurately reflects both the design and the manufacturing process becomes easier to accomplish as the design process is moved out of the laboratory and onto engineering workstations. Using modern digitally based manufacturing techniques such as flexible manufacturing, stereo-lithography (e.g., 3-D printing) and selective laser sintering it is possible to quickly and economically execute prototypes, from a variety of materials, which accurately reflect the form, fit, and function of the final production configuration. The necessary digital design data comes directly from the applicable CAD workstation.
- ELIMINATION OF "FUNCTIONAL STOVEPIPE" MENTALITY -Sophisticated computerized tools permit designers to begin considering the implications of each "ility" much earlier in the design cycle.
- PHYSICAL PROXIMITY IS NOT NECESSARILY REQUIRED A common electronic database may eliminate the need to consolidate the design team at a single location. CE promotes an improved interchange of information between the various engineering disciplines.
- DESIGN CHANGES ARE IMMEDIATELY AVAILABLE TO ALL TEAM MEMBERS With a common electronic database, design changes made by one team member are immediately available for evaluation by all of the team members.
- REDUCED TOOLING IMPACT CAD/CAM-based flexible manufacturing configurations minimize the tooling impact of changes and permit rapid correction of most design-oriented problems.
- REDUCED NEED FOR MOCK-UPS Effective computerized models frequently reduce or eliminate a need for mock-ups. This becomes more obvious as the design process is moved out of the laboratory and onto engineering workstations with enhanced graphic presentations.
- WITH CE QUALITY ASSURANCE BECOMES A PROBLEM SOLVER RATHER THAN A "POLICEMAN" - The major role of QA, is changed from simply finding bad parts to reducing process variability which ensures the stability of the manufacturing process and prevents the making of bad parts.

6

## 1.5 Management Challenges of Concurrent Engineering

The implementation of CE within an organization familiar with a serial design process is not going to be easy.

#### CE REQUIRES A BASIC CHANGE IN THE WAY COMPANIES CONDUCT BUSINESS

In contrast to the historic philosophy, manufacturing and tooling personnel must now be an integral part of the design team. Also, Statistical Process Control (SPC) is absolutely essential to control and reduce process variability.

Middle Management is frequently the most difficult sector to get involved in this revolutionary change. The associated cultural and management changes are usually harder to direct than are the technical changes.

#### 1.6 The Multi-Discipline Team Concept

A fundamental tenet of CE is that an organization's most valuable resource is its people. Yet to be successful, these people must work together effectively in teams.

The formation of a multi-discipline product/process development team and the molding of these various individual specialists into a productive working relationship (i.e., team building) are critical to the success of CE. The team must be composed of individuals who have the vision and the ingenuity to do things differently, and yet interface harmoniously. The success of a CE project clearly depends upon the ability of these team members to work together.

Problem solving is the key role of the team. Problem solving in the product and process definition of a complex system goes beyond decision making - it includes defining the problem, generating alternate solutions, re-evaluating alternatives, selecting alternatives, and implementing the solution. These problems are multileveled, multi-dimensional, and multi-disciplinary - all of the information required to form a solution may not be available, and the available information may be based on judgment and experience. Hence, initial concentration will be placed on blending human rather than technical aspects of the team.

The multifunctional nature of the team further complicates group dynamics because of language barriers, perceptions of unequal status, and general cultural barriers to teamwork. Yet achieving consensus among members of a CE team, i.e., arriving at a product and process definition that every team member accepts, is the goal. Thus all team members must be satisfied with the design, accept ownership of it, and become responsible for it.

There are various methods and management practices to help overcome these difficulties and to accomplish CE product and process definition. These different

methods must be adequately explored to find those methods which are most effective for a given organization. Every effort should be made by management to enable the team and remove existing barriers to ensure that the various team members individually accept ownership of the CE processes and the responsibility, authority, and accountability for the CE product.

A cornerstone of this emphasis on human resources and teamwork is training in the underlying philosophy of continual improvement, the tools and techniques of the scientific approach to problem solving, and the skills required to work together effectively in a team setting.

As processes become more sophisticated and automated, corporate success becomes people dependent rather than technology dependent. Instead, human skills and especially team working skills must be developed simultaneously with computer software and equipment hardware, and then managed in such a way that they reinforce each other. [6]

In the final analysis the success of CE in any organization depends largely on the success of the building and operation of these multi-discipline teams. [7]

#### **1.7** The Need for Concurrent Engineering References

- [1] Hall, D., et al, "CALS Technical Report 001 Integration of R & M into the Automated Design Process," CALS Industry Steering Group, March 1988.
- [2] Winner, R. J., et al, "The Role of Concurrent Engineering in Weapons Systems Acquisition," Institute for Defense Analysis, Report R- 338, December 1988
- [3] Keene, S., "Software Reliability Directions," Reliability Review, ASQC, March 1991
- [4] Richter, Dr. K.J., "Concurrent Engineering Some Definitions and Issues," '92 Product Assurance Forum, April 1992
- [5] Smith, L.C., "Quality Function Deployment and Its Application in Concurrent Engineering," '92 Product Assurance Forum, April 1992
- [6] Hays, R.L., et al., "Dynamic Manufacturing: Creating the Learning Organization," The Free Press, New York, NY, 1988
- [7] Richter, Dr. K.J., "Organization and Management of Concurrent Engineering Team," '92 Product Assurance Forum, April 1992

Reliability Analysis Center (RAC) • 201 Mill St., Rome, NY 13440-6916 • 315-337-0900

8

# SECTION 2 ROBUST CIRCUIT DESIGN

#### 2.0 ROBUST CIRCUIT DESIGN

Robust Circuit Design is an integral part of concurrent engineering. A robust design minimizes less-than-optimal interactions among a product's parts caused by external factors such as manufacturing process variations, abusive operation and the environment. A robust design seeks to reduce product sensitivity to the sources of variability through careful selection of design values. Besides minimizing deviations within a product, a robust design seeks to insulate the product against outside sources of variability in manufacturing and use [Reference 1].

In a similar manner the production processes utilized can also be designed for robustness. An example, for electronic circuits, might be the selection of a specific soldering process i.e., vapor-phase reflow soldering, versus wave-flow soldering, versus hand soldering and then the subsequent optimization of that specific soldering process. Unfortunately however, a detailed study of production process robustness is beyond the scope of this treatise. Two excellent sources for this type of information are: the Electronic Manufacturing Productivity Facility (EMPF) [Reference 2] and the Manufacturing Technology Information Analysis Center [Reference 3].

The goal of robust circuit design is to select design values that maximize key product characteristics in relation to expected variations. The problem is that it is hard to select optimum design values because there are so many variations. Interaction between design values and external factors are often so complex, that the cost and difficulty of analyzing them is overwhelming.

To overcome this obstacle of complexity, a robust circuit design approach seeks to integrate the outputs of various analytical tools to address not only the concerns of design functionality but also its reliability, testability, producibility, environmental sensitivity and long-term life of the electronic circuits and systems.

#### A ROBUST DESIGN IS A DESIGN THAT EXHIBITS MINIMAL SENSITIVITY TO BOTH EXTERNAL AND INTERNAL INFLUENCES.

These influences include (but are not limited to):

| Temperature                  | Voltage   |
|------------------------------|-----------|
| Cooling Changes              | Vibration |
| Part Manufacturing Variation | Shock     |
| Part Aging Characteristics   | Radiation |
| Load Changes                 | EMI       |

A robust design approach addresses the potential variability of the individual components from which the circuit is assembled and the manner in which these parts typically fail, the effect of environmental influences upon the proper

Reliability Analysis Center (RAC) • 201 Mill St., Rome, NY 13440-6916 • 315-337-0900

functioning of the circuit, and the ability to successfully test the circuit after it has been manufactured.

In theory CE does not require automation, but modern electronic design is heavily dependent upon automation as a practical necessity. Therefore, in this case, CE is dependent upon the effective use of automated tools. Specific objectives in the use of these automated tools in a Robust Circuit Design approach are:

- To identify and utilize Modern Analytical Tools to optimize the circuit design from a functional, reliability, maintainability and testability viewpoint. The majority of these analysis techniques have now been automated. Specific examples of commercial software tools to aid in the performance of these and other related analyses are discussed in greater detail in Section 7.0, "Currently Available Automated Tools."
- To understand the strengths, weaknesses and limitations of these tools so that they can be used cost-effectively in their application.
- To integrate the results of each individual analytical technique into a coherent total design package.

While a major thrust of the Robust Circuit Design approach is centered on circuit analysis, it is equally concerned with integrating the outputs of each of the various distinct "ilities" into a complete concurrent design package.

A robust circuit design approach deals with many different topics. It is concerned with mathematics and statistics including: Error Considerations, Approximations and Evaluation Limitations, Sensitivity Analysis Methods, Random Variable Theory, Combining Random Variables, Part Value Distributions, Normal Distribution Tables, and the Central Limit Theorem together with their application to circuit analysis.

Robust circuit design considers anticipated variations in part parameters of both newly received devices and variations which result from aging and environmental factors. These part parameter changes must be combined for each applicable part. However, there are usually numerous ways to combine these parameter changes. Furthermore, part parameter changes are not always constant and monotonic with changes in the environment; therefore, a sensitivity analysis of the part parameters must be considered. Development of a part tolerance database which contains applicable part parameter data for each design element can help in the sensitivity analysis. Once components are integrated into a circuit, the designer must be concerned that the circuit will function properly under all foreseeable circumstances Thus robust circuit design is concerned with:

- Proper parts application and stress analysis including: misapplication of parts and the interrelationship between thermal and electrical stresses.
- Excessive stresses on the parts possibly resulting in permanent damage to the parts.
- Circuit analysis including: circuit attributes and circuit partitioning, circuit and part models and algorithms, and data combining methods such as: Extreme Value Analysis (EVA), Root Sum Squared (RSS) and Monte Carlo Simulation.
- Determination of a circuit's inherent testability and test signal optimization.
- Availability of automated design analysis tools (i.e., circuit analysis, mathematical/graphical analysis, reliability & maintainability, and testability tools).
- Providing proper design documentation to the customer: documentation adequacy, report format, and potential pitfalls in the documentation.
- Management considerations: initiating and controlling the analysis task, interpreting the results, risk assessment and cost.

#### 2.1 Robust Circuit Design Parts Database

Various analyses are required to verify that electronic hardware will comply with specification requirements over the design life. These analyses can be complex requiring the use of various computer software tools to adequately address the problem. Most of the circuit analyses require a detailed inventory of the piece parts, their initial parameter values and estimates of the degree of change that can be expected with these parameters. This situation can best be handled with a database management system.

Piece part parameter values are affected by one or more environmental conditions and a number of methods are available for combining the effects of these environmental factors. The part level database provides a quantitative assessment of all sources of variability for each part type utilized in the system. The statistical summation of the variability provides the basis of part values which describe the items worst case minimum, and worst case maximum parameters. This part database becomes the foundation for all CE analyses for a given system. All analysts now use identical source data. The part database accounts for all part parameter variations including those due to: initial tolerance, environmental effects and changes, aging and life. Usually part types have more than one parameter that is significant to circuit analyses. These include voltage, current, power dissipation, resistance, etc. Also, there are two distinct types of part parameter variations: 1) biases, those that are predictable in direction, and 2) random, those that are not predictable in direction. Both are predictable in magnitude. Both the bias changes and the random changes must be addressed in the parts database.

#### 2.2 Environmental Considerations

Table 1 illustrates some of the most important and common environmental effects including: temperature, aging (powered), radiation, humidity, mechanical (vibration/shock/acceleration/spin), life (unpowered), vacuum, and electrical stress.

A study of the dominant environmental effects on part operating parameters is essential to robust circuit design. Additionally, a basic knowledge of semiconductor and component materials is invaluable to the analyst and designer in assessing these environmental effects. Applying this knowledge early in the design phase precludes and minimizes the later occurrence of reliability related problems.

|             | TRAN-<br>SISTOR | DIODE | ZENER<br>DIODE | DIGITAL<br>IC | LINEAR<br>IC | RESIS-<br>TOR | CAP-<br>ACITOR | INDUC-<br>TOR | RELAY |
|-------------|-----------------|-------|----------------|---------------|--------------|---------------|----------------|---------------|-------|
| Temperature | X               | Х     | X              | Note 1        | Note 1       | X             | Х              | Х             | Х     |
| Aging       | X               |       |                |               |              | X             | X              |               | X     |
| Radiation   | X               | X     | X              | X             | X            |               |                |               |       |
| Mechanical  |                 |       |                |               |              | X             | X              | X             | X     |
| Humidity    |                 |       |                |               |              | X             | X              |               |       |
| Life        |                 |       |                |               |              | X             | X              |               |       |
| Vacuum      |                 |       |                |               |              | X             | X              |               |       |
| Electrical  | X               | X     | X              |               |              |               | X              |               |       |

#### **TABLE 1: PART TYPES VS. PRINCIPLE SOURCES OF VARIATION**

X: Significantly effected by environment.

Note 1: Performance limits are usually specified over the entire temperature range; interpolation is usually not possible.

## 2.3 Robust Circuit Analysis

In a typical circuit analysis there are three possible methods for presenting results and combining part data. They are:

- Extreme Value Analysis (EVA)
- Root-Sum-Squared Analysis (RSS)
- Monte Carlo Simulation

All three methods require a part database with part operating parameter data, but each utilize and combine data from the database in different ways thus giving different numerical results. Two of the methods, RSS and Monte Carlo, are statistical. They consider that the piece part parameter variations are totally random in nature.

EVA, RSS and Monte Carlo Simulation techniques will be examined in the following sections with their respective database requirements and error sources explained. Also, we will examine situations where piece part parameter variations consist of both bias and random components. Differences in analysis results for each of the three techniques will also be presented.

## 2.3.1 Extreme Value Analysis (EVA) or Absolute Worst Case

EVA is the most readily obtainable estimate of a circuits worst case performance and it does not require statistical inputs for circuit parameters. It is the simplest of the three approaches to use and yields the most conservative results. It is often used in situations where high reliability is a critical factor. An EVA utilizes limits of a parts variability and the circuit directional sensitivities to part variations as inputs to the analysis. The database need supply only part parameter variation extremes. EVA results illustrates a pessimistic estimate of a circuit's worst case performance. If the EVA indicates a circuit failure, additional investigation may be warranted to assess the actual risk of a failure. A statistical worst case estimate requires considerably more computation but it usually gives a less pessimistic answer.

## 2.3.2 Root-Sum-Squared

RSS deals primarily with bias variations. The RSS analysis technique calculates the standard deviation of a circuit attribute based on the standard deviations of the piece part parameters. This implies that the piece part parameters exhibit random variations but knowledge of the component parameter's probability density function (PDF) is not required. RSS assumes that circuit sensitivities remain constant over the range of parameter variability and uses an approximation that circuit performance variability is normally distributed (i.e., Central Limit Theorem). Thus, the standard deviation of the piece part parameter probability distribution is required. RSS is defined by the biases and the standard deviations of the parts variability and circuit sensitivities (i.e., the magnitude and the direction of the changes).

To perform an RSS analysis an EVA is performed first using only the bias portion of the piece part parameter variations to determine the minimum and maximum circuit attribute values. The RSS analysis is then performed using only the random portion of the piece part parameter variations to determine the 3s limits for the circuit attribute. Then, the calculated 3s values are added to the results of the EVA to obtain the RSS minimum and maximum attribute values.

Thus RSS results in a better estimate of the true worst case performance than EVA, RSS also provides some degree of risk assessment in terms of the percentage of units expected to pass or fail. Figure 2 gives us a visual portrayal of the RSS approach to parameter variation. The distribution is divided into the three different elements separating the positive and negative bias portions of variation from the random portions of variation.

#### 2.3.3 Monte Carlo Simulation

For a Monte Carlo simulation the probability distribution of the part variability is the key item of interest. It requires an accurate knowledge of the piece part parameter PDF. It provides the most realistic estimate of true worst case performance of the three methods and provides additional information which can be applied to risk assessment. Monte Carlo simulation requires the use of a circuit simulation tool and requires considerable computational time.



#### 2.3.4 Application of the Various Methods

As we have seen there are three different methods of dealing with parameter variations. The question becomes which method should be used in a given situation?

EVA should be used as the basic approach during the design and development phase. It is the simplest technique, is easy to apply and has the most elementary database requirements. If the design fails to meet its performance requirements during an EVA, the design should be modified if possible.

However, there are some occasions when this is not appropriate:

- If the design is currently in production or fielded, a RSS or Monte Carlo analysis should be performed. They are statistically correct and less conservative than the EVA and better at determining the true magnitude of the problem.
- When the design topology is such that an EVA analysis is obviously too conservative.

#### 2.4 Taguchi Methods and Design of Experiments (DOE)

The creation of robust designs is the goal of much of the work of Genichi Taguchi, a noted Japanese quality expert. Starting with a concept of quality which equates variation to loss, Taguchi promulgates the design of system parameters to minimize output variability despite changes in use conditions, using his own approach to the Statistical Design of Experiments to determine the effects of design and use factors on system output.

The foundation for Taguchi's work is his loss function, which basically states that any deviation from a design target represents a loss, with the loss proportional to the square of the deviation. Figure 3 compares this concept to the more traditional idea that it is sufficient for a product to be "in spec." The left side of Figure 3 depicts the latter. All product between the lower specification limit and the upper specification limit is considered good. For obvious reasons, this can be called the "goal post" concept. Products showing a distribution in a specified parameter following curves A or B in the figure would be considered good since most of the product fits between the specification limits. In contrast, the right side of Figure 3 shows the loss function. Both distribution A and distribution B would be considered poor, even though most of the product is within the specification limits. Distribution A has too wide a spread and distribution B is centered off the target. In both cases, there is a loss created. This loss can be direct cost to the manufacturer (e.g. in reworking assemblies when off-target parts will not work together) or a "loss to society" (e.g. off-target pistons will produce less power and waste more fuel than those on-target).



#### FIGURE 3: TAGUCHI LOSS FUNCTION

The loss function in Figure 3 is based on a target value. There are also parameters which are best minimized (e.g. defects) and some best maximized (e.g. miles per gallon). Figure 4 provides the loss functions for all three cases. When a value of (k) is determined (e.g. by estimating the rework costs for parts at the specification limits) loss can be computed in monetary terms. However, it is recommend that any such computation be used as a relative measure to quantify the effects of proposed improvements rather than be considered an absolute measure of actual loss.

Since variation is equated to loss, it follows that design should be created to minimize loss. Figure 5 is a theoretical function relating the output of a system to some input parameter. As shown, when the input parameter varies, the system output also varies, but setting the parameter at point A will cause more variation, and hence loss, than setting it at point B. Thus the designer would be best advised to create a system with the desired output produced when the input is set to operate at point B.

The output of a system is, of course, affected by more than one design parameter, and also by use parameters which cannot be controlled by the designer. Hence, he or she must determine the effects of all significant design and use parameters on the system output. One way of obtaining this information is through the statistical design of experiments (DOE).

18



## FIGURE 4: LOSS FUNCTION EQUATIONS





Reliability Analysis Center (RAC) • 201 Mill St., Rome, NY 13440-6916 • 315-337-0900

One intent of DOE is to identify those parameters which have the greatest impact on the output of the system. This is done through the use of orthogonal arrays, which permit the separation of the effects of the different parameters. For example, if a process depended on only two parameters, temperature and pressure, an approach to DOE would be to first select a high and low temperature and a high and low pressure, then run four tests: one at high temperature and low pressure, one at high temperature and high pressure, one at low temperature and low pressure and one at low temperature and high pressure. Some output of the process would be measured in each test. The average of the two readings at high temperature would be compared to the average of the two readings at low temperature to determine the effects of temperature on the process output. Similarly, the effects of pressure would be determined. The parameter with the greater impact on the process output would be considered the more important to control.

Taguchi uses many modifications to DOE. One pertinent to this discussion is the transformation of the measured outputs into "signal-to-noise ratios." These are measures which combine the value of the output with its variation. The variation data is obtained by repeating each test. In the example above, each of the four test settings would be used at least twice each to measure the variation in the output at each designated test setting. The parameter having the greater effect on the signal-to-noise ratio, rather than on the output, would be considered the more important. Figure 6 shows the formulas used to transform the output measures into signal-to-noise ratios.

**SMALLER IS BETTER** 

#### NOMINAL IS BETTER

$$S / N_N = 10 \ Log_{10} \frac{1}{n} \left( \frac{S_m - V_e}{V_e} \right)$$
  
 $S / N_s = -10 \ Log_{10} \ \frac{1}{n} \ \sum_{i=1}^{n} (Y_i^2)$ 

where 
$$S_m = \frac{(\Sigma Y_i)^2}{n}$$
 and  $V_e = \frac{\Sigma Y_i^2 - \frac{(\Sigma Y_i)^2}{n}}{n-1}$ 

#### LARGER IS BETTER

 $S / N_{L} = -10 Log_{10} \frac{1}{n} \sum_{1}^{n} \left( \frac{1}{Y_{i}^{2}} \right)$ 

 $Y_i = ONE OBSERVATION$ 

#### n = NUMBER OF REPLICATIONS OF TEST RUN

#### FIGURE 6: SIGNAL-TO-NOISE RATIOS

Although Taguchi's methods are often challenged by other statistical experts, they all agree that variation is an enemy of quality. Robust design, defined as designing for minimum variation in system output despite expected variation in use conditions, is universally recommended.

#### 2.5 Robust Circuit Design References

- [1] "Robust Circuit Design Training Course" Copyright 1991, Reliability Analysis Center, Rome, NY
- [2] Electronics Manufacturing Productivity Facility (EMPF) 714 North Senate Ave., Indianapolis, IN 46204
- [3] Manufacturing Technology Information Analysis Center 10 West 35th Street, Chicago, Illinois 60616

ŧ

Reliability Analysis Center (RAC) • 201 Mill St., Rome, NY 13440-6916 • 315-337-0900

22

# **SECTION 3**

# RELIABILITY AND MAINTAINABILITY CONSIDERATIONS

#### 3.0 RELIABILITY AND MAINTAINABILITY CONSIDERATIONS

This section addresses analytical methods which may be used to evaluate various design options for their reliability and maintainability impact. Under CE the reliability engineer and the maintainability engineer must work with other specialists to create a globally balanced design. Reliability enhancements must be traded against a variety of other considerations. For example, redundancy has obvious cost, weight and logistics impacts which may make it less desirable for certain applications than others. In addition, reliability and maintainability tools can help to put potential design options into their true perspective. Added design features may, for example, cause sneak circuits which the reliability engineer must identify and eliminate. Failure modes and effects analysis can help evaluate the inherent risks of different design approaches. When design trade-offs have been made, the reliability and maintainability engineers must make sure that the anticipated R & M characteristics are actually achieved in service. These responsibilities will be met using engineering principles and analytical techniques described in various military specifications and standards. This section will briefly discuss the pertinent documents and the analytical techniques which they describe in much greater detail.

#### 3.1 Reliability Program

For DoD related programs most reliability requirements are delineated in MIL-STD-785, "Reliability Program For Systems and Equipment Development and Production." This standard addresses specific reliability tasks and describes them in limited detail. The standard also contains, in Appendix A, detailed guidelines for tailoring of tasks to the needs of a specific program. MIL-STD-785 is an excellent guidance document for commercial programs as well.

MIL-STD-785 contains eighteen different Reliability Tasks (Table 2) grouped in three categories: (1) Reliability Accounting Tasks, (2) Reliability Engineering Tasks and (3) Reliability Management Tasks. The second group of tasks related to reliability engineering, are the tasks that are most applicable to concurrent engineering.

Reliability engineering tasks focus on the prevention, detection, and correction of reliability design deficiencies, weak parts, and workmanship defects. An effective reliability program stresses early investment in reliability engineering tasks to avoid subsequent additional costs and schedule delays. A brief synopsis of those tasks applicable to concurrent engineering are presented below.

#### Task 104: Failure Reporting, Analyses, & Corrective Action Systems (FRACAS)

Early identification and elimination of potential failure causes is key to improving system reliability. The sooner failure causes are identified the easier it is to

| TABLE 2: MIL-STD-78 | 5B APPLICATION MATRIX | RIX |
|---------------------|-----------------------|-----|
|---------------------|-----------------------|-----|

| []   |                                                                                                      |              | PROGRAM PHASE Task |             |         | Task         |                                   |
|------|------------------------------------------------------------------------------------------------------|--------------|--------------------|-------------|---------|--------------|-----------------------------------|
| TASK | TITLE                                                                                                | TASK<br>TYPE | Concept            | Valid       | FSED    | PROD         | Feasibility<br>in CE<br>Framework |
| 101  | Reliability Program Plan                                                                             | MGT          | S                  | S           | G       | G            | X                                 |
| 102  | Monitor/Control of<br>Subcontractors and Suppliers                                                   | MGT          | S                  | S           | G       | G            | x                                 |
| 103  | Program Reviews                                                                                      | MGT          | S                  | S(2)        | G(2)    | G(2)         | x                                 |
| 104  | Failure Reporting, Analysis,<br>and Corrective Action System<br>(FRACAS)                             | ENG          | N/A                | S           | G       | G            | x                                 |
| 105  | Failure Review Board (FRB)                                                                           | MGT          | N/A                | S(2)        | G       | G            | x                                 |
| 201  | Reliability Modeling                                                                                 | ENG          | S                  | S(2)        | G(2)    | GC(2)        | x                                 |
| 202  | Reliability Allocations                                                                              | ACC          | S                  | G           | G       | GC           | x                                 |
| 203  | Reliability Predictions                                                                              | ACC          | S                  | S(2)        | G(2)    | GC(2)        | x                                 |
| 204  | Failure Modes, Effects and<br>Criticality Analysis<br>(FMECA)                                        | ENG          | S                  | S(1)(2)     | G(1)(2) | GC(1)<br>(2) | x                                 |
| 205  | Sneak Circuit Analysis (SCA)                                                                         | ENG          | N/A                | N/A         | G(1)    | GC(1)        | x                                 |
| 206  | Electronic Parts/Circuits<br>Tolerance Analysis                                                      | ENG          | N/A                | N/A         | G       | CC 20        | x                                 |
| 207  | Parts Program                                                                                        | ENG          | S                  | S(2)<br>(3) | G(2)    | G(2)         | x                                 |
| 208  | Reliability Critical Items                                                                           | MGT          | S(1)               | S(1)        | G       | G            | x                                 |
| 209  | Effects of Functional Testing,<br>Storage, Handling,<br>Packaging, Transportation<br>and Maintenance | ENG          | N/A                | S(1)        | G       | <b>3</b> 2   | x                                 |
| 301  | Environmental Stress<br>Screening (ESS)                                                              | ENG          | N/A                | S           | G       | G            | x                                 |
| 302  | Reliability<br>Development/Growth Testing                                                            | ENG          | N/A                | S(2)        | G(2)    | N/A          | x                                 |
| 303  | Reliability Qualification<br>Test (RQT) Program                                                      | ACC          | N/A                | S(2)        | G(2)    | G(2)         | x                                 |
| 304  | Production Reliability<br>Acceptance Test (PRAT)<br>Program                                          | ACC          | N/A                | N/A         | S       | G(2)(3)      | x                                 |

#### Task Type

ACC - Reliability Accounting

ENG - Reliability Engineering

MGT - Management

## Program Phase

S - Selectively Applicable

G - Generally Applicable

GC - Generally Applicable to Design Changes Only

N/A - Not Applicable

 Requires considerable interpretation of intent to be cost effective
 MIL-SID-785 is not the primary implementation requirement. Other MIL-SIDs or statement of work requirements must be included to define the requirements.

26

implement effective corrective actions which eliminate the problem areas. To help monitor and track this process, a closed-loop FRACAS should be employed early in development with information feedback loops to all engineering disciplines.

# Task 105: Failure Review Board (FRB)

Acquisition of expensive, complex, or critical equipment requires a formalized FRACAS controlled by a Failure Review Board (FRB) consisting of representatives of the procuring agency and the contractor's engineering, quality assurance and manufacturing personnel. FRB is intended to ensure that FRACAS is properly implemented providing additional assurance of tightly controlled reporting, analyses, and corrective actions on identified failures.

# Task 201: Reliability Modeling

Reliability modeling of the system, subsystem and equipment is required for numerical apportionments and estimates and to evaluate complex equipment arrangements. Models are developed early in the program, even if numerical input data is limited. Early models can reveal conditions where management action is required. Models then evolve as the system becomes more defined and data becomes available.

Reliability modeling results, system duty cycle and mission operating periods are used to compute failure rate and probability of mission success which provide valuable insight to system performance.

# Task 202: Reliability Allocations

Reliability allocations apportion the system reliability requirement to reliability requirements for each of the black boxes and lower-level items. Reallocation of the requirements is performed as more detailed information regarding the design becomes known.

# Task 203: Reliability Predictions

Predictions are important in providing engineers and management with the quantitative reliability information needed to perform design tradeoffs or to compare competing designs. Early prediction is performed to determine feasibility of the reliability requirement. Updates during development and production help determine reliability attainability.

Predictions mature as the actual design matures and exact data becomes available. They also provide essential inputs to related activities such as maintainability, safety, logistics and test planning. Predictions establish a baseline for estimating progress and performance to detect overstressed parts and pinpoint critical areas for redesign.

### Task 204: Failure Modes, Effects, and Criticality Analysis (FMECA)

FMECA allows potential design weaknesses to be identified, analyzed and evaluated using engineering and mission considerations. It provides systematic identification of likely modes of failure, possible effects of each failure, and the criticality of each failure with regard to safety, system readiness, mission success, demand for maintenance, logistic support, or other factors.

An initial FMECA, performed at the conceptual phase, identifies only the more obvious failure modes. However, as design definition matures, the FMECA is expanded to include additional levels of indenture to the part level if necessary

FMECA can suggest areas where the judicious use of redundancy can significantly improve mission reliability without unacceptable impact on basic reliability and areas where other detailed analyses should be made. FMECA results can confirm the validity of models used in computing reliability estimates at the subsystem or functional level of indenture particularly where redundancy is included.

#### Task 205: Sneak Circuit Analysis (SCA)

SCA is used to identify latent paths which may cause unwanted functions or inhibit desired functions in electrical circuits. It assumes that all components are functioning properly. SCA is expensive, and is usually performed late in the design cycle after design documentation is complete. Unfortunately, this makes subsequent changes difficult and costly to implement. SCA is usually considered only for items and functions which are critical to safety or mission success or where other analytical techniques are not effective.

#### Task 206: Electronic Parts/Circuit Tolerance Analysis

This analysis examines the effects of electrical tolerance and parameter changes over a range of specified operating temperatures. It considers expected component value ranges due to manufacturing tolerance variations and also their drift due to time and temperature. The analysis uses equivalent circuits and mode-matrix analysis techniques to prove that the circuit or equipment will meet operating specification requirements under all required conditions. Task 206 utilizes the robust circuit design and analysis techniques which were discussed in Section 2.

## Task 207: Parts Program

Parts are the building blocks from which the system is constructed. System optimization can be achieved only by paying particular attention to parts selection, control, and application. This task starts early and continues throughout the development and production of the system.

A comprehensive parts program consists of the following elements:

- a parts control program in accordance with MIL-STD-965
- parts standardization
- documented parts application and derating guidelines
- part testing, qualification and screening

The objective of the parts program is to control the selection and use of standard and nonstandard parts.

# Task 208: Reliability-Critical Items

Reliability-critical items are those whose failure can significantly affect safety, mission success, or total maintenance/logistics support costs. They are identified during part selection and application. Critical items are prime candidates for detailed test and analysis including reliability growth testing, reliability qualification testing, reliability stress analysis, and other techniques to reduce the reliability risk.

# Task 209: Effects of Functional Testing, Storage, Handling, Packaging, Transportation, and Maintenance

Procedures must be established, maintained, and implemented to determine by test and analysis; the effects of storage, handling, packaging, transportation, maintenance and repeated exposure to functional testing of the hardware. The results of this effort are used to support long-term failure rate predictions, design trade-offs, definition of test conditions, periodic test requirements during dormancy, packaging, handling, storage or refurbishment plans. These procedures provide some assurance that the items can successfully tolerate foreseeable operational and storage influences.

# 3.1.1 Reliability Modeling and Prediction

Reliability Modeling and Prediction covers the tasks of mathematically modeling and predicting the reliability of an equipment design prior to fabrication. Such modeling and prediction are essential functions in evaluating a design. They provide a means to assess whether a proposed or actual equipment design will meet its specified reliability requirement. Reliability models and predictions do not, in themselves, contribute significantly to system reliability. The primary objective of reliability prediction is to provide guidance, relative to the expected inherent reliability of a given design. Reliability predictions are most useful and economical during the early phases of a system design, before hardware is constructed and tested.

During design and development, predictions serve as guides by which design alternatives can be evaluated for reliability. Reliability predictions serve many purposes including; feasibility evaluation, comparison of alternative configurations, identification of potential problems during design review, logistics support planning and cost studies, determination of data deficiencies, tradeoff decisions, and allocation of requirements. They also provide criteria for reliability growth and demonstration testing.

Predictions provide a rational basis for design decisions such as the choice between alternative concepts, choice of part quality levels, derating factors to be applied, use of proven versus state-of-the-art techniques, and other factors. Some of the important uses of reliability models and predictions are summarized in Table 3.

Reliability models and predictions are not used as a basis for determining the attainment of reliability requirements. Attainment of these requirements is based on representative test results such as those obtained by the use of MIL-STD-781D.

## **TABLE 3: USES OF RELIABILITY MODELS AND PREDICTIONS**

- (1) Establish firm reliability requirements in planning documents, preliminary design specifications and requests for proposals, and determination of the feasibility of proposed reliability requirements.
- (2) Comparison of established reliability requirements with state-of-the-art feasibility and guidance in budget and schedule decisions.
- (3) Provide a basis for uniform proposal preparation, evaluation and contractor selection.
- (4) Evaluation of potential reliability through predictions submitted in technical proposals and reports in pre-contract transactions.
- (5) Identify and rank potential problem areas and suggest possible solutions.
- (6) Allocate reliability requirements among subsystems and lower-level items.
- (7) Evaluate the choice of proposed parts, materials, and processes.
- (8) Conditional evaluation of the design before prototype fabrication.
- (9) Provide a basis for trade-off analysis.

MIL-STD-756, "Reliability Modeling and Prediction" is the primary DoD document dealing with this subject. It establishes procedures and ground rules for

the techniques and data sources to be used in the formulation of reliability models and predictions so that they may be uniformly applied and interpreted.

Four different reliability modeling and prediction "tasks" are delineated in MIL-STD-756. Also, nine distinct modeling and prediction "methods" for accomplishing these tasks are described in detail.

There are two types of models: the Basic Reliability Model (Task 101) and the Mission Reliability Model (Task 102). Reliability predictions are then performed based upon these two models, the Basic Reliability Prediction (Task 201) and the Mission Reliability Prediction (Task 202).

The Basic Reliability Model (Task 101) and its associated prediction (Task 201) considers all of the equipment in the system while the Mission Reliability Model (Task 102) and its associated prediction (Task 202) consider only those equipments essential to complete the mission. Both types of reliability must be addressed since the mission reliability does not necessarily give any indication of the frequency of maintenance required to keep the system operational.

# 3.1.1.1 Reliability Modeling Methods

The four reliability modeling "methods" delineated in MIL-STD-756 are:

## Method 1001: Conventional Probability

The conventional probability method prepares a reliability mathematical model from the reliability block diagram using conventional probability relationships. This method is the most commonly used and is applicable to both single function and multi-function systems.

## Method 1002: Boolean Truth Table

The Boolean Truth Table method prepares the reliability mathematical model using Boolean algebra. This method is applicable to both single function and multifunction systems but it is more tedious than the conventional probability method.

## Method 1003: Logic Diagram

The logic diagram method develops a reliability block diagram using logic diagrams. This method is applicable to both single function and multi-function systems. It is also more tedious than the conventional probability method but is simpler than the Boolean truth table approach, especially in combining terms to simplify the Mission Reliability equation.

# Method 1004: Monte Carlo Simulation

Monte Carlo simulation synthesizes a system reliability prediction from a reliability block diagram by means of random sampling. This method is employed where individual equipment probabilities (or equivalent reliability parameter) are known but the mission reliability model is too complex to derive a general equation for solution.

Monte Carlo simulation does not result in a general probability of success equation but computes the system probability of success from the individual equipment probabilities and the reliability block diagram. Monte Carlo simulation must be performed by a computer due to the large number of repetitive trials and calculations required to obtain a significant result. Monte Carlo simulation is applicable to both single function and multi-function systems.

Selection of a specific modeling method is usually up to the discretion of the individual doing the modeling (whichever is most comfortable) since all four methods should yield similar results.

# 3.1.1.2 Reliability Prediction Methods

The five reliability prediction methods delineated in MIL-STD-756 are:

# Method 2001: Similar Item Method

This method utilizes specific experience on similar items. The quickest way of estimating item reliability is to compare the item under consideration with a similar item whose reliability has previously been determined. This method is applicable for items undergoing orderly evolution. With this method, small differences between new and old systems can easily be identified and evaluated. In addition, difficulties encountered in the old design are areas for improvements in the new design. If a similar item comparison cannot be made, this method should not be used.

# Method 2002: Similar Circuit Method

This method utilizes specific experience on similar circuits such as oscillators, discriminator amplifiers, modulators, pulse transforming networks, etc. Method 2002 is employed when a single circuit is being considered or the similar item method cannot be utilized. One rapid way of estimating circuit reliability is to compare the circuits of the item under consideration with similar circuits whose reliability has previously been determined. Individual circuit reliabilities can be combined into an item reliability prediction. This method is applicable for circuits undergoing orderly evolution. Small differences between similar circuits can be easily isolated and evaluated. In addition, difficulties encountered in the old design are the areas for improvements in the new design.

#### Method 2003: Active Element Group Method

The active element group method is termed a feasibility estimating procedure because it is useful for gross estimates of a design in the concept formulation and preliminary design stages. Only an estimate of the number of series elements required to perform the design function is needed. This method relates item functional complexity (active element groups) and application environment to failure rates experienced in other known equipment in the field. Method 2003, however, is obsolete and is no longer recommended.

#### Method 2004: Part Count Method

The parts count method is used in the preliminary design stage when the number of parts in each generic part category such as capacitors, resistors, etc., is reasonably fixed and the overall design complexity is not expected to change appreciably during later stages of development. The parts count method assumes that the time to failure of the parts is exponentially distributed (i.e., a constant hazard rate). Part count failure rate models for electronic parts are found in Appendix A of MIL-HDBK-217.

#### Method 2005: Part Stress Analysis Method

The part stress analysis method is used in the detailed design stage when there are few or no assumptions necessary about the parts used, their stress derating, their quality factors, their operating stresses or their environment in order to determine part failure rates. These factors must be known or be capable of being determined, based upon the state of hardware definition for which the part stress analysis method is applicable. Where unique parts are used, any assumptions regarding their failure rate factors should be identified and justified. The parts stress analysis method is the most accurate method of reliability prediction prior to measurement of reliability under actual or simulated use conditions. The parts stress analysis method assumes that the time-to-failure of the parts is exponentially distributed (i.e., a constant hazard rate). The detailed part stress failure rate models are found in MIL-HDBK-217.

#### 3.1.1.3 <u>Tailoring Reliability Models and Predictions</u>

Reliability prediction is iterative in nature, thus tailoring of the reliability computations throughout each of the program phases is necessary. As the design progresses, the hardware relationships become better defined. Therefore, the mathematical model of the system depicting the relationship between basic reliability and mission reliability can be refined.

Tailoring of these tasks involves primarily the selection of the prediction method utilized and the rigor with which it is applied. For relatively simple systems (i.e., containing no redundant elements and without alternate modes of operation or degraded modes of operation), the basic reliability model and the mission reliability model will be identical and a single reliability prediction will suffice.

# 3.1.2 Part Derating

Achieving high equipment reliability requires that each part be properly applied and capable of withstanding all of the stresses to which it will be subjected. Derating of electronic parts is a powerful tool for enhancing equipment reliability. Derating is defined as:

# LIMITING STRESSES APPLIED TO A PART TO LEVELS WELL WITHIN THAT PART'S SPECIFIED OR PROVEN CAPABILITY IN ORDER TO ENHANCE ITS RELIABILITY.

In mechanical design, the same concept is referred to as the "safety factor."

Part derating is performed with reference to the part vendors "absolute maximum ratings." These ratings are defined in the manufacturer's specification or data sheet as those values which "should not be exceeded under any service or test condition". There are various "absolute maximum ratings" for each part: voltage, current and power, etc. Each absolute maximum ratings is unique. It is applied individually, not in combination with other absolute maximum ratings. Absolute maximum ratings also include maximum operating and storage temperatures (e.g., the maximum junction or hot spot temperature). The electrical parameters are typically based upon "DC power conditions measured in free air at 25°C." Derating may be done in two ways: reducing the stresses on the part, or increasing the part's strength (i.e., using a higher rated part).

Electronic part reliability is affected by both electrical and thermal stresses to which the part is subjected. Increased thermal stresses generate increased junction temperature. The result is increased cherhical activity within the part as described by the Arrhenius Reaction Rate Model and in an increased failure rate. Electronic part reliability is largely determined by the thermal stress. MIL-HDBK-217 failure rate models show that part failure rates vary significantly with temperature. Some parts are more temperature-sensitive than others. Significant reduction in failure rate can be achieved by improving the thermal design (i.e., reducing the temperatures).

Increasing the electrical stresses also increases the failure rate. If both thermal stress (i.e. junction temperature) and the electrical stress are simultaneously increased, the two factors are compounded, greatly increasing the failure rate. This is the basic theory behind the MIL-HDBK-217 failure rate prediction methodology.

Derating procedures vary from part type to part type and application to application. For example, resistor derating is accomplished by decreasing the ratio of operating-power to rated-power. Capacitors, on the other hand, are derated by reducing the applied voltage to a lower-than-rated value while semiconductors are derated by reducing their power dissipation and junction temperature below their maximum rating.

Electronic part derating is performed, as necessary, to assure that the equipment reliability meets its specification. Electronic part derating curves relate derating levels with critical environmental/physical factors and part parameters. Semiconductor manufacturers provide curves of operating parameters vs. temperature (maximum and minimum storage temperatures and maximum operating junction temperature) and package thermal resistance. Maximum operating junction temperature is derated by reference to failure rate vs. temperature data to achieve desired part reliability.

However, simply computing the worst-case semiconductor junction temperature and assuming that the thermal design is adequate is not sufficient. The device may function under such conditions, but its reliability will generally be unacceptable. Maximum allowable semiconductor junction temperatures are of little use unless they are related to the required equipment reliability. Normally derating from published device ratings is required.

Beyond its obvious impact upon equipment reliability, maximum junction temperature derating is also advisable to provide an additional margin for error. Derating provides additional tolerance for system electrical transients and for possible non-uniform part heating.

Derating also compensates for many of the variables inherent in any design. Electronic parts produced on an assembly line are not all identical. There are subtle differences and variations from one part to the next. Proper part derating helps to compensate for these part-to-part variations and alleviate their impact upon equipment reliability. For example, electronic parts with identical part numbers may be purchased from a variety of suppliers. While these items are "electrically interchangeable," there may be significant design, material and manufacturing differences between them. Derating helps to compensate for these differences.

Unless specially selected premium parts are specified, parameter deviation from the reported mean value is significant for many parts. While design engineers try to anticipate the various electrical and environmental extremes to which the equipment may be subjected, derating can provide an additional "margin of safety" if there is a failure to properly anticipate the impact of all of these variations. Also, parts and their associated critical parameters are not completely stable over their entire life. Proper derating will help assure circuit operation in spite of these part parameter changes.

It is also imperative that part derating be cost effective. If derating is excessively conservative (e.g., lower than necessary part stresses are applied) costs rise severely.

At optimum derating, a rapid increase in failure rate is noted for a small increase in temperature or stress. There is usually a practical minimum to derating. Below some minimum stress level, circuit complexity increases drastically, offsetting any reliability gain achieved by further derating. MIL-HDBK-217 provides data on failure rate vs. stress level for most types of electronic parts. This data is used to determine reliability improvement achieved by derating. For mechanical parts, unfortunately, this type of data is not readily available.

## 3.1.3 Failure Mode, Effects and Criticality Analysis

Failure Mode and Effects Analysis (FMEA) is the first half of a reliability procedure which helps identify and document potential failures in a system using specified ground rules. It determines, by failure mode analysis, the effect of each failure on system operation and identifies single failure points (i.e., those failures which are critical to mission success). The Criticality Analysis (CA), the second half of the FMECA, ranks each failure according to the criticality of failure effect and its probability of occurrence.

In performing the analysis, each failure studied is considered to be the only failure in the system (i.e., a single failure analysis). The FMEA can be accomplished without a CA, but a CA requires that critical failure modes be identified for items in the system. When the two are combined, the total process is called a Failure Mode, Effects and Criticality Analysis (FMECA). This is the essence of Task 204 "Failure Mode, Effects, and Criticality Analysis" in the systems reliability management specification MIL-STD-785. Detailed procedures for performing both the FMEA and the CA are found in MIL-STD-1629. Failure mode distribution data for many different types of parts may be found in RAC publication FMD-91.

FMEA utilizes inductive logic in a "bottom up" approach. It begins at the lowest level of the system hierarchy, (i.e., component part), and using a knowledge of the failure modes of each part, traces it up through the system hierarchy to determine the effect that each failure mode will have on system performance.

This approach contrasts with a Fault Tree Analysis (FTA) which utilizes deductive logic in a "top down" approach. In FTA, a system failure is assumed and traced down through the system hierarchy to determine the event, or series of events, that could cause such a failure.

A FMEA provides:

- 1) A method of selecting a design with a high probability of operational success
- 2) A documented uniform method of assessing failure modes and their effects on the operational success

36

- 3) Early visibility of possible system interface problems
- 4) A list of possible failures which may be ranked according to the seriousness of their effect and the probability of their occurrence
- 5) Identification of single failure points critical to mission success
- 6) Early criteria for test planning
- 7) Quantitative, uniformly formatted input data to the reliability assessment, and safety models
- 8) A basis for design and location of performance monitoring and fault sensing devices and built-in test (BIT)
- 9) A tool to aid in evaluation of proposed design, operational, or procedural changes and their impact on mission success.

Detailed knowledge of the parts used in each "black box" which make up the system is necessary. Thus, a FMEA starts at the "black box" level and is expanded as more detailed knowledge becomes available.

The principles of FMEA are straightforward and easy to grasp but the practice of FMEA is tedious and time consuming but it is very amenable to automated analysis tools. The bookkeeping aspects, namely, the tracking of each item and its place in the hierarchy, are very important because mistakes are easy to make.

The FMEA provides a documented analysis for all critical components of a system. However, definitions of failure at the system, subsystem, and sometimes even part level must first be established. An FMEA begins in parallel with the start of detailed design and is updated periodically throughout the development program as dictated by design changes.

To perform a FMEA, a symbolic logic block diagram (i.e., a reliability block diagram) is first constructed. This diagram is developed for the entire system to indicate the functional dependencies among the elements of the system and to define and identify its subsystems. It is not a functional schematic or a signal flow diagram, but a model for use in the early analysis to point out weaknesses.

Then a failure effect analysis is performed for each block in the symbolic logic block diagram, indicating the effect of item failure on the performance of the next higher level on the block diagram. This analysis, takes into account failure modes such as: open circuits, short circuits, dielectric breakdowns, wearout and part-parameter shifts. Finally, a list of critical items is compiled.

A FMECA is effective in determining many of the significant details which may not otherwise be determined by separate, individual studies. Like other design tools, the FMECA has limitations. It is nothing more than a logical way of established "bookkeeping" which can be systematically analyzed for design reliability.

# 3.1.4 Fault Tree Analysis

Fault Tree Analysis (FTA) is a graphical method of risk analysis used to identify critical failure modes within a system or equipment. Utilizing a pictorial approach, it identifies critical faults in constituent lower level elements and determines which failure modes at one level produce critical failures at a higher level in the system. The technique is particularly useful in safety analysis where the block diagraming discipline helps to prevent oversights.

As mentioned in Section 3.1.3, the FMEA is considered to be a "bottom up" analysis, whereas FTA is a "top down" analysis. FMEAs and FTAs are complimentary and basically equivalent methods of risk analysis. The choice between the two methods depends on the nature of the risk to be evaluated. There are important differences, however, between the two techniques. A major advantage of the FTA is its ability to address human errors which the FMEA can not.

FTA is based upon deductive reasoning (i.e., reasoning from the general to the specific). A specific fault is postulated and then attempts are made to find out what modes of system or component behavior contribute to it. This is often referred to as the "Sherlock Holmes" approach. Holmes, faced with given evidence, had to reconstruct the events leading up to the crime. All successful detectives and fault tree analysts must be experts in deductive reasoning.

FTA focuses on one particular undesired event at a time determining all possible causes of that event. The undesired event is the top event in that specific fault tree. It is generally a catastrophic failure rather than a degraded failure. Careful definition of the top event is extremely important to the success of the analysis. If the top event is too general, the analysis becomes unmanageable; if it is too specific, the analysis does not provide a sufficiently broad view of the system.

The deductive nature of the FTA requires greater skill on the part of the analyst than a FMEA. A FTA is particularly useful in studying highly complex functional paths in which the outcome of one or more combinations of noncritical events may produce an undesirable critical event. Typical FTA candidates are functional paths or interfaces which could have a critical impact upon safety, either of the general public or operating and maintenance personnel, or the probability of producing an error-free command in an automated system with a multiplicity of redundant, overlapping outputs.

The fault tree provides a concise and orderly description of the various combinations of possible occurrences within the system which can result in a predetermined critical output event. Performance of an FTA requires considerable engineering time and the quality of the analysis is only as good as the validity of input data and the accuracy of the fault tree logic.

A FTA can be applied in the early design effort, and then progressively refined and updated as the design evolves to track the probability of an undesired event. Initial fault tree diagrams might represent functional blocks (e.g., units, equipments, etc.), becoming more definitive at lower levels as the design matures in the form of specific parts and materials.

# 3.1.4.1 Fault Tree Construction

The fault tree is a graphic model of the various parallel and sequential combinations of faults that will result in the occurrence of the pre-defined undesired event. Faults can be events associated with component hardware failures, human errors, or any other pertinent events which can lead to the undesired event. A fault tree depicts the logical interrelationships of basic events that lead to the undesired event (i.e., the top event of the fault tree).

A fault tree does not address all possible system failures or all possible causes of system failure. It focuses on one top event, that corresponds to a particular system failure mode. Thus it contains only those faults that contribute to that top event. The faults are not exhaustive; they cover only the most credible faults as assessed by the analyst.

A fault tree may be viewed as a complex of logic gates which serve to permit or inhibit the passage of a fault up the tree. The gates show the relationships of events needed for the occurrence of the "higher" event. The higher event is the output of that gate, the lower events are the inputs. The gate symbol denotes the type of relationship between the input events and the output event.

The symbols used in a fault tree are illustrated in Figure 7. They show basic functional relationships in the block diagrams and are used to build the equivalent fault tree diagrams depicting successful operation.

Fault tree construction requires a functional block diagram which clearly indicates the paths in which the critical failure mode to be circumvented or eliminated is located. Furthermore, it defines the critical failure mode in terms of the system-level malfunction or symptom to be avoided.

The fault tree logic diagram is then constructed relating all possible sequences of events whose occurrence would produce the undesired events identified in the functional block diagram. The fault tree depicts the paths that lead to each succeeding higher level in the functional configuration.

Fault trees must consider the time sequencing of events and functions during the specified mission profile. This is done for each functional path or interface within the reliability model. Often the operational sequence involves one or more changes in hardware configuration, functional paths, critical interfaces, or application stresses. If so, it may be necessary to construct a separate fault tree for each operating mode, function, or mission event in the mission sequence.

Construction of the tree itself is the most difficult portion of the task. The accuracy of the fault tree is entirely dependent upon the skill of the analyst. Unlike the parts list used in the FMEA, there is no means of checking to make sure that a significant potential failure contribution has not been overlooked. Due to the intuitive nature of fault tree construction, computer automation is of limited help. Fault tree construction requires the expertise of senior engineering personnel highly skilled in the art.

# 3.1.4.2 **Qualitative Evaluations - Cut Sets**

"Cut Sets" are commonly used in the analysis of fault trees. A "Cut Set" is any basic event or combination of basic events whose occurrence will cause the top event to occur. Finding the cut sets for a given fault tree is a simple but repetitious task. There are just two simple rules to follow:

- 1) An "AND" gate increases the size of a cut set .
- 2) An "OR" gate increases the number of cut sets.

The initial cut sets that the analyst derives, may not represent the simplest fault tree configuration. Therefore, the next step is to eliminate redundant items and reduce these cut sets to the "minimum cut set".

A minimal cut set is the smallest combination of events which will cause the top event to occur. A minimal cut set is the combination of primary events sufficient to cause the top event. This combination is the "smallest" combination in that all the failures must occur for the top event to occur. If any one of the failures in the cut set does not occur, then the top event will not occur (at least not by this combination).

The minimum cut set gives all the unique combination of component failures that can cause system failure. Qualitative importances give a "qualitative ranking" for each component with regard to its contribution to system failure. Common cause evaluations identify those minimum cut sets consisting of multiple components which, because of a common susceptibility, can all potentially fail due to a single failure cause. For qualitative evaluations, the minimum cut sets are obtained using Boolean reduction of the fault tree. The minimal cut sets are used not only in the subsequent qualitative evaluations but in all of the quantitative evaluations as well.



# FIGURE 7: FAULT TREE SYMBOLS

41

All fault trees consist of a finite number of minimal cut sets, unique for that top event. The one component minimal cut sets, if there are any, represent those single failures which will cause the top event to occur. Two-component minimal cut sets represent the double failures which together will cause the top event to occur. For any minimal cut set, all "n" components in the cut set must fail in order for the top event to occur.

## 3.1.4.3 **Qualitative Importances**

Minimal cut sets can give some idea of failure importance by ordering the minimal cut sets according to their size. Single-component minimal cut sets (if any) are listed first, then double-component minimal cut sets, then triple, etc. The failure probabilities associated with the minimal cut set decrease by orders of magnitude as the size of the cut set increases, thus ranking according to size gives a gross indication of the importance of that specific minimal cut set. For example, if individual component failure probabilities are on the order of 10, a single-component cut set will be on the order of 10, and a double-component cut set 10, a triple 10, etc. Component failure probabilities are generally different and depend on maintenance or testing intervals, downtimes, etc.; therefore, ranking of minimal cut sets according to size gives only a general indication of their importance.

### 3.1.4.4 <u>Common Cause Susceptibilities</u>

Primary failures do not necessarily have to be independent. A single, more basic cause may result in multiple failures which cause the system to fail. Multiple failures which can cause the system to fail and which originate from a common cause are termed "common cause" (or common mode) failures.

In evaluating a fault tree, we do not know which failures will be common cause failures; however, we can indicate the susceptibility that component failures may have to a common cause. By definition, the top event occurs (i.e., system failure) if all the primary failures in a minimal cut set occur. Therefore, we are interested only in those common causes which can trigger all of the primary failures in a minimal cut set. A cause which does not trigger all the primary failures in a minimal cut set will not by itself cause system failure.

To identify minimal cut sets susceptible to common cause failures we must first define common cause categories (e.g., general areas that can cause component dependence). Examples include: a common manufacturer, environment, energy sources (not usually explicitly shown in the fault tree), and human operator.

## 3.1.4.5 **Quantitative Evaluations**

Once the minimal cut sets are defined, probability evaluations can be performed for quantitative results. Quantitative evaluations are most easily performed in a sequential manner, first determining the component failure probabilities, then the minimal cut set probabilities, and finally the system (i.e., top event) probability. Quantitative measures of the importanco of each cut set and of each component can also be obtained in this process.

Quantitative results require additional models and data beyond that required for the qualitative evaluations. First, a failure probability model must be developed. This mathematical model of the fault tree is used to compute the probability of critical event occurrence based on the failure modes identified in the fault tree diagram.

Then fault and/or failure data is collected. Failure rates for most standard electronic and electromechanical parts are available from MIL-HDBK-217. When necessary, failure rate values for mechanical parts may also be obtained from sources such as, Nonelectronic Parts Reliability Data 1991, (NPRD-91), published by the Reliability Analysis Center.

Quantitative results include: (a) numerical probability of occurrence (b) quantitative importances of components and minimal cut sets, and (c) sensitivity and relative probability evaluation. The quantitative importances give the percentage of time that system failure is caused by a particular minimal cut set or a particular component failure. Sensitivity and relative probability evaluations determine the effects of changing maintenance and checkout times, implementing design modifications, and changing component reliabilities. Sensitivity evaluations also include error analyses to determine the effects of uncertainties in failure rate data.

Failure rate data for new parts and recently developed parts may not always be available. In such cases, it may be necessary to draw upon vendor data or to perform special studies to obtain such data. Other data needed may include failure mode distributions for critical parts, operating time, human error rates, etc.

Failure probabilities of the identified failure modes are determined (i.e., the probability of occurrence) for each event or failure mode identified in the model. Safety parameters can also be calculated using the previously derived models and failure data. Failure mode distributions are presented for many part types in RAC publication, Failure Mode/Mechanism Distributions, (FMD-91).

In the absence of complete, validated failure-rate and failure mode data for all inputs, a preliminary fault tree analysis can be performed using conservative estimates of failure rates for the critical failure modes. This preliminary analysis will identify those input values which have little effect, as well as those having a critical effect on system performance. The critical inputs can then be investigated later, in greater depth if necessary. Evaluation of the fault tree model may reveal that conservatively estimated values are sufficient to satisfy the performance goal.

# 3.1.4.6 Additional Reference Source

While there is no military standard or handbook addressing FTA, the RAC has recently published the "Fault Tree Analysis Application Guide" to assist the potential user in evaluating FTA requirements, procedural methods, analytical techniques, and other considerations applicable to performing a FTA. Guidelines are given to construct and evaluate a fault tree. Management considerations are also addressed. A tutorial approach is taken in the presentation of three detailed FTA examples.

# 3.1.5 Sneak Circuit Analysis

Sneak Circuit Analysis (SCA), Task 205 in MIL-STD-785, is used to identify latent conditions which may cause unwanted functions or inhibit desired functions within the system or equipment. A sneak circuit is defined as an unexpected path or logic flow within a system which can, under certain conditions, initiate an undesired function or inhibit a desired function. The sneak path may be due to hardware, software, operator actions, or combinations of these elements. Sneak circuits are not the result of hardware failure but they are latent conditions, inadvertently designed into the equipment, which can cause it to malfunction under specific operating conditions.

Types of sneak circuits include:

- Sneak Paths allow current or energy to flow along unsuspected paths or in unintended directions. A Sneak Enable Path initiates an undesired function or result under certain conditions, but not under all conditions. A Sneak Inhibit Path prevents a desired function or result under certain conditions, but not all conditions.
- 2) Sneak Timing causes a function to be inhibited or to occur at an unexpected or undesired time or in a conflicting sequence.
- 3) Sneak Indications are ambiguous or false displays of system operating conditions which may result in undesired actions being taken by an operator.
- 4) Sneak Labels are incorrectly or imprecisely labeled system functions (e.g., system inputs, controls, displays, buses, etc.) which may mislead a user, causing incorrect operation of the system.

SCA is a unique analysis tool. It must be performed on the actual "as-built" configuration. Functional, integrated, and system level schematics do not always properly represent the actual hardware construction. Detailed manufacturing and installation schematics must be used. Analysis from detail schematics is extremely difficult because so many details exist in these drawings that it becomes easy to miss

44

something. However, these schematics contain the basic data that must be used if analytical results are to be based on true electrical continuity.

# 3.1.5.1 <u>Topological Pattern Identification</u>

The initial task to perform SCA is to convert the detailed manufacturing schematics and wire list information into a Net-List. A net-list is a computer model that represents the interconnected nodes that make up each circuit. Output plots of node sets and other reports are then generated, enabling the analyst to sketch accurate topological trees. The reports provide complete indexing of every component and data point to its associated tree. This feature is used in crossindexing functionally related or interdependent trees, incorporating changes, and troubleshooting.

Next, the analyst identifies the basic topological pattern. As illustrated in Figure 8, there are five basic patterns: (1) single line (no-node) topograph, (2) ground dome, (3) power dome, (4) combination dome, and (5) the "H" pattern. One of these patterns or several in combination will characterize the circuitry in any given network tree.

Although a given circuit may appear more complex, closer inspection reveals that the circuit is actually composed of these basic patterns in combination. The sneak circuit analyst examines each node in the network tree, identifies the topographical pattern or patterns incorporating the node and applies the basic clues that have been found to typify sneak circuits involving that particular pattern.

## 3.1.5.2 <u>Clue Application</u>

Associated with each topological pattern is a specific list of clues to help identify sneak circuit conditions. The clue list provides a guide to possible design flaws that can occur in a circuit containing that topological configuration. The clue list consists of a series of questions that the analyst must answer regarding the circuit to ensure that it is sneak free.

The clue list for each successive topograph, becomes longer and more complex. The clue list for the "H" pattern includes over 100 clues. This pattern, because of its complexity, is associated with more sneak circuits than any of the other patterns. The possibility of current reversal in the "H" crossbar is the most commonly used clue associated with "H" pattern sneak circuits.

## 3.1.5.3 <u>Recent SCA Developments</u>

Although a powerful analytical tool, SCA is expensive and performed late in the design cycle after all of the design documentation is virtually completed. Subsequent design changes resulting from the SCA are difficult and costly to





Reliability Analysis Center (RAC) • 201 Mill St., Rome, NY 13440-6916 • 315-337-0900

46

implement. Therefore, SCA is usually limited to items and functions critical to safety or mission success or where other analytical techniques are ineffective.

This situation, however, has begun to change. Recent Air Force publications [References 1, 2, and 3] shed considerable new light on SCA techniques. They identify "sneak circuit design rules, functional guidelines and device guidelines" that can be addressed much earlier in the design phase. This new approach helps to significantly demystify SCA techniques and enables the SCA to become a much more cost effective reliability design tool.

This new approach is not intended to replace the historic SCA approach but rather to supplement it, to enable design engineers to be aware of conditions which may lead to sneak circuits and thus avoid them early in the design effort.

#### 3.1.6 Finite Element Analysis

Finite Element Analysis (FEA) is a computerized analysis technique used to predict an items mechanical response when the object is subjected to some internal or external loading or environmental disturbance. FEAs allow physical deflections, material stresses and material temperatures of complex objects to be predicted before the objects are fabricated and tested. A survey of historic applications of finite element analysis in the areas of structural mechanics, heat transfer, and fatigue and fracture mechanics to the prediction of life and/or reliability of electronic devices and printed circuit boards by academia, DoD and industry is found in [Reference 4].

There are many significant, and potentially fatal, failure mechanisms active in electronic equipment. Some of these are chemical in nature (e.g., corrosion); others are mechanical in nature (e.g., fracture or fatigue) and some of them are a combination of both chemical and mechanical (e.g., stress corrosion). The root causes of most equipment failure fall into one of these categories. Different modeling techniques have been devised to deal with each of these failure effects. Engineers can use a wide variety of modeling techniques to investigate the thermal and structural properties of equipments operating in many different environments.

Mechanical phenomena typically studied by engineers can be described by the laws of physics in terms of algebraic, differential, or integral equations relating various quantities. While most problems are not unduly difficult, their solution by exact methods of analysis is a formidable task. Two basic methods of modeling and analysis are generally described as either "closed form" or "numerical analysis techniques." Closed-form solutions are an easy and efficient form of "hand" calculation. Numerical methods (i.e., finite difference, finite element, boundary element, and statistical energy) enable engineers to analyze structures too complex for closed form solutions. The most common of these numerical techniques is the finite element analysis. Although this technique can successfully predict mechanical performance, the need also exists to extrapolate FEA results to a predicted life, time-to-failure or probability of failure. The latest developments in FEA technology relate to the interfacing of the results of FEA to reliability, or life prediction methodologies.

FEA simulation cannot address all possible failure mechanisms and improper fabrication procedures. However, design evaluations and reliability assessments of electronic equipment from a heat transfer, mechanical integrity and strength of materials perspective is achievable given the proper geography, material, boundary conditions, loading, and strength information.

In a finite element analysis, mechanical systems and structures are represented by a discrete grid of node points interconnected by various types of structural elements forming a finite element. The complete solution is then obtained by combining the individual elements into an idealized structure for which the conditions of equilibrium and compatibility are satisfied at the nodes of the elements. In finite element analysis, the assumed displacement fields within a finite element are assumed, by the use of energy theorems, to derive a stiffness matrix relating the nodal forces to the nodal displacements of the element. As the equilibrium conditions are applied at each node, a set of simultaneous equations can be assembled and subsequently solved for all the displacements in the structure.

All of the exact material properties needed as inputs to finite element analysis programs may not be available. Therefore, in these cases, approximations are necessary (e.g., properties for representative materials might be used instead of actual materials). For example, materials sized at the dimensions of electronic devices do not necessarily behave as materials sized at bulk level dimensions.

Mechanical failure mechanisms which may require attention in the reliability analysis of electronic equipment include: deformation, fatigue, creep, st s relaxation, ductile and brittle fractures, and buckling.

One group of mechanical failure mechanisms that are extremely important to electronic equipment reliability and which lends itself to finite element analysis is that of solder joint failures. This is especially compelling in an aircraft environment where the equipment is subjected to more severe vibration and temperature cycling than that experienced in a normal ground environment. Two important life limiting failure modes of solder connections are those of thermal fatigue and creep.

## 3.1.6.1 <u>Fatigue Life Prediction</u>

To determine the fatigue life of a structure, a finite element analysis is first used to compute the deformation which occurs during vibration and/or temperature changes. Deformation results in stresses which can exceed the strength of the material and cause a short fatigue life. The fatigue life of structures subjected to

Reliability Analysis Center (RAC) • 201 Mill St., Rome, NY 13440-6916 • 315-337-0900

bending or axial loads is dictated by the principal stress. Once the appropriate stress information has been obtained from the finite element analysis, the number of stress cycles which can be sustained by a material can be determined with a fatigue analysis.

#### 3.1.6.2 <u>Creep and Stress Relaxation</u>

Under a constant force, materials such as solder deform with time, or creep. Under a constant displacement, the stress in solder relaxes with time. Stress relaxation can occur as follows. When electrical power is applied, the components and the printed circuit board heat up and begin to expand. With time, the temperature will reach a maximum. At this point, the stress induced by the thermal coefficient of expansion mismatch between the various elements will be at a maximum, as will the strain. If power remains on, the strain will remain constant, but the stress will begin to relax. This relaxation can take place quite rapidly. Creep can thus occur when a constant load is confined by a material, such as solder, eventually resulting in failure.

#### 3.1.7 Failure Reporting, Analysis and Corrective Action Systems (FRACAS)

A disciplined, aggressive closed loop Failure Reporting, Analysis and Corrective Action System (FRACAS) is essential in achieving satisfactory reliability and maintainability of complex industrial, commercial and military systems, equipment, and associated software.

FRACAS is a closed-loop management tool to identify and correct deficiencies in equipment and software and thus prevent further reoccurrence of these deficiencies. It is based upon systematic reporting and analysis of equipment failures and software faults during design, development, manufacturing, inspection and test. FRACAS provides management visibility and control for reliability and maintainability improvements by timely and disciplined utilization of failure and maintenance data to generate and implement effective corrective actions.

A closed-loop FRACAS assures that: 1) failures and faults are formally reported, 2) that analysis is performed to the extent that the failure cause is understood, and 3) that positive corrective actions are identified, implemented, and verified to prevent further recurrence of the failure and to simplify or reduce the maintenance tasks. An effective closed-loop FRACAS requires that information obtained during failure analysis be disseminated to all decision making engineers and managers on the program. Table 4 shows some of the specific objectives of FRACAS.

As shown in Figure 9, a typical FRACAS consists of fourteen steps:

(1) A failure is observed during some operation or test.

- (2) The observed failure is fully documented, including, as a minimum:
  - (a) Location of failure
  - (b) Date and time of failure
  - (c) Part number of the failed system/equipment
  - (d) Serial number of the failed system/equipment
  - (e) Model number of the failed system/equipment
  - (f) Observed failure symptoms
  - (g) Name of the individual who observed the failure
  - (h) All significant conditions which existed at the time of the observed failure
- (3) Failure verification (i.e., reconfirmation of the validity of the initial failure observation).
- (4) Failure isolation (i.e., localization of the failure to the lowest replaceable defective item within the system/equipment).
- (5) Replacement of the suspected defective item with a known good item and retest of the system/equipment to provide assurance that the replacement item does in fact correct the originally reported failure.
- (6) Retest of the suspect item at the system/equipment level or at a lower level to verify that the suspect item is indeed defective.
- (7) Failure analysis of the defective item to establish the internal failure mechanism, or mechanisms, responsible for the observed failure or failure mode.
- (8) A search of existing data to uncover similar failure occurrences in this or related items (i.e., establishing the historical perspective of the observed failure mode/failure mechanism).
- (9) Utilizing the data derived from steps 7 and 8, determine the antecedent or root cause of the observed failure.
- (10) Determine the necessary corrective action; design change, process change, procedure change, etc. to prevent future failure recurrence. The decision regarding the appropriate corrective action should be made by an interdisciplinary design team.
- (11) Incorporation of the recommended corrective action into the original test system/equipment.

# TABLE 4: OBJECTIVES OF A FRACAS PROGRAM

- 1) Assess Historical Reliability Performance
- 2) Identify Patterns of Equipment/Part Deficiencies
- 3) Provide Engineering Data for Corrective Action
- 4) Develop Statistical Data for:
  - Part Failure Rates and Equipment Downtime
  - Part Selection Suitability Criteria
  - Part Application Reviews
  - Future Designs and Design Reviews
  - Product Improvement Programs
  - Spares Provisioning
  - Life Cycle Costing
- 5) Develop Contractual Conformance Data
- 6) Provide Warranty Information
- 7) Furnish Safety and Regulatory Compliance Data
- 8) Possible Assessment of Liability-Claim Information



# FIGURE 9: CLOSED LOOP FAILURE REPORTING AND CORRECTIVE ACTION SYSTEM

- (12) Retest of the system/equipment with the proposed corrective action modification incorporated.
- (13) After suitable retest and review of all applicable data, establish the effectiveness of the proposed corrective action.
- (14) After the effectiveness of the proposed corrective action has been proven, the corrective action is then incorporated into the deliverable systems/equipment.

A single FRACAS system cannot be mandated for all programs. There are pragmatic limits to the resources in time, money and engineering manpower to expend on an analysis of a particularly complex failure or the implementation of preferred corrective action. Therefore, FRACAS must be tailored to the unique limits of a given program. These limits are determined by the criticality classification of the system and/or equipment as well as available technology and resources. Primary cost drivers for FRACAS are: the extent and the depth of failure reporting (applicable to FRACAS), and the depth of the failure analysis performed. "Extent of failure reporting" is determined by the number of different inspection and test functions to be included in the FRACAS requirement. Decisions regarding the extent of failure reporting are based upon the potential benefit to the failure recurrence control effort considering existing program constraints. "Depth of failure reporting" is determined by the lowest level of assembly to be included in the failure reporting requirement. "Depth of failure analysis" refers to the extent to which failure analysis is performed to establish the root cause of the failure.

Acquisitions of certain critical (expensive and complex) systems and equipments may also require a separate Failure Review Board (FRB) to be established to oversee the effective functioning of the FRACAS. A FRB provides increased management visibility and control of the FRACAS.

In contrast to the FRACAS, the FRB usually consists of higher level management personnel who possess the authority necessary to set priorities, establish schedules, assign specific responsibility and authorize adequate funding to ensure the implementation of any necessary changes when dealing with complex and difficult problems.

# 3.1.7.1 DoD FRACAS Requirements

FRACAS is an explicit reliability task delineated in most major DoD system and equipment procurements. This requirement is documented in MIL-STD-785, "Reliability Program for Systems and Equipment Development and Production;" and specifically in Task 104, "Failure Reporting, Analysis and Corrective Action Systems;" and Task 105, "Failure Review Board." Detailed requirements for the performance of FRACAS are contained in MIL-STD-2155, "Failure Reporting, Analysis and Corrective Action System."

Additional details regarding FRACAS may also be found in MIL-HDBK-338, "Electronic Reliability Design Handbook," Volume I, Section 8, "Reliability Data Collection and Analysis, Demonstration and Growth," and Volume II, Section 9, "Failure Reporting and Analysis."

## 3.1.7.2 FRACAS in Industry Applications

Regardless of how the reliability function is organized and how many other reliability tasks performed, a formal failure reporting, analysis, and corrective action system is strongly recommended. This applies whether the company is military, space, industrial, or commercially oriented. From an information point of the management point of the management point of view, failure reporting, analysis, and corrective action is vitally important to virtually any program.

The International Electrotechnical Commission Publication (IEC) Publication #362 "Guide for the Collection of Reliability, Availability, and Maintainability Data from Field Performance of Electronic Items," and the American Society for Quality Control (ASQC) Booklet, "A Reliability Guide to Failure Reporting, Analysis, and Corrective Action Systems," specifically document FRACAS criterion in a nonmilitary application environment.

# 3.2 Maintainability Program

As with reliability, for most DoD related programs, the maintainability program requirements are derived from a single military standard, MIL-STD-470, "Maintainability Program For Systems and Equipment." These tasks are described in this standard with guidelines for tailoring maintainability tasks to the needs of a specific program. Table 5 illustrates all MIL-STD-470 maintainability program tasks.

In some cases, however, one must turn to additional more detailed standards and handbooks to derive sufficient information to actually complete the applicable task. Some of these detailed standards and handbooks are specifically referenced in MIL-STD-470, others are not.

# 3.2.1 Maintainability Prediction

Maintainability prediction facilitates an early assessment of a given design. It enables decisions to be made concerning the compatibility of a proposed design with specified requirements, and helps identify design alternatives. It is also done to estimate the various maintainability parameters and requirements of the system/subsystem/equipment and to determine whether the required maintainability can be achieved with the proposed design within the prescribed support and personnel/skill requirements.

Initial predictions are performed early to determine the feasibility of the maintainability requirement. They are continually updated during design, development and production phases to determine and assure maintainability attainability. Maintainability predictions are important in providing engineers and management with quantitative maintainability information for day-to-day activities.

The maintainability predictions highlight those areas of poor maintainability which justify product improvement, modification, or design change. They also permit the user to make an early assessment of whether the predicted downtime, the quality and quantity of maintenance personnel, special tools and test equipment are adequate and consistent with the needs of system operational requirements and maintenance scenario.

MIL-HDBK-472, "Maintainability Prediction" facilitates the design, development, and production of equipment and systems requiring a high order of maintainability

|      |                                 |              | PROGRAM PHASE |                       |         | Task    |                                   |
|------|---------------------------------|--------------|---------------|-----------------------|---------|---------|-----------------------------------|
| TASK | TITLE                           | TASK<br>TYPE | Concept       | Valid                 | FSED    | PROD    | Feasibility<br>in CE<br>Framework |
| 101  | Maintainahilitu Brogram         | MGT          | NA            | G(3)                  | G       | G(3)(1) | X                                 |
| 101  | Maintainability Program<br>Plan | MGI          | INA           | G(3)                  | 0       | GGAN    |                                   |
| 100  |                                 | MGT          | NA            | s                     | G       | G       | x                                 |
| 102  | Monitor/Control of              | MGI          | INA           | 5                     | 6       | LC .    | ^                                 |
| 100  | Subcontractors and Vendors      | MGT          | s             | CON                   |         |         | v                                 |
| 103  | Program Reviews                 |              | 5<br>NA       | G(3)<br>S             | G       | G       | X<br>X                            |
| 104  | Data Collection, Analysis       | ENG          | NA            | 5                     | 6       | G       | ^                                 |
| 1.05 | and Corrective Action System    | NOT          |               | <b>C</b> ( <b>D</b> ) |         |         |                                   |
| 105  | Failure Review Board (FRB)      | MGT          | NA            | S(2)                  | G       | G       | X                                 |
| 201  | Maintainability Modeling        | ENG          | S             | S(4)                  | G       | C       | X                                 |
| 202  | Maintainability Allocations     | ACC          | S             | S(4)                  | G       | C       | X                                 |
| 203  | Maintainability Predictions     | ACC          |               | S(2)                  | G(2)    | c       | x                                 |
| 204  | Failure Modes, and Effects      | ENG          | NA            | S(2)(3)               | G(1)(2) | GC(1)   | x                                 |
|      | Analysis (FMEA)                 |              |               | (4)                   |         | (2)     |                                   |
|      | Maintainability Information     |              |               |                       |         |         |                                   |
| 205  | Maintainability Analysis        | ENG          | S(3)          | G(3)                  | G(1)    | C(1)    | x                                 |
| 206  | Maintainability Design          | ENG          | NA            | S(3)                  | G       | C       | x                                 |
|      | Criteria                        |              |               |                       |         |         |                                   |
| 207  | Preparation of Inputs to        | ACC          | NA            | S(2)(3)               | G(2)    | C(2)    | X                                 |
| 1    | Detailed Maintenance Plan       |              |               |                       |         | 1       |                                   |
|      | and Logistics Support           |              |               |                       |         |         |                                   |
|      | Analysis (LSA)                  |              |               |                       |         |         |                                   |
| 301  | Maintainability                 | ACC          | NA            | S(2)                  | G(2)    | C(2)    | x                                 |
|      | Demonstration (MD)              |              |               |                       |         |         |                                   |

# **TABLE 5: MIL-STD-470 APPLICATION MATRIX**

#### Task Type

| Program | <u>Phase</u> |
|---------|--------------|
|---------|--------------|

ACC - Maintainability Accounting

ENG - Maintainability Engineering

MGT - Management

S Selectively Applicable

G Generally Applicable

æ Generally Applicable to Design Changes Only -

NA - Not Applicable

Requires considerable interpretation of intent to be cost effective
 MIL-STD-470 is not the primary implementation document. Other MIL-STDs or Statement of Work requirements must be included to define or rescind the requirements. For example MIL-STD-471 must be imposed to describe maintainability demonstration details and methods.
 Appropriate for those task elements suitable to definition during phase.
 Depends on physical complexity of the system unit being procured, its packaging and its overall maintenance policy.

by assisting managers and design engineers with various maintainability prediction procedures. Through the use of this handbook, maintainability engineers, working on a new system development effort, can select and utilize the most applicable maintainability prediction procedure for a specific equipment or system.

The maintainability characteristics of systems and equipment can seldom be addressed by a single maintainability parameter as can the reliability characteristics. Therefore MIL-HDBK-472 contains five distinct maintainability prediction methods each of which addresses different maintainability parameters. It also has four

appendices which give repair time estimates and supporting mathematics and tables of distribution values.

All five maintainability prediction methods are dependent upon at least two parameters: a) the failure rates of the components at the specific assembly level of interest (obtained from the reliability prediction), and b) the repair time required at the maintenance level involved.

The five maintainability prediction methods described in detail in MIL-STD-472 are:

| Method I   | Flight-line Maintenance of Airborne Electronic and Electro-<br>mechanical Systems Involving Modular Replacement                                           |
|------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------|
| Method II  | Shipboard and Shore Electronic Equipment and Systems and Some Mechanical Systems                                                                          |
| Method III | Mean and Maximum Active Corrective Maintenance Down-<br>time and Preventive Maintenance Downtime for Air Force<br>Ground Electronic Systems and Equipment |
| Method IV  | Mean and/or Corrective and Preventive Maintenance Down-<br>time for Systems and Equipments                                                                |
| Method V   | Maintainability Parameters of Avionics, Ground and Shipboard<br>Electronics at the Organizational, Intermediate and Depot Levels<br>of Maintenance        |

Maintainability prediction procedures I and III are applicable solely to electronic systems and equipment. Procedures II and IV can be used for all types of systems and equipments. In applying Procedure II to non-electronic equipments, however, the appropriate task times must be estimated. Procedure V can be used to predict maintainability parameters of avionics, ground and shipboard electronics at the organizational, intermediate and depot levels of maintenance.

Tailoring of a maintainability prediction involves the planning and selection of specific maintainability parameters and the determination of the maintainability prediction method to be employed. Guidance for tailoring the requirements of MIL-HDBK-472 (i.e., the selection of specific maintainability parameters and the prediction method to be employed) are found in Appendix A of MIL-STD-470.

# 3.3 Reliability and Maintainability References

There are a variety of reliability and maintainability reference sources both in the International Electrotechnical Commission (IEC) specifications, published literature and in DoD specifications, standards and handbooks. A more complete compendium of the most germane DoD documents dealing with reliability, maintainability and related topics may be found in the RAC publication PRIM-92, "A Primer for DoD Reliability, Maintainability, Safety and Logistics Standards."

# 3.3.1 DoD Specifications, Standards, and Handbooks

Specific DoD specifications, standards, and handbooks reference within this document include the following:

| MIL-STD-470  | Maintainability Program Requirements For Systems and Equipments                                                 |
|--------------|-----------------------------------------------------------------------------------------------------------------|
| MIL-STD-472  | Maintainability Prediction                                                                                      |
| MIL-STD-721  | Definitions of Terms for Reliability and Maintainability                                                        |
| MIL-STD-756  | Reliability Modeling and Prediction                                                                             |
| MIL-STD-781  | Reliability Testing for Engineering Development,<br>Qualification, and Production                               |
| MIL-STD-785  | Reliability Program for Systems and Equipment<br>Development and Production                                     |
| MIL-STD-965  | Parts Control Program                                                                                           |
| MIL-STD-1629 | Procedures for Performing a Failure Modes, Effects, and Criticality Analysis                                    |
| MIL-STD-2155 | Failure Reporting, Analysis and Corrective Action System                                                        |
| MIL-STD-2165 | Testability Program for Systems and Equipment                                                                   |
| MIL-HDBK-217 | Reliability Prediction of Electronic Equipment                                                                  |
| MIL-HDBK-338 | Electronic Reliability Design Handbook                                                                          |
| MIL-HDBK-781 | Reliability Test Methods, Plans, and Environments for<br>Engineering Development, Qualification, and Production |

These documents are all available from:

Standardization Documents Order Desk, Building 4D 700 Robbins Avenue Philadelphia, PA 19111-5094

# 3.3.2 Other Source Documents

Parts Application and Reliability Information Manual for Navy Electronic Equipment, TE-000-AB-GTP-010, September, 1985

Derating Application of Parts for ESD Systems Development, ESD-TR-85-148, AD-A153-299

Eskin, D.J., et al., Reliability Derating Procedures, RADC-TR-84-254, AD-A153-268

Part Derating Guidelines, AFSC Pamphlet 800-27, 1983

Brummet, S.L., et al., Reliability Parts Derating Guidelines, RADC-TR-82-177, AD-A120-367

ASQC Booklet, "A Reliability Guide to Failure Reporting, Analysis, and Corrective Action Systems," (1977)

IEC Publication # 362, "Guide for the Collection of Reliability, Availability, and Maintainability Data from Field Performance of Electronic Items," (1971)

**RADC** Part Derating Guide Sliderule

Nuemann, G., Barthlenghi, G., et al., "Testability/Diagnostic Design Encyclopedia," RADC-TR-90-239

"Failure Mode/Mechanism Distributions," FMD-91, Reliability Analysis Center

"Nonelectronic Parts Reliability Data 1991," NPRD-91, Reliability Analysis Center

- 3.3.3 <u>References</u>
- [1] Miller, J., "Sneak Circuit Analysis for the Common Man", RADC-TR-89-223
- [2] "Integration of Sneak Circuit Analysis with Design," RADC-TR-90-109
- [3] "Automated Sneak Circuit Analysis Technique (SCAT)"
- [4] Followell, D.A., et al, (McDonnell Aircraft Company), "Computer Aided Assessment of Reliability Using Finite Element Methods," RL-TR-91-155

# SECTION 4 PRODUCTION CONSIDERATIONS

•

# 4.0 **PRODUCTION CONSIDERATIONS**

The recent gulf war vividly illustrated the critical role of electronics relative to modern weapons systems and our dependence upon the ability to produce these increasingly complex electronic assemblies economically and with the prerequisite level of reliability.

Within DoD the primary specification dealing with producibility is MIL-STD-727, "Design Guidance for Producibility." Unfortunately, since MIL-STD-727 was published radical changes have occurred in the way electronic equipment is designed, developed and manufactured. Computer-Aided Engineering (CAE) or Computer-Aided-Design (CAD) and Computer-Aided-Manufacturing (CAM) have become the norm and Computer-Aided Acquisition and Logistic Support (CALS) is a requirement in most new DoD contracts. Nevertheless, MIL-STD-727 still offers a wealth of information in many other areas regarding design for producibility.

## 4.1 **Producibility Engineering**

Producibility considerations can impact cost, schedule, risk, maintainability, supportability and conceivably even the performance of an electronic system. Hence, producibility is an important concern of the CE process. Producibility may be defined as the combined effect of those elements or "characteristics of the design" and those elements or "characteristics of its production planning," which enable the item to be produced, inspected and tested in the quantity required.

## 4.1.1 Specific Characteristics of the Design

"Specific Characteristics of the Design" refers to the fundamental design elements that describe form, fit, and function as they affect producibility. They include:

Specified Materials Simplicity of Design Flexibility in Production Alternatives Tolerance Requirements Clarity and Simplicity of the Technical Data Package

#### **Specified Materials**

Mechanical, physical and chemical properties usually constitute the primary decision criteria for selecting a material to satisfy the requirements of a design objective. These properties may facilitate or limit the selection of a manufacturing process because of their interrelationship with the factors of formability, machinability, joining, and heat or surface treatment. A design specifying only one material is constrained to the manufacturing process compatibility with that material. The design should allow for as many alternate materials as possible to broaden the number of potential manufacturing processes and to allow for the substitution of non-scarce or nonstrategic materials.

## Simplicity of Design

A complex approach to satisfying the design objective can result in extreme cost increases. Typically, such a design may exceed the fundamental requirements, thereby adding weight, increasing the cost to manufacture, and raising the cost of reliability, availability, and maintainability. It is very likely that a complex design will require additional cost and delivery time because of increased manufacturing and assembly cost.

#### Flexibility in Production Alternatives

Only in rare instances will just one material or manufacturing process satisfy the requirements of the design objective. More frequently, any one of several materials or processes will result in an acceptable product. The identification of alternative materials and processes will greatly enhance producibility by anticipating bottlenecks caused by a lack of material or process availability. Rarely should a design specify a manufacturing process. However, indirectly there are many ways for this to occur. Materials, tolerances, draft lines (in castings), relief angles (in forgings), and bend radii all have a direct impact on the selection of a manufacturing process. These are all factors of significant importance to producibility and should receive explicit attention during the design process by manufacturing engineering.

#### **Tolerance Requirements**

The specification of unnecessarily tight tolerances and surface roughness has a very detrimental effect on producibility. As tolerances and surface roughness become tighter, more specialized and expensive manufacturing operations are required. The intensity of the labor content of manufacturing processes rises as the tightness of tolerances and surface roughness requirements increase. These should be specified only to the minimum quality level absolutely essential to the design objective.

#### Clarity and Simplicity of the Technical Data Package

Reliability of the information conveyed by the Technical Data Package is of vital importance to the successful production of the design objective. Unclear or vague design information can be as detrimental to producibility as inaccurate information.

#### 4.1.2 Characteristics of Production Planning

"Characteristics of Production Planning" implies the total assessment of all available resources to accomplish the production requirements for a given design.

# These include:

Production Rate and Quantity Special Tooling Requirements Manpower Facilities Availability of Materials Production or Inspection Quantity Required

# **Production Rate and Quantity**

Planned production rates and quantities are the decision criteria for the establishment and sizing of secondary facilities for subassembly and final assembly. Errors in judgment can have a detrimental effect that can result in extremely high losses of time and money.

# Special Tooling Requirements

Special purpose tools are those required to adapt a general purpose machine to a special purpose requirement. They are frequently required in support of high-rate production and may occasionally be required in low-rate production also. Generally, the quality and cost of the tooling are in direct proportion to the production rate. Failure to plan for tooling requirements can idle an entire facility and have disastrous effects on producibility.

# <u>Manpower</u>

The availability of any unique labor skills is vitally important to any planned production.

# **Facilities**

The availability of unique facilities such as a five-axis numerical control machine, when they are the only manufacturing facilities capable of producing the component, is vital to the producibility of the component.

# Availability of Materials

This is an obvious critical element to the successful production of any component or product. The time phasing of material deliveries to coincide with the production schedule is a producibility-determining element. Good producibility planning should assure that material is not critical or geographically sensitive without also specifying an appropriate alternate material. Material Requirements Planning (MRP) and "Just-In-Time" are two modern methods for addressing this concern.

# Production or Inspection Quantity Required

High-rate production and inspection carry with them complete sets of criteria that are quite different than those of low-rate production and inspection. However, they both share the common design element interrelationships of form, fit and function, material selection, and manufacturing process selection.

A design planned for high-rate production must be configured, dimensioned, and toleranced in a manner consistent with the capabilities of high-rate production processes. Not all materials are compatible with high-rate production processes; consequently, care must be exercised to assure that the material selected is compatible with both high-rate production processes and the properties required by the design objective.

The ability to amortize production cost in high-rate production over a large number of parts provides many opportunities for producibility improvements. Low-rate production does not usually offer the same opportunities. However, the cost savings per improvement are usually greater in low-rate production due to its inherent labor intensive nature.

#### 4.2 Electronic Producibility Considerations

Radical changes have occurred in the last decade in the design, development and manufacture of electronic equipment. Computer Aided Engineering (CAE), Design (CAD) and Manufacturing (CAM) now play a significant role in the production of electronic equipment.

These changes have had a profound impact upon electronic equipment manufacturing science and upon the related producibility concerns. For example, MIL-STD-1840 (see Section 6) establishes the requirements for the automated interchange of technical information. Thus, the engineering drawings and specifications and other documentation which have historically been utilized in the manufacturing process are now being replaced with electronic workstations. The necessary technical data is now transmitted electronically, in digital form, from the designer to the manufacturing facility. With the advent of these digital databases and the real time transmission of data, the need for hard copy documentation is greatly diminished.

Whole Wafer Holographic Inspection techniques, the use of Very High Speed Integrated Circuit Hardware Description Language (VHDL) and high density electronic packaging concepts such as Flip-Chip processes and surface mounted components replacing through-hole connections are just some of the new manufacturing concepts that significantly impact electronic hardware producibility. Other recent technological changes in electronic state-of-the-art include:

- 1) The release of MIL-H-38510, for hybrid microcircuits, and MIL-I-38535, for monolithic microcircuits. These new specifications utilize a Qualified Manufacturing List (QML) approach, in contrast to the historic Qualified Part List (QPL). This change was essential to deal with Very High Speed Integrated Circuits (VHSIC) devices, Application Specific Integrated Circuits (ASICs) and other modern high complexity microcircuit devices.
- 2) The acceptance and use of Gallium Arsenide (GaAs), Microwave Monolithic Integrated Circuits (MMIC) and GaAs digital devices in military hardware.
- 3) Significant technological improvements in plastic encapsulated packaging of microcircuit devices and subsequent acceptance for use in ground benign and ground fixed military environments.

Modern production facilities and especially those in the electronics industry use a number of sophisticated analytical techniques such as: Statistical Process Control (SPC), Quality Function Deployment (QFD), Design of Experiments (DOE), Manufacturing Process Improvement (MPI) and Variability Reduction Program (VRP). These techniques pioneered by and/or adapted by organizations such as: USAF Manufacturing Technology, Wright-Patterson AFB, OH; the Navy Electronics Manufacturing Productivity Facility [Reference 1] in Indianapolis, IN and the Manufacturing Technology Information Analysis Center (MTIAC) [Reference 2] in Chicago, IL allow the control and optimization of the manufacturing process to a degree previously unobtainable. Also flexible manufacturing allows the economical production of small quantities of electronic assemblies without the customary accompanying decrease in quality.

# 4.3 Environmental Stress Screening

Environmental Stress Screening (SSS) is a procedure, or a series of procedures, specifically designed to ident eak parts, workmanship defects and other conformance anomalies so that eacy can be removed from equipment prior to delivery. ESS may be applied to parts or components, printed circuit boards, subassemblies, assemblies, or equipment (as appropriate and cost effective), to remove defects which would otherwise cause failures during higher-level testing or early field operation. ESS is a part of the manufacturing process.

Prior to implementation of any production screening, a successful ESS program requires careful planning by design, manufacturing and production engineering. It is important to remember that different screens are more beneficial than others depending on the item being screened and the indenture level of that item. Additionally, items that are to be procured by vendors or sub-contractors must have screening requirements for these items established prior to their procurement as

screening impacts costs. More importantly, screens must be in-line with system R&M performance goals. Mission critical systems typically require a more rigorous screening regime than non-critical systems. A carefully planned ESS program requires inputs from reliability, manufacturing, production and quality control engineering to assure optimum cost/performance benefits are realized.

Requirements for ESS can be found in: MIL-STD-785, "Reliability Program for Systems and Equipment Development and Production" specifically Task 301 Environmental Stress Screening (ESS); MIL-STD-781, "Reliability Testing For Engineering Development, Qualification and Production," specifically Task 401 Environmental Stress Screening (ESS); and MIL-HDBK-781, "Reliability Test Methods, Plans and Environments for Engineering Development, Qualification and Production."

ESS must not be confused with Production Reliability Assurance Test (PRAT). ESS employs accelerated environmental stimuli, less expensive test facilities, and is recommended for application to each and every production item. In contrast, PRAT is essentially a sampling plan which requires a realistic simulation of the life profile, more expensive test facilities, and is used to measure and verify the reliability of a product off the production line.

ESS is an emerging technology and there are various approaches associated with the application of stress screens. Regardless of the approach used, the fundamental objective of ESS remains the same (i.e. to remove latent defects from the product prior to field delivery).

Historically there have been two basic approaches to the employment of ESS. In one, the government explicitly specifies the screens and screening parameters to be used at various assembly levels. Failure-free periods are sometimes attached to these screens, as an acceptance requirement, in order to provide assurance that the product is reasonably free of defects. This approach is documented in MIL-STD-2164(EC).

# 4.3.1 The MIL-STD-2164 Approach to ESS

MIL-STD-2164(EC) establishes procedures and ground rules for the selection of the proper type of stress, the amount of stress, and the duration of stress or stresses to be used in the formulation of a cost effective environmental stress screening program for a specific item of equipment. It defines specific requirements for ESS of electronic equipment, including environmental test conditions, durations of exposure, procedures, equipment operation, actions taken upon detection of defects, and test documentation. The standard provides for a uniform ESS to be utilized for effectively disclosing manufacturing defects in electronic equipment.

The process described is applied to electronic assemblies, equipment and systems, in six broad categories as distinguished by their field application:

| CR | TA- | CE |
|----|-----|----|
|    |     |    |

| <u>Category</u> | Service/Application                                |
|-----------------|----------------------------------------------------|
| 1               | Fixed ground equipment                             |
| 2               | Mobile ground vehicle equipment                    |
| 3               | Shipboard equipment                                |
| 3A              | - Sheltered                                        |
| 3B              | - Exposed to atmospheric environments              |
| 4               | Jet aircraft equipment                             |
| 5               | Turbo-propeller and rotary-wing aircraft equipment |
| 6               | Air launched weapons and assembled external stores |

Appendix A of MIL-STD-2164(EC) describes the approach, ground rules and assumptions used to tailor the requirements of the specification. Specific goals to optimize times for pre-defect-free (PDF) and subsequent defect-free (DF) testing under environmental conditions, and to define ground rules and techniques for reduced testing and possible product sampling are given. Another purpose of the appendix is to present the background that led to the test times stipulated in the main body of the standard, and to define statistical plans for reduced testing and sampling options.

# 4.3.2 The DOD-HDBK-344 Approach to ESS

The second approach is to have the contractor develop and propose an ESS program, subject to the approval of the procuring activity, which is tailored to that product. This approach is found in DOD-HDBK-344 (USAF), "Environmental Stress Screening of Electronic Equipment" which provides guidelines for the contractor to assist in the development and establishment of an effective ESS program.

DOD-HDBK-344 is a complex document describing nine different ESS planning, monitoring and control procedures. It presents general techniques for planning and evaluating Environmental Stress Screening (ESS) programs. The guidance contained therein departs from other ESS approaches in that quantitative methods are used to plan and control both the cost and effectiveness of the ESS program. The quantitative methods extend the objective by focusing on the defects which remain in the product at delivery and their impact on field reliability.

The handbook is organized according to the general sequence of events to be undertaken by the contractor in planning, monitoring and controlling a screening program. Five detailed procedures are used to assist the user in accomplishing ESS planning and evaluation activities. The detailed procedures are as follows:

Procedure A - Part Fraction Defective - Air Force Action Plan R&M 2000 Goals and Incoming Defect Density

Procedure B - Screen Selection and Placement

Procedure C - Failure-Free Acceptance Test

Procedure D - Cost Effectiveness Analysis

Procedure E - Monitoring, Evaluation and Control

The product development phase is used to experiment with stress screens using an R&M 2000 initial screening regimen, and to then define and plan a cost effective screening program for production. Controls are then used to assure that the manufacturing process begins with electronic parts with fraction defective levels which are consistent with R&M 2000 Goals. After the screening program is implemented in production, stress screening results are used to evaluate the screening process to establish whether program objectives are being achieved.

Appendix A of DOD-HDBK-344 contains the mathematical relations and model descriptions used in the handbook. A review of Appendix A will assist the user in gaining a quick understanding of the rationale and methodology of the handbook. Appendix B provides the rationale used for establishing the quantitative goals related to reliability requirements for the product. Quantitative objectives for the screening program must be established early. Appendix C provides the derivation of the Failure Free Acceptance Test (FFAT).

Tailoring of ESS involves primarily the selection of the screening method utilized, the rigor with which this method is applied, the time duration of the applied stress and the applicability and length of a "failure free operation" requirement. DOD-HDBK-344(USAF) is written as a series of guidelines to assist the contractor in the development and establishment of a unique cost effective ESS program, thus tailoring is inherent in this approach.

# 4.3.3 Institute of Environmental Sciences

The Institute of Environmental Sciences (IES) [Reference 3] has been in the forefront of ESS investigations for many years and has published a number of pertinent documents in this field. The IES has also been influential in the development and coordination of a new DoD tri-service-approved guide for ESS which is planned for release in the near future.

# 4.4 Producibility References

Section references along with some contemporary potential sources of electronic design-for-producibility information include:

[1] Electronics Manufacturing Productivity Facility (EMPF) 714 North Senate Ave., Indianapolis, IN 46204

- [2] Manufacturing Technology Information Analysis Center 10 West 35th Street, Chicago, Illinois 60616
- [3] Institute of Environmental Sciences, 940 East Northwest Highway, Mount Prospect, IL 60056, Telephone: (708) 255-1561
- [4] DoD Directive 4245.7M, "Transition from Development to Production," 1985
- [5] NAVSO P-6071, Best Practices: How to Avoid Surprises in the World's Most Complicated Technical Process
- [6] Priest, J. W., "Engineering Design for Producibility and Reliability," Marcel Dekker, Inc., 1988
- [7] Matisoff, B.S., "Handbook of Electronic Packaging and Design," Nostrand-Reinhold, 1982
- [8] Bralla, J. G., "Handbook of Product Design for Manufacturing," McGraw-Hill, 1986

Reliability Analysis Center (RAC) • 201 Mill St., Rome, NY 13440-6916 • 315-337-0900

70

# SECTION 5 TESTABILITY CONSIDERATIONS

# 5.0 TESTABILITY CONSIDERATIONS

A properly designed circuit may be inadequate if it cannot be tested. Testability is the extent to which a system or unit design supports fault detection and fault isolation (FD/FI) within the bounds of specific time, confidence, complexity, and cost effectiveness limits. A system developed using Design for Testability (DFT) criteria will provide the necessary test points to facilitate the incorporation of Built-In-Test (BIT) and support Automated/External Test Equipment (ATE/ETE) to meet FD/FI requirements. Testability by design will achieve the required FD/FI goals and help to meet operational availability (Ao) within complexity and cost constraints. A design methodology utilizing DFT techniques to achieve a high level of testability must be considered early in the design phase.

The goal of testability by design is to assure that all levels of a system meet the four essential requirements of Initialization, Controllability, Observability, and Accessibility.

<u>Initialization</u> - The ability to initialize a system with external stimuli to the operating characteristics of the system. For digital systems, this includes being able to disable internal clocks.

<u>Controllability</u> - The ability to control system functions with external test stimuli, including clocks, and the ability to break up chains and feedback loops.

<u>Observab.'ity</u> - The ability to observe system functions through adequate test points (0-100%) using integrated diagnostics, (i.e., BIT/ETE/ATE/Manual test/etc.)

<u>Accessibility</u> - The ability to have 0-100% access to the unit's internal part structures and partitions, depending on mission requirements and limited test point placement.

The means by which DFT is implemented will require the ability to analyze the above characteristics for a given system to identify where improvements are necessary to provide adequate initialization, controllability, observability and accessibility. The analysis can take several forms depending on the type of system and the testability requirements. There are several tools and methods available to the analyst that will provide the necessary information needed to implement DFT principles. Reference [1] identifies and describes the most commonly used tools and gives some guidance on how they can be used alone or together, as in many instances, one tool or method may not sufficiently address all requirements.

# 5.1 Design for Testability Objectives and Requirements

The goals and objectives of any DFT program are to minimize the costs associated with testing for equipment malfunctions while maximizing system availability (Ao). More specifically, these objectives are met by using DFT techniques to help determine where functional test and condition monitoring are needed to assure Ao requirements, and what strategies (i.e., best mix of BIT/ETE/ATE etc. and optimum test performance sequence) are needed to maximize malfunction detection and isolation and decrease test times. In meeting DFT objectives, the benefits of lower Test Program Set (TPS) development costs and lower system life cycle support costs will more than outweigh the cost of implementation.

One of the keys to understanding DFT is to understand the basic requirements of testability. For DFT to be successful and most cost effective, it must be implemented at the earliest design stages. Early implementation will help to guarantee that adequate testability is an inherent part of the hardware design. Late incorporation of DFT usually generates extra costs and is less effective. This usually involves adding test points or fault flags to the existing design to compensate.

Program management must provide for active representation of testability concerns in all program life cycle phases. This is especially true because of the lack of governing testability standards, procedures or policy. This means that testability goals must be established and monitored and that an in-house testability program plan be developed and adhered to as part of the CE framework. Part of the program plan should be to evaluate the testability posture at the end of each development phase, before entering the next acquisition phase. This requires that, testability be tracked and demonstrated such that problems can be identified and corrected in a timely and cost effective manner similar to other assurance disciplines. Reliability and maintainability engineers need to work closely with both hardware and software designers to optimize the inherent testability of the design to reduce the number of design iterations and test patches.

Testability and DFT techniques should be applied at all hardware indenture levels and at all maintenance levels whenever possible or practical. To decrease test costs in production phases, testability should be considered in a bottom up approach. The bottom up approach will help to facilitate a top down look at testing that is required for operation and maintenance. The various testability tools can be implemented to facilitate a top down, bottom up or combined approach to testability analysis. It is important to remember that applying DFT at all levels of hardware indenture and maintenance will go a long way in maximizing system availability while minimizing test resource consumption.

# 5.2 Testability Program Monitoring and Control

The testability characteristics of a system are the direct result of the design of that system. Providing desirable supportable features that yield acceptable operational readiness and reduced operating and support costs can only result when sound engineering design principles are applied.

Although testability analyses are called for in some system procurements, there is currently no common standard, or handbook, that completely defines the methodology or tools to be used. MIL-STD-2165, "Testability Program for Electronic Systems and Equipment," is a good foundation as a testability standard, but does not adequately address testability analysis techniques and their applications. However, it does set requirements and establish guidelines for assessing the extent to which a system or a unit supports fault detection and fault isolation.

75

Testability program planning identifies and integrates all testability design management tasks required to accomplish the testability program requirements. It identifies testability design guides, analysis models and procedures to be imposed upon the design process.

The testability program plan is the controlling document that presents the overall test strategy including: operational checks, periodic on-line tests, and off-line test considerations. It also presents milestones to ensure that the final design achieves the required degree of testability. The plan includes mechanisms for the reporting of progress, problems, trade-offs, potential corrective actions, and enforcement of the proper use of testability design features by designers and subcontractors.

# 5.3 Testability Design and Analysis

Testability represents the extent to which a system or a unit supports fault detection and fault isolation in a confident, timely and cost-effective manner. System testability implementation generally includes the use of built-in-test (BIT). Adequate recognition of the need to design for testability requires early, systematic, attention to specific testability requirements, design approaches, analysis and measurement.

BIT is defined as an automated or semi-automated integral part of the operational system. BIT does not operate outside of the system environment. In its simplest form, BIT verifies the operational integrity of the system by detecting anomalous system operation and then assists the operator/maintenance person in isolating the fault to a specific replaceable assembly. To contrast the two concepts, testability is a necessary system attribute while BIT is the implementation of a specific design approach.

The qualitative and quantitative testability requirements depend upon operational requirements of the prime system. They are based upon optimization of the various testability requirements such as: BIT, ATE or manual test for system monitoring, and fault detection or isolation. They also optimize the mix of BIT/BITE/ETE and the maintenance shop organization to satisfy the established maintenance concept and the operational availability requirements. The qualitative and quantitative testability requirements affect safety, the quantity and skills of the operating and maintenance personnel, existing logistics constraints, deployment scenarios, environmental conditions and planned maintenance facilities.

Appropriate testability design concepts are to be incorporated into the design for each item in the system. The design analysis evaluates and assesses the system or the equipment's inherent (intrinsic) testability figure-of-merit. This assessment can be performed in accordance with the procedures described in Appendix B of the MIL-STD-2165 or as described in Reference [1]. The design is then modified as necessary to assure compliance with the established "Inherent Testability Figure-of-Merit" requirement, the principle numeric of interest early in the design effort.

Key elements include: a) analyzing hardware/software BIT features; b) documenting trade-offs made in selecting them; c) conducting a testability analysis of the projected design units under test (UUT) to determine the extent to which the recommended testability requirements and guidelines provided to the designers were incorporated into the design; and d) providing guidance for subsequent detailed design-for-testability.

Specific features must be incorporated into the system or equipment design to satisfy the testability performance requirements. Test effectiveness utilizing these features is then predicted for the system or equipment. Included is an analysis of all critical functions of the prime equipment to assure that they are exercised by testing to the extent specified. Analysis is also made of the test effectiveness of the BIT and off-line test. Failure modes are analyzed to obtain measures of observability and controllability. The two key elements are, a hardware failure analysis to analyze test effectiveness and a testability analysis model to analyze the inherent observability/controllability of the configuration.

An observability/controllability analysis is performed on each configuration item (potential UUT). The overall testing structure contains a hierarchy of analyses representing each of the levels of testing.

# 5.4 Tailoring a Testability Program

A single testability program is obviously not suitable for all programs. There are pragmatic limits to the resources in time, money and engineering manpower to expend on testability analysis. The testability program must be tailored to the unique aspects and limits of a given procurement based primarily upon the phase of the program. The individual tasks themselves must be tailored based upon the program phase. A given task will not always be carried out in the same manner. It will vary from one program to another and it will also vary within a given program depending upon the program phase. Appendix A of MIL-STD-2165 provides guidance in the selection and application of the various testability tasks.

#### 5.5 ANSI/IEEE Standard 1149.1 [Reference 2]

A recent new development in the field of testability is the promulgation and general industry acceptance of ANSI/IEEE Standard 1149.1, "IEEE Standard Test Access Port and Boundary-Scan Architecture." Boundary-Scan is a built-in technique for testing a completed printed-circuit boards - specifically the digital ICs and their interconnections. Its key feature is the insertion in every IC of small quantities of logic, called boundary-scan cells, between each pin and the chip circuitry to which that pin is normally directly connected.

During normal operation, data is passed between the pins and logic as if the boundary-scan cells were not there. When put into the test mode, however, they can be directed by a test program to pass data along a shift-register path, so that either the internal chip logic or external chip-to-chip connections can be tested. Using the Test Access Port (TAP) and boundary-scan techniques it is practical to put desired test sequences wherever they are needed making it possible to distinguish between testing the chips themselves and testing the connections between the chips.

ANSI/IEEE Standard 1149.1 defines a number of "tools" that may be built into ICs themselves to assist in the testing of printed-circuit boards and other assemblies, and gives details on how the tool set can be expanded to meet the needs of a particular chip design. The standard also defines a method of communicating test instructions and data from an external test processor to the various ICs on a board so the right combination of tools can be configured and used at each successive stage of testing. Four or five extra pins, over and above the normal pins are all that is required to add boundary-scan capability to virtually any digital IC in accordance with this standard. The standard also specifies a device identification registration that can be included in a chip design. In response to an identity code instruction, this 32 bit register loads 32 bits of data that identify the chip manufacturer, chip type and version in a pre-defined format. This data can then be shifted out of the circuit for examination.

A key goal of the standard's developers was that it should be extendable to meet a particular IC's requirements, provided certain basic rules are met. A number of IC makers are already producing ICs which incorporate boundary-scan and are also taking this opportunity to supply test and design support tools specific to their ICs.

Although the boundary-scan approach is not new, prior to the publication of this standard there was no uniform way to access Built-In-Self-Test (BIST) features. This need is becoming more important especially considering the recent DoD requirements for complex digital systems, which must guarantee their readiness by completing a high-quality self-test within tens of seconds after power-up.

While ANSI/IEEE Standard 1149.1 focuses on the chip level, a second standard is also currently being drafted to address the system level. IEEE Standard 1149.5, "Module Test and Maintenance Bus" defines a uniform method of communicating test, maintenance, and other support information between a system-level test processor and a module-level controller thus providing system level-test capability in addition to chip-level test.

# 5.6 Testability References

- [1] "RADC Testability Notebook," RADC-TR-189, June 1982, Section II, Task Reference Number V4B
- [2] ANSI/IEEE Standard 1149.1, "IEEE Standard Test Access Port and Boundary-Scan Architecture"
- [3] MIL-STD-2165 Testability Program for Electronic Systems and Equipments
- [4] Unkle, R., "Testability Design and Assessment Tools," CRTA-TEST, Reliability Analysis Center, December 1991
- [5] Maunder, C.M., Tulloss, R.E., "Testability on TAP," IEEE Spectrum, February 1992

# **SECTION 6**

# COMPLEMENTARY EFFORTS AND ACTIVITIES

# 6.0 COMPLEMENTARY EFFORTS AND ACTIVITIES

DoD Directive 5000.1, "Defense Acquisition," dated 23 February 1991, and DoD 5000.2, "Defense Acquisition Program Procedures," also dated 23 February 1991, (which replaces DoD Directive 5000.40, "Reliability and Maintainability,") require program plans submitted by DoD equipment contractors to provide for a systems engineering approach to the simultaneous design of the product and its associated manufacturing, test, and support process. Thus, these two latest DoD Directives fully support CE in DoD procurements.

# 6.1 Computer-Aided Acquisition and Logistics (CALS)

A very prominent Department of Defense (DoD) activity in a closely related area is that of Computer-Aided Acquisition and Logistics Support (CALS). CALS does not mandate the use of CE, but it strongly encourages the use of CE by establishing standards for Automatic Data Processing (ADP) hardware and software that are to be used within the DoD community.

CALS is a DoD and industry strategy to accelerate, the integration of digital technical information. The primary goal of CALS is the eventual delivery of DoD product design and support documentation via digital means rather than hardcopy.

CALS compliments CE by mandating the mechanisms and the protocols by which the electronic data transfer, so important to the effective functioning CE, are to take place. CALS will significantly impact the use of CE in all DoD contracting.

MIL-STD-1840, "Automated Interchange of Technical Information," and MIL-HDBK-59, "DoD Computer-Aided Acquisition and Logistic Support (CALS) Program Implementation Guide," are the two most prominent DoD specifications in the CALS hierarchy of documents.

# 6.2 MIL-HDBK-59 Requirements

MIL-HDBK-59 is the implementation guide for CALS. Its basic purpose is to assist acquisition managers in the transition from paper-intensive processes to digital data delivery and access. It also supports the structuring of contract requirements to achieve integration of various contractor automated capabilities for design, manufacturing, and logistics support. Specific objectives of CALS stated in MIL-HDBK-59 are:

a) To accelerate the integration of automated design tools (e.g. R & M tools) into contractor computer-aided design and engineering systems as a part of a systematic approach that simultaneously addresses the product and its life-cycle manufacturing and support requirements.

- b) To encourage the reduction and eventual elimination of data duplication and to accelerate the automation of contractor processes for generating weapon system technical data in digital form.
- c) To rapidly increase DoD's capability to receive, store, distribute and use system technical data in digital form to improve life-cycle maintenance, training, and spare parts reprocurement, and other support processes. The near term goal of CALS is the implementation of increased levels of interfaced, or integrated, functional capabilities, and specification of technical requirements for the delivery of technical data to the government in digital form. It attempts to achieve this by supporting the structuring of contract requirements to achieve integration of various contractor automated capabilities for design, manufacturing, and logistic support.

The longer term goal of CALS is the integration of industry and DoD databases to share common data in an integrated weapon system database. It is anticipated that all future contracts will require data deliverables to the government, be in digital form.

MIL-HDBK-59 sets forth the following time schedule and specific actions for the implementation of these goals:

- For systems entering full scale development or production before September, 1988 - Review specific opportunities for cost savings or quality improvements by changing paper deliverables to digital delivery using CALS.
- 2) For systems entering full scale development after September, 1988 Cost and schedule proposals are specifically required to address: a) the integration of technical information systems and processes, b) authorize government access to contractor databases, and c) delivery of technical data in digital form. These proposals are to be given significant weight for their cost and quality implications in source selection decisions.

Appendix A of MIL-HDBK-59 gives an overview of CALS strategies and requirements, as well as a list of federal and military standards, specifications, definitions, and acronyms related to CALS implementation.

Appendix B provides decision guidance and model contracting language for tailoring the wording of DoD Requests for Proposals (RFPs) and Contract Data Requirements Lists (CDRLs) to enable integrated preparation and delivery of, or access to, digitized data required for design, manufacturing, and support application.

Appendix C provides guidance for establishing RFP and CDRL requirements for integrating computer-based methods and supporting technologies to incorporate

reliability and maintainability engineering and logistic support analysis in computer-aided concurrent engineering environments.

Appendix D includes detailed guidance and technical information for establishing RFP and CDRL requirements for using physical media and telecommunication networks to deliver technical data in digital form, or to gain access to contractor data bases.

Appendix E provides guidance and model contracting language for tailoring RFP and CDRL requirements to ensure the integrity and confidentiality of CALS assets to the maximum extent practical within existing regulations, procedures, and technology.

#### 6.3 MIL-STD-1840 Requirements

The purpose of MIL-STD-1840 is to standardize the digital interface between organizations or systems exchanging digital forms of technical information necessary for the logistic support of weapon systems throughout their life cycle. This is an integral part of Computer-Aided Acquisition and Logistic Support (CALS) - the DoD and industry strategy to accelerate, the integration of digital technical information.

The standard addresses technical information such as training and maintenance manuals with their associated illustrations; production definition data, such as the engineering drawings and specifications which are part of the traditional technical data packages used for item acquisition; and, the evolving product data concept which provides for transfer and archival storage, of the product information necessary to the acquisition process, in a form directly usable by computer applications.

It standardizes the format and information structures of digital data files used for the transfer and archival storage of digital technical information. The format, information structures, and transfer procedures established therein are applicable in all cases where the information can be prepared and received in the form of ASCII text files, product definition data files, raster image files, or graphic files.

Some of the more germane topics addressed in the standard are:

| <u>Paragraph</u> | <u>Topic</u>                |
|------------------|-----------------------------|
| 4.1.1            | Document Types              |
| 4.1.2            | Product Data                |
| 5.1              | File Structure for Transfer |
| 5.2              | Media Options               |
| 5.3              | Packaging                   |
| 6.4              | Transfer of Textual Data    |

Appendix A to MIL-STD-1840, "Raster Data Requirements" - describes the requirements for the preparation of the files containing the raster form of illustration or product data and is a mandatory part of the standard for raster data applications.

# 6.4 Some Other DoD and/or Industry CE Initiatives

#### 6.4.1 <u>DICE</u>

DICE (Defense Advanced Research Projects Agency Initiative in Concurrent Engineering) is a government-industry consortium to encourage the practice of concurrent engineering in the US military and industrial base. (DARPA is the Defense Advanced Research Projects Agency.) DICE's mission includes developing, integrating, and disseminating technologies for use in the concurrent engineering community. The consortium's overall goal is to develop an architecture for concurrent engineering in which the people working on a project can instantly communicate with each other and access, share, and store up-to-date information in a transparent way, unhindered by geographic separation, organizational structure, product complexity, and incompatible tools, databases, and computing resources. It tries to simulate small-team interactions among people in large, dispersed organizations and give them the same freedom of interaction and information exchange as is enjoyed by a small team working in the same room.

A coalition of more than a dozen industries, software companies, and universities conducts DICE research for DARPA. West Virginia University's Concurrent Engineering Research Center (CERC) in Morgantown, WV plays a leading role among industrial laboratories and universities in developing generic services and it operates one of the principle vehicles for accomplishing DICE's mission: a concurrent engineering testbed. It also focuses on requirements management, an area relatively untouched to date by automation.

#### 6.4.2 CAD Framework Initiative

The CAD Framework Initiative (CFI) is a not-for-profit corporation with open membership committed to the development, publication, and adoption of interface guidelines for CAD systems. CFI was formed to create standards so that software packages from different vendors could effectively work together. The CFI Mission is "To create a free market model for engineering design and analysis (EDA) tools and their supporting framework environments, via development of framework guidelines that remove barriers to integration."

These packages are then able to transfer information because they have been adapted to work with the CFI procedural interface (PI). For example, they are able to read and write netlists in the format defined by the PI so the interface is able to move information between them. Related to this is the CAD Framework Laboratory (CFL). The CFL Mission is "To support the requirements of the CFL affiliates with regard to CAD framework standardization."

# 6.4.3 <u>RAMCAD</u>

Reliability, Availability and Maintainability in Computer-Aided Design (RAMCAD) is a two-phase development effort jointly funded by the Air Force and the Army. The overall purpose of RAMCAD is to increase weapon system support and readiness by integrating reliability and maintainability into the design process up-front. The first part of RAMCAD stresses the use of integrated software packages performing reliability, maintainability and supportability analyses on CAD workstations used for electronic, mechanical and structural design. The use of online computer-aided design tools promotes rapid assessment of the R&M characteristics of a design, allowing the designer to optimize supportability.

The second part includes conducting research into the use of artificial intelligence to aid in analyzing a design for various R&M attributes and suggesting ways to improve the design. This will provide the designer with push-button access to CAE and R&M tools right from his/her own CAD system for fast R&M review of the design. The intent of the RAMCAD efforts is to establish a cooperative effort between universities and industry to conduct research and development in these two areas.

# 6.5 Complementary Efforts and Activities References

- [1] Keene, S., "Software Reliability Directions," Reliability Review, ASQC, March 1991
- [2] The 5th Annual Leesburg Workshop, Reliability and Maintainability in Computer-Aided Engineering, Concurrent Engineering: Defining the Requirements, Ellicott City MD, Sept 30 - Oct 3, 1991
- [3] The 4th Annual Leesburg Workshop on R & M in Concurrent Engineering Leesburg VA, Oct 9 -11, 1990
- [4] Carver, G. P., "Concurrent Engineering Through Product Data Standards," National Institute of Standards and Technology, Manufacturing Engineering Laboratory Factory Automation Systems Division, Gaithersburg MD, May 1991, (NISTIR 4573)
- [5] Shumaker, G. C., "Integrated Product Development Program Strategy," Concurrent Engineering Office, Wright-Patterson AFB OH, July 1990

Reliability Analysis Center (RAC) • 201 Mill St., Rome, NY 13440 -6916 • 315-337-0900

# SECTION 7

# CURRENTLY AVAILABLE AUTOMATED TOOLS

# 7.0 REPRESENTATIVE CURRENTLY AVAILABLE AUTOMATED TOOLS

CE often emphasizes the extensive use of a variety of automated tools to assist the design team. Various automated tools are used by each of the different engineering specialities. Automated "expert systems" are often used to capture and apply accumulated knowledge and experience inherent in product design, test, and manufacturability or other engineering disciplines.

A large variety of software packages are currently available to assist the designer in accomplishing robust product design. A compendium of some of the currently available automated tools is presented in Reliability and Maintainability Software Tools (RMST-91) published by the Reliability Analysis C...., March 1991 and in Reference [1]. It should be recognized, however, that this is a very rapidly changing field and it is virtually impossible to maintain a completely thorough and up-todate listing of all of the available software products and their detailed capabilities at any given time.

Automated tools, such as these, can be used to greatly simplify necessary design, simulation and analysis tasks. At the same time, however, we should also be aware of and concerned with the major limitations of the various automated tools. Knowing when not to use a specific tool is as important as knowing when to use it.

When addressing these tools we should consider what common input data and what unique input data each tool will require, and what is involved in exchanging the necessary data between the various software packages. This is necessary because most of the automated tools available today were originally developed as "standalone" tools. They were developed independently by various software vendors to perform a specific task and were optimized to do that task well, with little regard to how the tool would interface with other automated tools (e.g., sharing common data and integration of the results of the tool's implementation into a complete and coherent design documentation package).

C.E. software tools can generally be grouped into the following major groups:

- 1. Electrical and Electronic Design Analysis Tools
- 2. Thermal Analysis Tools
- 3. Electromagnetic Design and Analysis Tools
- 4. Reliability Analysis Tools
- 5. Maintainability Analysis Tools
- 6. Mathematical or Graphical Analysis Tools
- 7. Testability Analysis Tools
- 8. Finite Element Analysis Tools

Student and evaluation versions of many programs are available at greatly reduced prices, thus giving the potential purchaser an opportunity to test out most

of the features of a given program or to compare various similar programs before making a major purchase commitment.

All of the following material related to computer analysis programs, software packages etc., and that are identified by acronym and/or vendor name is presented for information purposes only. The RAC does not endorse their specific use or attest to their quality.

# 7.1 Electrical and Electronic Design Analysis Tools

A decade ago, a typical analog or digital circuit designer worked at a desk doing the initial design work using pencil and paper and a hand held calculator. He then moved to the laboratory to build a breadboard circuit and verify its performance. Today most of this design effort is performed on an engineering workstation or personal computer using a variety of commercial software programs. Using these tools, the design can be executed more precisely in far less time.

# 7.1.1 Schematic Capture Packages

The most indispensable tool and the first automated tool which a designer will probably use is a schematic capture package. An ideal schematic capture program should perform three important functions. First, the tool should document the design by function (draw block diagrams) and by component (draw circuit diagrams). Second, it should provide a complete list of components needed for the design (a parts list), and show the functional interconnection of these components (generate a netlist). Finally, the tool should provide a means of creating the inputs subsequently needed by a circuit simulator so that the designer can test and troubleshoot the design before building any hardware.

Schematic capture tools enable the generation of netlists directly from the schematic and then allow direct printing of the schematics using standard ANSI characters. A netlist provides a narrative circuit description in terms of its structural elements and interconnections. Netlists are used as inputs to a variety of automated circuit analysis tools. Different packages can create netlists with various formats. Schematic capture tools usually contain a broad library of standard graphical part symbols and part attributes. They should also include circuit and symbol editors to allow for the creation of new symbols and definition of new part attributes as needed.

Most of the better schematic capture tools include some electrical rule checking capability and most of them use a mouse, trackball, or pointer to facilitate drawing and editing electronic symbols and circuits.

An example of a typical circuit and its applicable netlist is shown in Figure 10.



# FIGURE 10: EXAMPLE CIRCUIT AND APPLICABLE NETLIST

Some of the popular analog circuit simulation and analysis tools incorporate schematic capture as an integral function of the package possibly eliminating the need to purchase a separate schematic capture package.

Some popular schematic capture automated tools include:

OrCAD/SDT III by OrCAD

OrCAD 3175 N.W. Aloclek Dr. Hillsboro, OR 97124-7135 503) 690-9881 FAX (503) 690-9891

Schema III by Omation Inc.

Omation Inc. 1701 N. Greenville Ave. Richardson, TX 75081 (214) 231-5167

# 7.1.2 Analog Circuit and Digital Logic Simulation and Analysis Tools

In the early 1960s military requirements led to the development of mathematical simulation of  $\epsilon$ ...ctronic components (capacitors, semiconductors, etc.) to determine their response to pulsed X-Ray and gamma radiation. These simulation studies were later extended to small circuits to study their response to the same radiation conditions. This early work resulted in the first circuit analysis programs.

Most analog circuit simulators, in use today, trace their heritage back to the Simulation Program with Integrated Circuit Emphasis (SPICE) developed by the University of California at Berkeley in the early 1970s. Many different versions of SPICE are currently available for both IBM-compatible and Macintosh personal computers. Enhanced versions of SPICE capable of handling even larger circuits are also available for the more powerful engineering workstations.

One of the most important advantages that computer-aided design offers the designer is the ability to thoroughly check-out circuit performance before making breadboard units or other hardware commitments. Both analog and digital circuit simulators make it relatively easy for the designer to test alternative designs and correct design deficiencies or oversights without major expense early in the design phase. Analog and digital circuit simulators give the designer the capability to do real time circuit analysis.

At present, analog circuit and digital circuit analysis usually require different software packages. Although some packages claim to handle both types of analysis, the package is usually optimized for digital analysis or for analog circuit analysis, but not for both. Digital simulation packages provide the designer with a logic analyzer display while analog simulation provides an oscilloscope display. All major circuit simulation packages use netlists generated by schematic capture tools as their basic means of input. Circuit simulation packages also provide extensive libraries of component models and the model parameters needed to perform the analyses.

The availability and use of software tools to assist in circuit analysis has placed greater emphasis on appropriate circuit modeling. The accuracy of simulation results is no better than the accuracy of the model representing the circuit. There are two general types of models used by these tools: Physical models and Behavioral models.

<u>Physical models</u> attempt to replicate the individual elements in a device. Each component of a physical model is equivalent to a component of the device. These models are generally quite complex and require a significant amount of processing time (i.e., they run much slower on any given computer). They do provide accurate results for most (but not all) device parameters.

In contrast, <u>behavioral models</u> attempt to simulate the behavior of a device. This type of model consists of components which have no physical relationship to the device. These models generally require less processing time (i.e., they run faster on a given computer) and they also provide accurate results for most (but not all) device parameters.

The trend in industry today is towards the use of behavioral models rather than physical models for complex active devices. They produce sufficiently accurate results in considerably less time. The device manufacturer is frequently becoming the source for these models. Both types of models are usually based on typical device parameters and would have to be modified to represent worst case device parameters for certain analyses. Analog tools frequently use behavioral modeling to allow flexible definition of the component models or even entire circuit functions either by the use of a formula or look-up tables.

Most circuit simulation packages have the capability to perform a sensitivity analysis and either Worst Case or Monte Carlo analysis to account for component tolerances and environmental changes. Some packages also support mixed analog and digital circuit simulation, although they are optimized for either one type of circuit or the other but not both. This is can be an important consideration for circuits with tightly coupled feedback between the analog and digital sections.

Other analysis capability common to most of the better analog circuit simulation packages include: AC Sweep, DC Sweep, Noise, Transient Analysis, Fourier Analysis, Small Signal Transfer Function, Monte Carlo, and Worst Case Analysis. Ideally, all of these analyses should allow temperature conditions to be varied to illustrate its effect on the circuit.

A more extensive listing and detailed discussion of currently available automated analog and digital simulation software together with a detailed comparison between them may be found in Reference [1].

Examples of available analog circuit simulation and analysis packages include:

PSPICE by MicroSim Corp.

MicroSim Corp. 20 Fairbanks Irvine, CA 92718 (800) 245-3022 FAX (714) 455-0554

IsSpice by Intusoft

Intusoft P.O. Box 710 SanPedro, CA 90733-0710 (213) 833-0710 FAX (213) 833-9658 Examples of available digital circuit simulation and analysis packages include:

OrCAD/VST by OrCAD

OrCAD 3175 N.W. Aloclek Dr. Hillsboro, OR 97124-7135 (503) 690-9881 FAX (503) 690-9891

Schema Susie by Omation Inc.

Omation Inc. 1701 N. Greenville Ave. Richardson, TX 75081 (214) 231-5167

MICRO-LOGIC by Spectrum Software

Spectrum Software 1021 S. Wolfe Rd. Sunnyvale, CA 94086 (408) 738-4387

# 7.2 Thermal Analysis Tools

Proper thermal design is a very important consideration for robust, highly complex, electronic circuit designs. Historically, many reliability problems have been the result of poor thermal design. Some studies have shown that resources expended on optimizing the thermal design produce a higher return on investment than any other single design reliability technique. One factor contributing to the difficulty of proper thermal design is that typical parameter tolerances used in thermal design are much greater than typical electrical parameter tolerances.

Compared to reliability prediction tools for example, there are only a limited number of automated thermal analysis packages available to assist in the robust circuit design effort. Two important non-automated thermal design resources which designers should be familiar with are References [2] and [3].

Examples of available automated thermal analysis packages include:

PREVIEW by System Effectiveness Associates, Inc.

SEA 20 Vernon Street Norwood, MA 02062 (617) 762-9252

SAUNA by Thermal Solutions, Inc.

Thernial Solutions, Inc. 3135 S. State St., Suite 300 Ann Arbor, MI 48108 (315) 761-1956 FAX: (313) 761-9586

BETA Soft by Dynamic Soft Analysis, Inc.

Dynamic Soft Analysis, Inc. 213 Gugasuta Road Pittsburgh, PA 15215 (412) 781-3016

# 7.3 Electromagnetic Design and Simulation Tools

As engineers attempt to design devices that operate at higher frequencies and that are smaller, more efficient, precise, sensitive and reliable, while being less expensive, the need to reckon with field electromagnetic effects grows steadily in importance. The need for powerful automated analysis and simulation tools to address increasingly complex electromagnetic (EM) fields which all electrical devices emit is more prevalent than ever.

These automated tools help designers to visualize and manipulate EM fields and enable them to design modern complex products without building a physical prototype, extensively testing the prototype then redesigning the circuit as was formerly needed to accommodate unforeseen EM effects. Field simulation models also help to determine the impact of unforeseen changes during manufacturing due to variations in materials and facilities.

The phenomena that can be analyzed with field simulator tools vary immensely. Since electromagnetic fields behave quite differently at various frequencies, engineers designing devices may require particular features in their tools. Those working with static and low-frequency fields are often interested in capacitances and inductances. Designers of magnetic devices are often concerned with saturation. Engineers designing with high-frequency digital signals worry about return loss and the crosstalk between conductors.

Modern EM simulation tools are based upon either the finite-element or the boundary-element method of analysis. The basic idea of both of the methods is to divide the device to be simulated into a large number of small regions called finite elements and to represent either the field or the source of the field in each element with discrete variables. Interactive graphics and solid modeling procedures are used to enter complicated geometries. After the solid model is created, material properties such as the dielectric constant and the electrical conductivity are assigned to each object in the model.

Electromagnetic field simulation involves solving Maxwell's equations, which completely describe the behavior of electromagnetic fields. The finite-element method expresses these four equations in terms of differential equations, while the boundary-element method employs integral equations. The types of products that can be addressed by these powerful new automated EM tools are quite diverse and include: integrated circuits, printed-circuit boards, electromechanical devices, and high-voltage components. However, solving field problems is still relatively expensive, it is highly computation-intensive, thus either powerful workstations are required or computational time will be extensive.

With these tools, the designer can observe the EM effects of potential design changes without extensive laboratory tests and before any hardware is built. For example, designers can develop high-speed digital and radio-frequency/microwave products that function properly from the outset and they can do so in an increasingly cost-competitive environment. The newer packages also further assist the designer by offering direct links between the EM simulators and the ubiquitous SPICE circuit simulators. References [4] and [5] contain additional information regarding this topic and they also identify, describe and compare an extensive list of the currently available automated tools.

An example of an electromagnetic design and simulation tool is:

HSPICE by Meta-Software Inc.

Meta-Software 1300 White Oaks Rd. Campbell, CA 95008 (408) 371-5100, FAX (408) 371 5638

#### 7.4 Reliability Analysis Software Tools

There are a significant number of reliability analysis software packages currently available, the majority of them dealing with reliability prediction. However, more and more reliability and maintainability tasks are being automated by software vendors.

Many of the available reliability software packages allow the importation of netlist files and data files or specific data elements created by other software packages. Through data conversion utilities, input to reliability analysis software can be performed rapidly, resulting in expedited information processing. For example, schematic capture tools can extract the necessary data from the schematic drawings which then feed circuit simulation tools to compute component stress factors for voltage and power. These data elements, along with physical characteristic data such as component complexity, rated parameters and packaging information obtained from part libraries, can feed reliability prediction programs to yield part or assembly failure rates. The failure rates produced by the reliability prediction packages may then be used as inputs to FMECA, Maintainability Prediction and Testability tools. This data flow enables near real-time automated analysis of the design starting with the original schematic drawing files.

Some of the reliability and maintainability analysis packages illustrated herein may be compatible with automated tools already in use at a given facility. This feature alone could save hundreds of manhours on medium and large projects by significantly reducing data input time and errors. By intelligently procuring compatible analysis tools to develop an integrated, computer-aided engineering and design environment, reliability and maintainability analyses can effectively be performed early in the design phase.

Most of the various software vendors are moving toward providing open structures for their programs and data files to facilitate file importation and export. Other factors being equal, consumers should steer away from vendors who provide tools which operate only in a stand-alone manner.

It is important to remember when selecting a specific tool that reliability modeling and reliability prediction are separate and distinct tasks. This difference was explained and illustrated in section 3.1.1 dealing with MIL-STD-756. While the majority, if not all, of the available automated reliability prediction tools can model simple series system configurations, not all of them have the capability of modeling complex redundant equipment configurations and few, if any, can directly handle MARKOV modeling of nodal networks and fault tolerant systems.

# 7.4.1 Detailed Electronic Part Stress Analysis Reliability Prediction

There are two distinct types of detailed stress reliability predictions available: those based upon MIL-HDBK-217 which are applicable for all types of equipment operating environments (e.g., both military and non-military); and those predictions based upon something other than MIL-HDBK-217. This second type of prediction is usually based upon data gathered under more benign equipment operating conditions and hence is considerably more restricted in its application.

An exhaustive listing of available electronic part stress reliability prediction packages complete with the necessary hardware requirements may be found in Reliability and Maintainability Software Tools (RMST-91) published by and available from RAC.

# 7.4.1.1 MIL-HDBK-217 Based Predictions

MIL-HDBK-217 based prediction tools are by far the most prevalent. A small sampling of available electronic part stress reliability prediction packages based upon the MIL-HDBK-217 methodology include:

Reliability Prediction Program (RPP) by Powertronic Systems, Inc.

Powertronic Systems, Inc. P.O. Box 29019 New Orleans, LA 70189 (504) 254-0383

REAP (Reliability Effectiveness Analysis Program) by Systems Effectiveness Associates, (SEA) Inc.

SEA 20 Vernon Street Norwood, MA 02062 (617) 762-9252

RL ORACLE by Rome Laboratory (Available for DoD applications only)

Rome Laboratory (RL)/ERSR Attn: George Lyne Griffiss AFB, NY 13441-5700 (315) 330-3068

# 7.4.1.2 Non-MIL-HDBK-217 Based Predictions

The following electronic part stress reliability prediction programs are significantly different than the preceding programs in that they are not based upon the models contained in MIL-HDBK-217. Typically they are based upon failure data gathered from equipment operating in commercial or benign industrial operating environments. These models may be more suitable and preferable for relatively benign industrial and commercial applications. They are neither suitable for nor acceptable for DoD applications.

Bellcore ARPP by Bell Communications

Bell Communications Research, Inc. 290 W. Mt. Pleasant Ave. Livingston, NJ 07039-2729 (800) 521-2673 Belstress by Item Software Ltd. MGA, Inc.

Item Software Ltd. MGA Inc. 200 Baker Ave. Concord, MA 01742 (508) 369-5115

Relex CNET and Relex Calculus Simplifie's (based upon the French CNET Reliability Standard) by Innovative Software Designs, Inc.

Innovative Software Designs, Inc. One Kimball Ridge Court Baltimore, MD 21228 (301) 747-8543

# 7.4.2 Part Count Reliability Prediction

Reliability prediction programs are based upon the part count methodology found in MIL-HDBK-217, Appendix A are presented here. The part count method is useful during preliminary design phases when specific device types have not yet been determined. An exhaustive listing of available part count reliability packages complete with the necessary hardware requirements may be found in Reliability and Maintainability Software Tools (RMST-91) published by and available from RAC.

Some vendors offer both part stress and part count reliability prediction capability in the same software package. This feature allows the user to easily upgrade from a part count prediction to a part stress prediction as the design effort progresses without having to reenter all of the part data.

Examples of available part count electronic reliability prediction packages include:

PC RAP 217 by Prompt Software Company

Prompt Software Company 393 Englert Court San Jose, CA 95133 (408) 258-8800

Relex 217 Parts Count by Innovative Software Design

Innovative Software Designs, Inc. One Kimball Ridge Court Baltimore, MD 21228 (301) 747-8543 RPC Reliability Part Count Program by Powertronic Systems, Inc.

Powertronic Systems, Inc. P.O. Box 29109 New Orleans, LA 70139 (504) 254-0383

7.4.3 Mechanical Reliability Prediction

Mechanical reliability prediction programs are becoming available which appear similar in structure to the MIL-HDBK-217 methodology. However, these prediction programs are fundamentally different than the MIL-HDBK-217 methodology in that they are not based upon the Arrhenius temperature-related failure model.

Mechanical failure rate model development studies are ongoing and currently under the sponsorship of:

Computation, Mathematics and Logistics Department David Taylor Research Center Bethesda, MD 20084-5000

Caution is advised in considering the purchase of any mechanical reliability prediction program as the methodology which they use is not universally accepted. Users may require additional failure rate data beyond that which is supplied with the software.

Examples of available mechanical reliability prediction tools based upon the David Taylor Research Center models include:

MRP (Mechanical Reliability Prediction Program) by Powertronic Systems, Inc.

Powertronic Systems, Inc. P.O. Box 29019 New Orleans, LA 70189 (504) 254-0383

MECHREL (Mechanical Reliability Prediction Program) by Eagle Technology, Inc.

2300 S. Ninth St. Arlington, VA 22204 (703) 979-8300

100

# 7.4.4 Nonoperating Reliability Prediction

Non-operating failure rates are not currently included in MIL-HDBK-217 models. Nevertheless, non-operating failure rates are very important in some instances, particularly where equipment is subjected to extensive periods of storage. Nonoperating reliability prediction models are structured similarly to the operating models in MIL-HDBK-217 and are based upon an extensive study sponsored by RADC (now Rome Laboratory) Reference [6].

Available non-operating reliability prediction automated tools include:

RAC-NRPS by the Reliability Analysis Center

Reliability Analysis Center 201 Mill Street Rome, NY 13440 (315) 337-0900

DORMACALC IV by Sendrian Resources Corp.

Sendrian Resources Corp. 42 Lucas Ave. Newbury Park, CA 91320 (805) 499-7991

# 7.4.5 Failure Mode, Effects and Criticality Analysis (FMECA) Tools

Most, but not all, of the currently available FMEA/FMECA automated tools are based upon implementation of MIL-STD-1629, "Procedures for Performing a Failure Mode, Effects and Criticality Analysis." Precise bookkeeping is a very important element in ensuring the accuracy of any FMEA/FMECA. This bookkeeping feature is the major contribution which the automated FMECA tools have to offer. This feature becomes increasingly important as the complexity of the system grows.

Another added feature some software packages offer is the ability to output subassembly files to MIL-STD-1388 compatible Logistics Support Analysis Record (LSAR) databases. Reliability and Maintainability Software Tools (RMST-91) published by RAC and Reference [1] contain extensive listings of currently available automated FMEA/FMECA tools.

A sampling of automated FMEA/FMECA tools include:

Relex FMECA by Innovative Software Design

Innovative Software Designs, Inc. One Kimball Ridge Court Baltimore, MD 21228 (301) 747-8543

1629A FMEA/FMECA by Management Sciences, Inc.

Management Sciences, Inc. 6022 Constitution Ave. Albuquerque, NM 87110 (505) 255-8611

Failmode by Item Software Ltd. MGA, Inc.

Item Software Ltd. MGA Inc. 200 Baker Ave. Concord, MA 01742 (508) 369-5115

7.4.6 Fault Tree Analysis Tools

There is at present, no MIL-STD or MIL-HDBK documenting the methodology for performing a Fault Tree Analysis (FTA). Because of this and the intuitive nature of FTA, great variations exist between the available automated tools. Reliability and Maintainability Software Tools (RMST-91) published by RAC contains a more detailed listing of available automated FTA tools.

In considering the purchase of automated FTA tools it is important to distinguish between those tools which simply analyze an already constructed fault tree and those that are capable of assisting in construction of the fault tree. The majority of available FTA tools address only the analysis portion of the task. However, constructing the fault tree is a major portion of the effort. Therefore, tools that endeavor to automate both functions are preferred over those that address only one half of the total task.

Available automated fault tree analysis tools include:

IRRAS (Integrated Reliability and Risk Analysis System) by Idaho National Engineering Laboratory

Idaho National Engineering Laboratory EG&G Idaho, Inc.

Idaho Falls, ID 83415 (208) 526-9592

CAFA+ by SAIC

SAIC 5150 El Camino Real, Suite C-31 Los Altos, CA 94022 (415) 960-3322

Tree Master by Management Sciences Inc.

Management Sciences, Inc. 6022 Constitution Ave. Albuquerque, NM 87110 (505) 255-8611

#### 7.4.7 MARKOV Reliability Modeling Tools

MARKOV modeling is a powerful reliability analysis tool which allows the analyst to model complex fault tolerant systems that would otherwise be difficult to model with classical techniques. It is the most prominent method in use today for modeling the reliability (or unreliability) of fault tolerant systems. It is an extremely flexible method which can be used to model a wide variety of systems and is especially useful for modeling nodal networks and other complex system configurations not easily addressed by classical redundancy modeling.

The MARKOV technique simplifies the analyst's task by reducing the problem from one of mathematical computation to one of state modeling. It utilizes a simplistic modeling approach, but a more complex mathematical approach requiring computer assistance to perform the myriad of necessary calculations. Model reduction techniques also exist which yield relatively simple models with insignificant impact on model accuracy.

Typically the MARKOV technique consists of the following steps:

- 1. Define equipment states
- 2. Define transitions between states
- 3. Model formulation
- 4. Model reduction simplification
- 5. Mathematical solution

There is at present no MIL-STD or MIL-HDBK documenting the MARKOV methodology.

Currently available automated MARKOV modeling tools include:

MARKOV1 by Decision Systems Associates

Decision Systems Associates 746 Crompton Rd. Redwood City, CA 94061 (415) 369-0501

PC Markov by Management Sciences Inc.

Management Sciences, Inc. 6022 Constitution Ave. Albuquerque, NM 87110 (505) 255-8611

### 7.4.8 Failure Reporting, Analysis and Corrective Action System (FRACAS) Tools

The proper operation of FRACAS is documented in MIL-STD-2155, "Failure Reporting, Analysis and Corrective Action System." The purpose of automating FRACAS is to allow large volumes of data to be handled more efficiently, to facilitate rapid searching through the data to find similar incidents and recognize historical failure patterns in order to quickly and efficiently isolate and identify specific problems to be corrected. The intent of the automated FRACAS tools is to help organize and more effectively collect and utilize a companies own failure data in solving applicable equipment problems.

Available automated FRACAS tools include:

FRACAS by Management Sciences, Inc.

Management Sciences, Inc. 6022 Constitution Ave. Albuquerque, NM 87110 (505) 255-8611

FRACAS (Failure Reporting Analysis and Corrective System by Advanced Logistics Developments, Ltd.

Advanced Logistics Developments, Ltd. P.O. Box 679 Rishon Lezion, 75106 Israel 972-3 5566651

### 7.4.9 Automated Sneak Circuit Analysis (SCA) Tools

Although it is a potentially powerful analytical tool, SCA has not been widely used. It is expensive, and has historically been performed late in the design cycle after all of the design documentation was virtually complete. Subsequent design changes resulting from the SCA were then difficult and costly to implement. Thus SCA was usually limited to items and functions critical to safety or mission success or where other techniques were not proven to be effective.

There have been some important recent developments in SCA technology however. An interactive, expert system know as "SCAT" is now available to assist in identifying and eliminating sneak circuits and other design concerns. Using SCAT, analysis may be performed early in the design effort, at the assembly level rather than at the system level, to eliminate potential sneak circuits and reduce the need for a formal sneak circuit analysis. However, since SCAT is performed only at the assembly level rather than at the system level, it will not eliminate all sneak circuits and should not be considered as a replacement for formal Sneak Circuit Analysis.

Two items of ancillary software are required in order to run SCAT: OrCAD/SDT III - (See schematic capture section 7.1.1) and M. 1. - Expert System.

To obtain a copy of SCAT contact:

RL/RBER Attn: Edward Depalma Griffiss AFB, NY 13441-5700 (315) 330-2231

For the M. 1. Expert System contact:

Teknowledge Inc. P.O. Box 10119 Palo Alto, CA 94303 (415) 424-0500

#### 7.5 Maintainability Analysis Tools

The methodology for performing a maintainability prediction is documented in MIL-HDBK-472. The majority of the available maintainability prediction tools, however, implement only one of the available methods documented in the handbook namely; Procedure V, Method B. This method, nevertheless, is the most widely used method and the method most frequently specified in DoD contracts.

It is also important to note that maintainability prediction is dependent upon the results of the reliability prediction so it is imperative that the reliability prediction tool and the maintainability prediction tool are compatible.

Available automated maintainability prediction tools include:

Maintain by Item Software Ltd, MGA Inc.

Item Software Ltd. MGA Inc. 200 Baker Ave. Concord, MA 01742 (508) 369-5115

Maintainability Prediction Program (MPP) by Powertronics

Powertronics Systems, Inc. P.O. Box 29019 New Orleans, LA 70189 (504) 254-0383

### 7.6 Mathematical/Graphical Analysis Tools

Once a design concept has been developed, a designer will develop and solve the equations describing the proposed behavior of the function. A variety of math packages allow the circuit designer to do this on a personal computer using relatively inexpensive tools.

In general, math tools can be grouped into two categories, those that encompass general mathematical software and those that emphasize mathematical manipulation of matrices. Both types can solve equations either numerically or symbolically and display results graphically. General mathematics packages are well suited for exploratory analysis or one-of-a-kind calculations. However, where large or repetitive calculations (number crunching) is required the matrix-based variety may be more beneficial.

Many of the available mathematical/graphical analysis tools can perform complex mathematical functions. Statistical analysis packages are also available. Extensive plotting and graphing routines are available with most of these tools. The transition to the competitive mass market has compelled software vendors to improve the user-friendliness of their products. Modern tools require little or no programming by the user, but usually offer features that allow users to create application programs to meet their individual needs. For ease of use, equations can usually be typed in directly in "blackboard" form. A extensive discussion of automated mathematical and graphical tools, together with a detailed description of many of the currently available packages may be found in References [7] and [8].

Some available mathematical and graphical tools include:

MathCAD 3.0 by MathSoft Inc.

MathSoft, Inc. 201 Broadway Cambridge, MA 02139 (800) MAT-HCAD

Mathematica 2.0 by Wolfram Research Inc.

Wolfram Research Inc. 100 Trade Center Drive Champaign, IL 61820-7237 (217) 398-0700, FAX (217) 398-0747

MAPLE by Waterloo Maple Software

Waterloo Maple Software 160 Columbia St. W. Waterloo, Ontario, Canada N2L 3L3 (519) 747-2373 FAX (519) 747-5284

### 7.7 Testability Analysis Tools

Wide use of testability analysis tools has not been prevalent until about the last 5 years. Testability techniques and tools are now widely accepted and have matured to the point where they are currently being applied to help meet testability requirements. Much of the development effort was done to address testability problems in digital electronics. Hence many of the tools available today are applicable only to digital electronic technology at the component or circuit card level.

There are three fundamentally different approaches to the assessment and analysis of testability: a) Checklists, b) Controllability/Observability and c) Dependency Modeling. Two of the three techniques, address primarily digital systems. Only dependency modeling can be effectively applied to other system types such as analog, mechanical, electro-mechanical and fluid or process control systems.

One of these approaches (checklists) is documented in MIL-STD-2165 [Reference 9]. Most of the currently available automated testability tools, however, are not

based upon this methodology but rather are based upon dependency modeling. An extensive list of testability tools together with a detailed discussion of the advantages and disadvantages of the various testability assessment and analysis methods may be found in Reference [10]. It should be noted that a number of the automated tools in Reference [10] are limited access i.e., they are proprietary in nature and are limited to government agencies only.

Some of the non-limited-access dependency-modeling-based testability analysis tools available include:

STAT (System Testability Analysis Tool) by DETEX Systems, Inc.

DETEX Systems, Inc. 1574 N. Batavia, Suite 4 Orange, CA 92667 (714) 637-9325

STAMP (System Testability and Maintenance Program) by ARINC

ARINC Research Corporation 2551 Riva Road Annapolis, MD 21401 (301) 266-4000

### 7.8 Finite Element Analysis Tools

One very important advantage of the finite element analysis method is that a single model can often be used to perform both a thermal analysis and structural analysis. This dual analysis capability makes the technique especially powerful since it can dramatically increase the productivity of design engineers. Some of the available software tools have this dual function capability while others are limited to either one function or the other. Other factors being equal, the dual function programs are generally preferred over the single function variety.

Some available finite elements tools which include dual function, thermal and structural analysis, capability are:

NISA II by Engineering Mechanics Research Corp.

Engineering Mechanics Research Corp. P. O. Box 696 Troy, MI 48099 (313) 689-0077 ANSYS by Swanson Analysis Systems, Inc.

Swanson Analysis Systems, Inc. Johnson Rd. P. O. Box 65 Houston, PA 15342-006 (412) 746-3304

### 7.9 Automated Tool References

- [1] Caroli, J.A., "A Survey of Reliability, Maintainability, Supportability and Testability Software Tools," RL-TR-91-87
- [2] MIL-HDBK-251, "Reliability/Design Thermal Applications"
- [3] Morrison, G.N., et al. (Hughes Aircraft Company), "RADC Thermal Guide for Reliability Engineers," RADC-TR-82-172
- [4] Cendes, Z. J., "Electromagnetic Simulators," IEEE Spectrum, Volume 27, Number 11, November 1990
- [5] Swanson Jr, D. G., "Simulating EM Fields," IEEE Spectrum, Volume 28, Number 11, November 1991
- [6] Coit, D. W., Priore, M. G., "Impact of Nonoperating Periods on Equipment Reliability," RADC-TR-85-91, May 1985
- [7] Foster, K. R., "Prepackaged Math," IEEE Spectrum, Volume 28, Number 11, November 1991
- [8] Hines, J. R., "Affordable Analog Design," IEEE Spectrum, Volume 27, Number 11, November 1990
- [9] Coit, D. W., Priore, M. G., "Impact of Nonoperating Periods on Equipment Reliability," RADC-TR-85-91, May 1985
- [10] MIL-STD-2165, "Testability Program for Systems and Equipment"
- [11] Unkle, R., "Testability Design and Assessment Tools," CRTA-TEST, Reliability Analysis Center, December 1991

Reliability Analysis Center (RAC) • 201 Mill St., Rome, NY 13440 -6916 • 315-337-0900

## **SECTION 8**

### SOME CHALLENGES FOR CE IN TODAY'S AUTOMATION ENVIRONMENT

### 8.0 SOME CHALLENGES FOR CE IN TODAY'S AUTOMATION ENVIRONMENT

### 8.1 Present Database Limitations

The lack of a viable database is one of the chief obstacles to the automation of CE today. Supporting various groups of engineers working in tandem, demands a very different type of support from a Database Management System (DBMS) than does traditional data processing. Traditional DBMS's are inadequate for this type of task.

An Object-Oriented DBMS rather than a record-oriented DBMS is needed. Traditional hierarchical or relational DBMS lack the power needed to model the types of information generated through all phases of product and process design. Object-oriented models address the requirements and resulting physical structure of a system with objects (which combine data and processes). These are based on defining and understanding the relationships between objects. In such a relationship, objects pass data back and forth. To define the relationship, the nature of the data, rather than the actual data, is examined to understand how an object uses the data.

At present there are three major database related challenges: 1) Modeling Data, 2) Providing Interactivity, and 3) Supplying Versioning and Configuration Control.

### 8.2 Limitations of Today's Automated Tools

The availability of automated tools for all of the various aspects of CE is not consistent. While these tools may be readily available for some phases of the design effort, they may not be available for others.

CONCEPTUAL DESIGN PHASE TOOLS - Conceptual design involves the decomposition of high level product requirements into successively lower levels of design detail. Very few automated tools of any kind are presently available for this phase of the design effort. A significant need exists for more rule-based expert systems, particularly for conceptual design.

DESIGN SYNTHESIS PHASE TOOLS - Although somewhat limited at present, automated design synthesis tools are becoming more readily available for this phase of the design effort.

DESIGN EVALUATION PHASE TOOLS - This phase is currently the most automated. Most presently available automated tools specifically address design evaluation.

TOOL INTEGRATION - A major need, at present, is the integration of the various "stand alone" automated tools. This implies the need for a common "Object-Oriented" database rather than "Record-Oriented" database capable of "Real

Time" integration of all of the quantifiable characteristics of the product design, its associated manufacturing process and its fielded support needs plus the ability to electronically transfer the applicable data from one automated tool to another.

### 8.3 Challenges for CE References

- [1] Richter, Dr. K.J., "Concurrent Engineering Some Definitions and Issues," '92 Product Assurance Forum, April 1992
- [2] Rosenblatt, A., et al., "Concurrent Engineering," IEEE Spectrum, Volume 28, Number 7, July 1991
- [3] Atwood, T.M., "The Case for Object-Oriented Databases," IEEE Spectrum, Volume 28, Number 2, February 1991

# APPENDIX A: RAC PRODUCTS

### **RAC Product Order Form**

|         |                                                                                                  | U.S.     | Non-U.S.  | City     | Item Tota |
|---------|--------------------------------------------------------------------------------------------------|----------|-----------|----------|-----------|
|         | MIL-HDBK-217F, Notice 1 (Microsoft Word Version 4.0)                                             | 75.00    | 85.00     |          |           |
|         | MIL-HDBK-338B (Draft) (Microsoft Word Version 4.0)                                               | 95.00    | 105.00    |          |           |
| 4       | Analog Testing Handbook                                                                          | 100.00   | 120.00    |          |           |
| TA-CE   | Introduction to Concurrent Engineering: Electronic Circuit Design and<br>Production Applications | 75.00    | 85.00     |          |           |
| A-GAAS  | An Assessment of GaAs Device Quality and Reliability                                             | 50.00    | 60.00     |          |           |
| TA-PEM  | Plastic Microcircuit Packages: A Technology Review                                               | 50.00    | 60.00     |          | 1         |
| TA-QML  | Qualified Manufacturer's List: New Device Manufacturing and Procurement<br>Technique             | 50.00    | 60.00     |          |           |
| TA-TEST | Testability Design and Assessment Tools                                                          | 50.00    | 60.00     |          |           |
| R-4     | Discrete Semiconductor Device Reliability                                                        | 100.00   | 120.00    |          |           |
| D-91    | Failure Mode/Mechanism Distributions                                                             | 100.00   | 120.00    |          |           |
| 4       | Fault Tree Analysis Application Guide                                                            | 80.00    | 90.00     |          | 1         |
| R-21    | Microcircuit Device Reliability Trend Analysis Databook                                          | 100.00   | 120.00    |          |           |
| R-22    | Microcircuit Screening Analysis                                                                  | 125.00   | 145.00    |          |           |
| AT-1    | Microelectronics Failure Analysis Techniques - A Procedural Guide                                | 140.00   | 180.00    |          |           |
| AT-2    | GaAs Microcircuit Characterization & Failure Analysis Techniques                                 | 100.00   | 120.00    |          | 1         |
| AT-182  | Combined set of MFAT-1 and MFAT-2                                                                | 200.00   | 260.00    |          |           |
| NOP-1   | Nonoperating Reliability Databook                                                                | 150.00   | 170.00    |          |           |
| RD-91   | Nonelectronic Parts Reliability Data 1991                                                        | 150.00   | 170.00    |          |           |
| RD-91P  | Nonelectronic Parts Reliability Data 1991 (IBM PC database)                                      | 400.00   | 440.00    |          |           |
| S-1     | Analysis Techniques for Mechanical Reliability                                                   | 60.00    | 70.00     |          |           |
| M-92    | A Primer for DoD Reliability, Maintainability, Safety and Logistics Stds                         | 120.00   | 140.00    |          |           |
| L-1     | QML Workshop Proceedings                                                                         | 25.00    | 35.00     |          |           |
| EF      | RAC Quick Reference Guides                                                                       | 39.00    | 49.00     |          |           |
| C-NRPS  | Nonoperating Reliability Prediction System (Includes NONOP-1)                                    | 1400.00  | 1450.00   | **       |           |
| ST-91   | Reliability and Maintainability Software Tools 1991                                              | 50.00    | 60.00     |          |           |
|         | RAC Quarterly (Annual Subscription- 4 issues)                                                    | 30.00    | 35.00     |          |           |
| AR-2    | Practical Statistical Analysis for the Reliability Enginee:                                      | 40.00    | 50.00     |          |           |
| AR-4    | Confidence Bounds for System Reliability                                                         | 50.00    | 60.00     |          | 1         |
| AR-5    | Surface Mount Technology: A Reliability Review                                                   | 60.00    | 70.00     |          |           |
| AR-6    | ESD Control in the Manufacturing Environment                                                     | 60.00    | 70.00     |          |           |
| AR-7    | A Guide for Implementing Total Quality Management                                                | 75.00    | 85.00     |          |           |
| AR-8    | Process Action Team (PAT) Handbook                                                               | 80.00    | 90.00     | ·        |           |
| RED     | VHSIC Reliability Prediction Software                                                            | 150.00   | 170.00    |          |           |
| AP-91   | Electrostatic Discharge Susceptibility Data 1991                                                 | 150.00   | 170.00    |          | -         |
| AP-91P  | Electrostatic Discharge Susceptibility Data 1991 (IBM PC database)                               | 400.00   | 440.00    |          |           |
| N       | RAC Newsletter (Distributed free of charge each quarter)                                         | 0.00     | 0.00      | <u> </u> | +         |
| 3       | RAC User Guide (Description of RAC consulting services)                                          | 0.00     | 0.00      |          |           |
|         | SHIPPING AND I                                                                                   | HANDLING | - SEE BEI | .OW      | 1         |
|         | QUANTITY                                                                                         |          |           |          |           |
|         | Please Make Checks Payable to IITRI/RAC                                                          |          | DRDER TO  |          | <b></b>   |

| Name    | · · · · · · · · · · · · · · · · · · · |   |
|---------|---------------------------------------|---|
|         |                                       |   |
|         |                                       |   |
|         |                                       |   |
|         |                                       |   |
|         | Zip                                   |   |
| Country |                                       |   |
|         | -                                     | _ |

Ordering: Fax to (315) 337-9932 or mail to Reliability Analysis Center, P.O Box 4700, Rome, NY, 13442-4700. Prepayment is preferred. Credit cards (VISA, AMEX, MSTR) are accepted for purchases of \$25 and up. All Non-U orders must be accompanied by a check drawn on a US bank.

Shipping & handling: U.S orders add \$2.00 per book, \$3.00 for First Class Non-US add \$4.00 per book for surface mail, \$15.00 per book for air mail.

Quantity discounts are available for 10+ copies. To order call 800-526-480 315-339-7047 or write to above address.

Military agencies: Blanket Purchase Agreement, DD Form 1155, may be us for ordering RAC products and services. Indicate the maximum amount authorized and cutoff date and specify products and services to be provided identify vendor as IIT Research Institute/Reliability Analysis Center.