Академический Документы
Профессиональный Документы
Культура Документы
Methods
Fayssal Safie/MSFC
August 1, 2000
• Definitions
• Qualitative and Quantitative FMEA – FMECA
• Qualitative and Quantitative Fault Tree Analysis (FTA)
• Probabilistic Risk Assessment (PRA)
• Reliability Allocation
• Reliability Prediction
• Reliability Demonstration
• Trend Analysis
• Probabilistic Structural Analysis
• Design of Experiments (DOE)
• Statistical Process Control (SPC)
• Manufacturing Process Capability
2
Definitions
3
Definitions
4
Failure Modes and Effects Analysis (FMEA)
5
Failure Modes and Effects Analysis (FMEA)
20-01-44
FM Code A01
Turbine Exhaust Duct External A,B. Actual loss A,B. Probable Loss A,B. Probable Loss a) None Correcting Action: 1
Assembly leakage of Loss of containment Fire and explosion. Fire and explosion b) N/A None
hot exhaust of hot exhaust will lead to loss Timeframe: N/A
P/N: 10206-0002-102 gas (System gases. of the mission,
A and/or B) vehicle, and crew.
Ref. Des.: None caused by:
Reaction Time:
2 Required • Bellows Seconds
fracture/
Vents HPU turbine exhaust fatigue C,D,E. No Effect C,D,E. No Effect C,D,E. No Effect a) N/A 3
gas to atmosphere out- Failure mode not Failure mode not Failure mode not b) N/A
side of the aft skirt. • Flange/duct applicable to applicable to applicable to
fracture these phases. these phases. these phases.
Exhaust Duct Assembly
includes: • Seal failure
7
Failure Modes and Effects Analysis (FMEA)
Benefits:
• The FMEA provides a systematic evaluation and
documentation of failure modes, causes and their effects.
• It categorizes the severity (criticality category) of the
potential effects from each failure mode/failure cause.
• It provides input to the CIL (Critical Items List).
• It identifies all single point failures.
• The FMEA findings constitute a major consideration in
design and management reviews.
• Results from the FMEA provide data for other types of
analysis, such as design improvements, testing, operations
and maintenance, and analysis of mission risk.
8
Failure Modes, Effects, and Criticality Analysis (FMECA)
Part name/ Potential Causes (failure Risk Priority Rating Recommended Risk Priority Rating
Effects
Part number Failure modes Mechanism) Sev Freq Det RPN Improvement Sev Freq Det RPN
10
Qualitative Fault Tree Analysis (FTA)
11
Qualitative Fault Tree Analysis (FTA)
X-34 Hydraulic System Example
This is a portion of a schematic to a system which incorporates three hydraulic pump packages. The system can still
function properly if two of the pumps operate. The fault tree example is only a tiny portion of one pump package from the
hydraulic system fault tree from which this example was based.
Pump Motor PT
Controller 1 18 HP
var
Pump
Battery 1 Pump Latching
Relay 1
Flight Computer
Pump Motor
Controller 2 18 HP
PT
var
Pump
Battery 2 Pump Latching
Relay 2
Pump Motor
Controller 3
18 HP PT
var
Pump Cooling Plate
Battery 3 Pump Latching 6
Relay 3 12
FWD Manifold
Qualitative Fault Tree Analysis (FTA)
X-34 Hydraulic System Example
Inadequate Power to
Pump Package 1 Motor
MTR-1-PWR
Page X
MTR-CTRL-1-OFF MTR-CTRL-1-PWR
Pump Package 1 Motor Pump Package 1 Motor Pump Package 1 Pump Package Relay
Controller Fails Off Controller Commanded Off / Battery Failure (Loss Fails / Commanded
/ Low (Component Low (Software / Pressure of Charge / Off
Failure) Transducer Error) Inadequate Charge)
Page XX
PKG-1-REL-FOF PMP-PKG-1-CMD-OFF
13
Qualitative Fault Tree Analysis (FTA)
Benefits:
• Provides a format for quantitative and qualitative evaluation.
• Provides a visual description of system functions that lead to
undesired outcomes.
• Identifies failure potentials which may otherwise be overlooked.
• Identifies design features that preclude occurrence of a top level fault
event.
• Identifies manufacturing and processing faults.
• Determines where to place emphasis for further testing and analysis.
• Directs the analyst deductively to accident-related events.
• Useful in investigating accidents or problems resulting from use of a
complex system.
14
Qualitative Fault Tree Analysis (FTA)
Benefits: (cont’d)
• Can identify impact of operator/personal interaction with a system.
• Can help identify design, procedural, and external conditions which can cause
problems under normal operations.
• Often identifies common faults or inter-related events which were previously
unrecognized as being related.
• Excellent for ensuring interfaces are analyzed as to their contribution to the top
undesired event.
• Can easily include design flaws, human and procedural errors which are sometimes
difficult to quantify (and therefore, often ground-ruled out of quantitative analysis).
• Qualitative FTA requires cutset analysis to attain full benefits of the analysis.
(Cutsets: Any group of non-redundant contributing elements which, if all occur, will
cause the top event to occur)
15
Qualitative Fault Tree Analysis (FTA)
Considerations:
• FTA addresses only one undesirable condition or event at a time.
Many FTAs might be needed for a particular system.
• Both Quantitative and Qualitative FTAs are time/resource
intensive.
• In general, design oriented FTAs require much more time than
failure investigation FTAs. Management is mostly acquainted
with failure investigations FTAs. Such FTA efforts can give a
false sense of how quickly a design FTA can be developed.
16
Quantitative Fault Tree Analysis (FTA)
17
Quantitative Fault Tree Analysis (FTA)
X-33 Methane Ground Storage and Loading Example
System Description:
• Methane loading system - The methane is stored in a
tank in a liquid form and then vaporized and loaded as
a gas. This example terminated at valve failure.
18
Quantitative Fault Tree Analysis (FTA)
X-33 Methane Ground Storage and Loading Example
Inability to Load
Methane (CH4)
NO-LOAD -CH4
Valve V -1557 Fails Valve V -1537 Fails CH4 Vented CH4 Transfer
Open Closed Through Load Blocked Through
Line Load Line
Solenoid Operated Solenoid Operated Relief Valve RV - Solenoid Operated Check Valve CV -
Valve SOV -1549 Valve SOV -1549 1552 Open Valve SOV -1561 1548 Fails Closed
Mech. Fails Open Solenoid Fails Fails Closed
Open
SOV -1549-MECH -OP SOV -1549 -SOL-OP RV-1552 -OP SOV -1561-MECH -CL CV-1548-CL
Considerations:
• The probabilities derived from a Quantitative FTA should be
viewed with the uncertainty fully understood.
• It is often difficult to obtain valid reliability data for
experimental / non-production related systems. In such cases:
• Too few items are available for a proper statistical sample
• Data from “Like” systems and operating environments must
be used
• Quantitative FTA has little or no place in failure investigations.
20
Probabilistic Risk Assessment (PRA)
21
Probabilistic Risk Assessment (PRA)
22
Probabilistic Risk Assessment (PRA)
A PRA Process Example
FLIGHT/TEST DATA
Master Logic Diagram (MLD)
PROBABILISTIC STRUCTURAL MODELS
SIMILARITY ANALYSIS
ENGINEERING JUDGMENT
Event Tree
Porosity Present
Porosity
Turbine Inspection in Critical
Present in Blade Scenario End State
Blade Location Leads
Porosity
Not Critical
to Crack in Failure Number or Transfer UNCERTAINTY
Effective Location
<4300 sec DISTRIBUTION
1 LOV
FOR LOV DUE
2 MS
TO TURBINE
QUANTIFICATION 3 MS
BLADE
OF ESD 4 MS
POROSITY
5 MS
INITIATING &
PIVOTAL EVENTS
Benefits:
• Imposes logic structure on risk assessment.
• Evaluates risk at various system levels including system interactions.
• Handles multiple failures and common causes.
• Provides more insight into the various system failure modes and the
effects of human/process interaction.
• Provides a tool to combine both qualitative and quantitative risk
analysis.
Limitations:
• Could be very expensive.
• Could be misapplied and misused due to the incorporation of
qualitative data.
24
Probabilistic Risk Assessment (PRA)
Event Tree Example – A Coolant System
P1 Normal
Emergency
D Coolant
Coolant
P2
A Coolant System
• P1 and P2 are electrically driven pumps, D is a flow detector, and EP (not shown) is the electric power
• Full system success (S) requires both pumps operating, the detection system, and the electrical power operating
• Two pumps failing or failure of electrical power (EP) results in system failure (F) 25
Probabilistic Risk Assessment (PRA)
Event Tree Example – A Coolant System
P(P2)
P(P1)
1-S
Q(P2) 2-P
P(D) P(P2)
Q(P1) 3-P
Q(P2)
P(EP) 4-F
Q(D)
5-F
NORMAL COOLANT
PIPE FAILURE
Q(EP) 6-F
LSC
0.9998843 0.9965403 0.9996991 0.9996991
28
Reliability Allocation
Example
0.999
SSME
Reliability
0.99975
0.99975 0.99985
0.99980 0.99985 Controls &
HPFTP HPOTP Chamber Nozzle
Externals
0.99987 0.99987
Turbine Pump
Ass’y Ass’y
0.999961 0.999909
Housing Rotor
Ass’y Ass’y
0.999945 0.999964
Blades Retainers 29
Reliability Allocation
Benefits:
• Reliability allocation allows design trade-off studies to be
performed in order to achieve the optimum combination of
subsystems which meets the system reliability
requirement.
30
Reliability Prediction
31
Reliability Prediction
32
Reliability Prediction
Similarity Analysis Example
Fuel Turbo Pump
• Assume a Fuel Turbo Pump (FTP) has a historical failure rate of:
50 per 100k firings
• Assume also the failure mode break down is:
Cracked/Fractured Blades 35%
Turbine bearing Failure 25%
Pump bearing Failure 20%
Impeller Failure 10%
Turbine Seal Failure 10%
100%
33
• Then the Cracked/Fractured Failure rate is: .35 X 50 = 17.5/100k firings
Reliability Prediction
Similarity Analysis Example
Fuel Turbo Pump
100%
34
Reliability Prediction
Similarity Analysis Example
Fuel Turbo Pump
36
Reliability Prediction
Benefits:
37
Reliability Demonstration
38
Reliability Demonstration
Reliability Calculation through Demonstrated Tests
By Using Binomial Statistical Formula
Demonstrated Reliability-Mean Time Between Failures
500
(.998)
450
400
300
250
(.996)
200
With 95% Statistical Confidence
150
100
(.990)
Typical Case: To demonstrate .99 reliability
50 with 95% confidence, it takes 298 successful tests
0
0 100 200 300 400 500 600 700 800 900 1000
Limitations:
• It is very expensive and time-consuming to run through a
reliability demonstration program.
• Data quantity sensitive.
40
Trend Analysis
1000
1200
1400
1600
1800
2000
200
400
600
800
0
ac
hi
ne
ry
C
om
bu
In st
s io
tru n
m
en
ta
tio
n
P
lu
m
bi
ng
E
ng
in
e
H
ar
ne
ss
P es
ro
pe
l la
nt
Vl
vs
Ig
n ite
rs
H
yd
r au
l ic
In s
te
r co
n ne
Example Pareto Chart
ct
s
C
Problem Trending
on
tro
l le
P r
SSME UCRs Reported From 01/01/1990 - 12/31/1999
ne
um
at
ic
s
G
S
E
S
of
tw
ar
e
42
Count
Trend Analysis
Benefits:
• Performance trending
• Helps in identifying potential problems with a performance parameter
before it occurs.
• Problem trending
• Identifies major problem areas for optimum allocation of resources.
• Evaluates effectiveness of past recurrence control actions.
• Predicts future failure rates in a given area.
• Points to desirable and undesirable effects of hardware processing
changes.
• Communicates in simple, logical, visual, and easily understandable
presentation.
Limitations:
• Significant engineering evaluation may be required to isolate
appropriate set of problems.
• Rationale for frequency changes may not be obvious. 43
Probabilistic Structural Analysis
44
Probabilistic Structural Analysis
Turbo-Pump Bearing Example
45
Probabilistic Structural Analysis
Turbo-Pump Bearing Example
Stress
Allowable
Load
Failure Region
46
Probabilistic Structural Analysis
Turbo-Pump Bearing Example
Conditions
• Using rig fits and clearances
• Crack size data from actual cut-ups
• Stresses associated with manufacturing (ideal)
• Materials properties and their variations
• Failure mode being analyzed is over-stress
47
Probabilistic Structural Analysis
Turbo-Pump Bearing Example
HPFTP Roller Bearing Inner Race - Model Flow
Variation in:
Randomly select values for Randomly select values for shaft o Fracture Toughness
inner race material properties and sleeve material properties o Yield Strength
o No. of Cracks
o Crack Depth
o Crack Length
ε α ν ε α ν
Compute Allowable
Tolerance fits of rig test bearing Load for each crack
Inner race hoop stress contribution Shaft and sleeve hoop stress
at given conditions contribution at given conditions. Compute Allowable
Load (worst crack)
48
Iterate and compute Failure Probability
Probabilistic Structural Analysis
Turbo-Pump Bearing Example
RESULTS - FAILURE RATES
At Test Race Configuration Probabilistic Structural Analysis
Benefits:
• Used to understand the uncertainty of the design and
identify high risk areas.
• Used to perform sensitivity analysis and trade studies for
reliability optimization.
• Used in identifying areas for further testing.
50
Design of Experiments (DOE)
51
Design of Experiments (DOE)
ET Variable Polarity Plasma Arc (VPPA) Weld Process Example
Factors examined included width, dwell and speed, each with three levels:
Width - how far does it oscillate : 0.03, 0.10, 0.17 inches
Dwell - how long do you pause at the ends of the oscillation : 0.35, 0.52, 0.70 sec
Speed - how fast do you oscillate : 10.0, 27.5, 45.0 inches per minute
40
H
45
IP
P EC
HI
EC 3
0.0
.0 3
035 40 .06
90
6
Spe 30 0.0
40 0 .0 ed
2
0.1 idth
9 20 5 W
0.0 0.1
Sp 30 2 10
ee 0 .1idt
h
d 20 5 W
0.1
10
53
Design of Experiments (DOE)
Jet Engine Diffuser Case Example
• If we test
12
all combinations of all variables, we need
to run 2 = 4096 tests with no replication.
• Using the DOE technique only 43 of the possible
points were tested. Resulting tests yielded the
process levels necessary to optimize the quality and
blueprint conformance of manufacturing the diffuser
case.
55
Design of Experiments (DOE)
Benefits:
• Provides a tool to understand variability in design and
manufacturing.
• Reduces time to establish mature design and
manufacturing processes.
• Saves time and money by optimizing the experiment
input and output.
• Reduces potential of nonconformances.
56
Statistical Process Control (SPC)
57
Statistical Process Control (SPC)
Fastener Example
36 LCL = 29.9746
X-bar
34
32
30
28
0 1 2 3 4 5 6 7 8 9 1011 12 13 14 15 16 1718 19 20
Subgroup
58
Statistical Process Control (SPC)
Fastener Example
12 C enterline = 5.8
L CL = 0.0
9
Range
0
0 1 2 3 4 5 6 7 8 9 1011 12 13 14 15 16 1718 19 20
Subgroup
59
Statistical Process Control (SPC)
RSRM Phenolic Tag End Example
RSRM Production
• Material acceptance data ensures constituents are in family of
previously used components and the statistical trends can identify
potential subtle changes in vendor processes.
• One (of many) nozzle phenolic insulator parameters trended is
residual volatiles remaining after phenolic sample is heated.
• SPC evaluation showed changes in residual volatile levels of silica
cloth phenolic.
• Additional investigation revealed unanticipated change in silica
vendor furnace brick (resulting in slightly different oven heat
environment during silica processing).
• Corrective action implemented at vendor prior to continued silica
production - subsequent data verifies return of parameters to
within statistical expectations.
60
Statistical Process Control (SPC)
RSRM Phenolic Tag End Example
3.00
2.50
1.50
R
e
s
V 1.00
o
l
s
0.50
0.00
1
13
16
28
31
43
46
58
10
19
22
25
34
37
40
49
52
55
61
64
67
70
Sample Number 61
Statistical Process Control (SPC)
Benefits:
• Statistical process control provides a vehicle to ensure
manufacturing process stability and end product
reliability.
• Process anomalies can be discovered earlier and be
resolved without any reliability impact on end product.
Limitations:
• SPC data and controlled features may not be directly
related to reliability concerns.
• SPC technique may not be effective when applied to
small run manufacturing processes (total only few parts
are made).
62
Manufacturing Process Capability
63
Manufacturing Process Capability
Application Example
lox post
Injector Lox Post Tolerance Requirement
Background: Lox post OD and ID
dimensions have significant effect on lox
and fuel mixture property. Uneven
mixture of the propellants and localized
overheating impact engine performance
and reliability
64
Manufacturing Process Capability
Application Example
• Tolerance boundaries were established as +/- .0005” for both OD and ID.
65
Manufacturing Process Capability
Example: Main Injector Lox Post ID Dimension
-3s +3s
frequency
-5 -3 -1 1 3 5 (X 0.0001”)
66
Manufacturing Process Capability
Benefits:
• Manufacturing process capability data are vital to support design
feasibility.
• Manufacturing process capability is a good tool to judge the
suitability of the process to build a specific design.
Limitations:
• Process capability data represent dynamic manufacturing
environment that can be easily misused.
• Maintaining a manufacturing process capability data bank is a very
intensive effort.
67
Conclusions/Recommendations
68