2008 dependability seminartc56.iec.ch/action/presentation/topic(iv).pdf · iec 61882.. block...
TRANSCRIPT
1
CopenhagenDenmark2008
20082008--1010--1515 11
Dependability Dependability SeminarSeminar
Sponsor: Danish StandardsSponsor: Danish StandardsProgram: IEC/TC56Program: IEC/TC56
20082008--1010--1515
CopenhagenDenmark2008
20082008--1010--1515 22IEC/TC56 Dependability Seminar IEC/TC56 Dependability Seminar Copenhagen, DenmarkCopenhagen, Denmark
DesignDesign--FMEA FMEA Reduces Risk and Reduces Risk and improve Reliabilityimprove Reliability
Peter de Place Rimmen Peter de Place Rimmen Global Research R&DGlobal Research R&D
Vestas Wind System A/SVestas Wind System A/SDenmark Denmark
2
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 3Peter de Place Rimmen
How do we get quality into the decisions?How do we get quality into the decisions?
• Focus areas: update or new design.• Analysis Methods• FMECA
• Mature way or for beginners
• What do we get from a FMEA analyze• Where can we get input to Project activities Planning
(Design for Reliability)?• Do we have the right specification?
• What is a functional tree?• Can we avoid Human Errors?• How do we make the right Verification?
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 4Peter de Place Rimmen
For reused design and technology:
Do not repeat the failures we have made previously !
For new design and technology:
How can this thing go wrong ?
Brain storm – a Creative process
Things can work only one way, but go wrong in an infinite number of ways!
How shall we guide this creative process ?
How do we get quality into the decisions?How do we get quality into the decisions?
3
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 5Peter de Place Rimmen
Least structuredBrain Storm meeting ………Design Review.. IEC 61160..HAZOP ……….... IEC 61882..Block Diagram.. IEC 61078..FMECA………….. IEC 60812..FTA……………….. IEC 61025..
Most structured
Analysis MethodsAnalysis Methods
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 6Peter de Place Rimmen
A mature way to make a FMECA analysis:A mature way to make a FMECA analysis:1. Select an appropriate part of the design /process (60-80 problems)2. Call a relevant group of experts3. Have the block diagram, circuit diagram or drawing on Screen or on wall4. Let an expert explain what the relevant part of the design/process does5. The facilitator select one block / one part of the design/one component and ask the
experts to tell how it may go wrong (brain storm)6. The facilitator write the mentioned ways on the white board7. When the selected block/area/component has been covered ask the same questions for
all interfaces from the block/area/component (some of these will already have been covered)
8. Repeat 5-7 until the selected part of the design/process has been covered9. List the consequences, probability and detect ability for each point listed10. The facilitator fills out the FMECA form up to and including RPN numbers (if used)11. At a new meeting the facilitator present the partially filled FMECA form, ask for
corrections and comments12. The team now discuss all /the largest RPN numbers and decide if something shall be
done about the potential problem. If so list Action, Responsible and due date
13. You may estimate the new RPN after the action have been implemented
4
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 7Peter de Place Rimmen
Focus is Concentrated to DFocus is Concentrated to D--FMEAFMEA
Design-FMEABelong to DevelopmentProactive ToolFoundation for DesignFoundation for TestFoundation for Risk-Analysis The “C”Always Up to Date ☺Foundation for Production/Sale
Focus Area’sDesign processProduct Performance Functions
System Design-FMEACovers the total System
Process-FMEAFoundation for Screening
D-FMEA = Risk Management for Trustworthiness
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 8Peter de Place Rimmen
Referent
Note: Check that listed functions correspond to functions implemented on wind turbinesITEM
1 Remove plastic/lead seal When twisting the plastic it locks tight to the bottle
I have to look for a knife. it takes longer time before I can enjoy my wine
5 I don't have the experience with a plastic sealing
4 20 5 100 Be carefull to slise the plastic. Use a proff. corkscrew uncutting the top of the plastic seal
2 I get cut by the knife
I have to stoop the bleeding. It takes some time again
6 Slippery fingers, rheumatism in your hand, hangovers, get shocked by a brut noise
3 18 10 180 Wipe your hands. Don't use moisture cream. Check eventual shaking hands
3 10 04 Hold the bootle I loose the
bottle onto the floor
The contents get mixed - wine & sediment
4 Slippery fingers, rheumatism in your hand, hangovers, get shocked by a brut noise
2 8 10 80 Eat good food, do some training
5 I loose the bottle - and the bootle breaks
My mode will change from party to anger
8 Slippery fingers, rheumatism in your hand, hangovers, get shocked by a brut noise
4 32 10 320 Eat good food, do some training
6 10 07 Insert the corkscrew The corkscrew
slips and gets into my hand
I get a wound and loose some blood. Eventually I can get an infection
8 Slippery fingers, rheumatism in your hand, hangovers, get shocked by a brut noise
3 24 10 240 Eat good food, do some training
8 10 09 10 0
10 Uncork The cork demolish partly
Parts of the cork get mixed with the wine
5 The bootle is very old, the wine is very cheap…
6 30 6 180
The Chef, the disher, the restaurant owner, a guest representive, the cleaner…?
RPN RECOMMENDED ACTIONSO C C
ParticipantsProject ID
PRODUCT FUNCTION POTENTIAL FAILURE
MODE
POTENTIAL EFFECTS OF
FAILURE
System/Sub-syst./Component
S E V
component: Bootle in the kitchen
CIPOTENTIAL CAUSE(S ) OF FAILURE
HKSON
D V
Uncork bootle
DESIGN VERIFICATION
The Risks are The Risks are Design RelatedDesign Related(Criticality Index)(Criticality Index)
Risk ManagementRisk ManagementD-FMEA are handling both sides of the V-Model
WHAT DO YOU GET ?
Identification of risks in the DESIGN
Identification of TEST ACTIVITIES in the design phase
Test Activities Test Activities are are
IdentifiedIdentified
5
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 9Peter de Place Rimmen
Which kind of failures do you Which kind of failures do you not want?not want?
MCF or M(t) Curves for explaining "Realibility"
0
2
4
6
8
10
0 5 10 15 20
Years in service
Acc
umul
ated
failu
res
0-Time failure level. Installation/Transport damage
Constand failure rate. Lack of Robustness
Early failures. Lack of Procuction Capabilities
Wearout failure level. Lack of Lifetime
Sum of failures. Customer experience
[Linear scale]
[Lin
ear s
cale
]
MCF = Mean Cumulative FailuresM(t) = Mean Accumulated Failures
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 10Peter de Place Rimmen
M(t)
Lifetime
Lack of Robustness failures
• Noise• Overload• …
Process FMEA
Earlyfailures
Wear out
D-FMEA
[lin]
[lin
]
Tread
less
than
1,6mm
Tire
Mounting
Flat Tiredue to
nail/stone/roadside
Which kind of failures do you Which kind of failures do you not want?not want?
6
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 11Peter de Place Rimmen
Specification demands
ProductSpecification
0-time
Specification
Parameter plan
Customer expectations
ProductSpecification
" Customer expectations"
0-time ........................Useful lifetime..............
...
Specification
Time plan
Productspecification
" Customer expectations"
0-time........................Useful lifetime..............
...
Design
Specification
graceful degradation
Construction- / Design- Demands
”Performance shall be specified as end of lifetime”
The Rim
men m
odel
Severe User
Design parametersDesign parameters
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 12Peter de Place Rimmen
1: Describe product
2: Determine functions
3: Find possible failure modes
4: Determine effect of failure
5: Find causes of failure
6: Design verification
7: Calculate risk (RPN)
8: Rectify design
9: Assess result
DD--FMEA MethodFMEA Method0: Plan the analysis
Up
date
Specifications OK ?Specifications OK ?
7
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 13Peter de Place Rimmen
0: Plan the analysis
PLANNING IS IMPORTANT – TO REACH SOUND RESULTS!
Broad analysis group
Train them– before
Prepare
Make brainstorming to the D-FMEA analysis
Review the results with others
RPN
Sev Occ Ver
TimeParti-cipate
DD--FMEA MethodFMEA Method
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 14Peter de Place Rimmen
Knowledge of the product
Drawings
Functional blocks
Description of loads
Design Spec.
Experience from previous projects
Failure reports
Physical models
1: Describe product
Previous D-FMEA
DD--FMEA MethodFMEA Method
8
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 15Peter de Place Rimmen
Describe functions as Describe functions as actions:actions:Action = verb + noun
PowerLimit
MotorActivate
CircuitReset
TemperatureMeasure
DisplayRead
CorkRemove
ArmLift
CorkscrewInsertNounNounVerbVerb
2: Determine functions
preliminary work
DD--FMEA MethodFMEA Method
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 16Peter de Place Rimmen
Functional Flow Chart:
How? Why?
Either: List of Functions:
Or:
Function 1 …
Function 2 …
Function 3 …
Function 4 …
Function 5 …
Function 6 …
Function 7 …
DD--FMEA MethodFMEA Method2: Determine functions
9
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 17Peter de Place Rimmen
Functional flow chart for corkscrew and design demands
Insert corkscrew
Uncork
Remove cork
Place corkscrew tip on cork
Press the tip down
Rotate corkscrew
Lift arm
Uncork bottle
Hold on to cork
Rotate corkscrew
Example
:
How? Why?
2: Determine functions
Tooth tolerances
Remove plastic/lead
Hold bottle
Low friction
Other tech demands
DD--FMEA MethodFMEA Method
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 18Peter de Place Rimmen
Also remember the general functions:
Operational reliability:
Lifetime:
Safety:
Robustness:
Operate correctly throughout lifetime(covered by flow chart)
Function insensitive to noise & external loads
Long lifetime (e.g. L10 > 25 years)
Protect users and surroundings against overload
DD--FMEA MethodFMEA Method2: Determine functions
10
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 19Peter de Place Rimmen
3: Determine failure modes How can the function fail?How can the function fail?
• Degraded / intermittent / incorrect
• Unwanted
• Delayed
Guide words for Human Error: • too early
• too late
• too much
• too little
• too long
• too short
• wrong direction
• on wrong object
• wrong action
• No function
• Too much / too little
• Too soon / too late
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 20Peter de Place Rimmen
4: Determine effects of failure
If the failure occurs, what is the effect?Think at the
• customer influenced?
• other parts of the product influenced?
• Immediate and delayed effect
• Same failure, several effects, take them all together
Assessed the effect at the Severity-scale of 1 to 10
DD--FMEA MethodFMEA Method
11
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 21Peter de Place Rimmen
Risk Management
6
8
Partial failure.
No Product function.
Not notice failure.1
Noticed but no influence. 2
Irritated. Self repair.3
Irritated and contacts Service. 4
Complains.5
Alternative supplier ?7
Major Costs. Safety risk. With warning.9
Dangerous and life-threatening effect. Without warning.10
SEVERITY RATINGSEVERITY RATINGDetail
DD--FMEA MethodFMEA Method
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 22Peter de Place Rimmen
5: Determine causes of failures
What may cause the failure?
• Design failure & weaknesses
• Consider environment, wear, use/misuse
• The failure usually has several causes. Include the most important causes.
• Does the design make it impossible to produce it correctly?
• Process failures are not included. This is handled by the P-FMEA.
Go for the right things
DD--FMEA MethodFMEA Method
12
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 23Peter de Place Rimmen
Hardware
+
Software
Input
Input
Product
Performance
Etc?
Output
Output
OccurrenceWhere are designers looking?
orCompiler
Coding
SW-DesignDesign process
HW-Design
Design process
DD--FMEA MethodFMEA Method
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 24Peter de Place Rimmen
<1:10.000Unlikely1
1:10002
1:250Known principles that only cause few problems.
3
1:1004
1:505
1:25
Principles that very rarely cause problems.
6
1:107
1:5Principles that might cause problems.
8
1:39
>1:2Probable a large number of failures
will occur.
10
How often?QS9000 (A)Detailedscale
OCCURRENCE RATING
DD--FMEA MethodFMEA MethodRisk Management
13
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 25Peter de Place Rimmen
6 7
SEV
ER
ITY
1 2 3 4 5 8 9 10
12345678
9
10
Low riskLow risk
Medium riskMedium risk
High riskHigh risk
OCCURRENCE
Risk ManagementRisk ManagementCriticality = Severity * Occurrence Criticality = Severity +½ Occurrence (for prioritization)
DD--FMEA MethodFMEA Method
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 26Peter de Place Rimmen
6: Design verification
How can you know that the construction is OK?
Which activities have already been carried out?
Examples of verification activities:
• Simulation, calculation, F.E. analysis
• Tolerance chain analysis
• Test of prototypes
• Poka Yoke (mistake proven)
• Experience from previous productsAssessed on a Verification scale of 1 to 10
DD--FMEA MethodFMEA Method
14
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 27Peter de Place Rimmen
1
2
3
4
5
6
7
8
9
10
Simulations, tolerances
Derating/load-strgth
Supplier info + Experi.
Technological platform know
n
Functional
Robustness, H
ALT
Wear-out test re. budget
Tests at customers
Performance tests
Review
, design
Tolerance chain analysis
Safety
Design Verification RatingDesign Verification Rating
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 28Peter de Place Rimmen
1
2
3
4
5
6
7
8
9
10
Simulations, tolerances
Derating/load-strgth
Supplier info + Experi.
Technological platform know
n
Functional
Robustness, H
ALT
Wear-out test re. budget
Tests at customers
Performance tests
Tests in design phaseReview
, design
Tolerance chain analysis
Safety
Example:For getting “6” in Verification you must if relevant have done the following:
• Design must be based on solid information from the supplier• Have a good load/strength (derating) relation to expect no failure at the weakest material
when maximum load is applied.• The chosen technology is mature and proven in similar situations/environments• Have simulated the tolerances to verifying the capabilities• Have done Review’s with experts from design, production, supplier and service.• Made functional test and performance test with relevant stimuli's. • Making test for safety, wear and functional test in products where we previously have seen
problems.
Design Verification RatingDesign Verification Rating
15
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 29Peter de Place Rimmen
7: Determine risk (RPN)
Criticality Index = Severity x Occurrence
Risk Priority Number =Severity
x Occurrence
xVerification
The Risks are The Risks are Design RelatedDesign Related(Criticality Index)(Criticality Index) Test Test
Activities are Activities are IdentifiedIdentifiedPrioritization:Prioritization:
Severity + Severity + ½½OccurrenceOccurrence
IEC/TC56 Dependability Seminar Copenhagen, Denmark
2008-10-15 page 30Peter de Place Rimmen
• D-FMEA carried out too late
• Incorrect composition of team, knowledge…
• The team focuses too much on the figures. It’s just a rough indication of risk.
• Mix of P- and D-FMEA
• Attempts to solve all problems at the meetings
• Places the FMEA in the file, and forgets it
Common MistakesCommon Mistakes DD--FMEA MethodFMEA Method
16
CopenhagenDenmark2008
20082008--1010--1515 3131IEC/TC56 Dependability Seminar IEC/TC56 Dependability Seminar Copenhagen, DenmarkCopenhagen, Denmark
Conclusions:Conclusions:How do we get qualityHow do we get quality
into the decisions?into the decisions?• Focus areas: update or new design.• Analysis Methods• FMECA • Mature way or for beginners• What do we get from a FMEA analyze• Where can we get input to Project activities Planning
(Design for Reliability)?• Do we have the right specification?• What is a functional tree?• Can we avoid Human Errors?• How do we make the right Verification?