Probabilistic Safety
Stefan Mozar
22 December 2016
2/13/20171
IEEE 2016 ISPCE-TW
Introduction
Fires & Hazardous situations occur in consumer products for various reasons
17% of household fires in Tokyo are due to consumer products (2007)
Design evaluation and safety testing is only done on a very small sample, which is not statistically representative of the population
The techniques shown in this presentation apply to high volume production items
2 2/13/2017
Literature Review
Tolerance Analysis
– Sandler: a comparative study on the differences of tolerance analysis
–Military are concerned with reliability safety, which resulted in a number of MIL standards. These set some very stringent criteria for product approval
– They are not suitable for consumer products, but show what can be done
– Tolerance engineering and Six Sigma are further developments, and Motorola developed Six Sigma
– Taguchi applied DOE to solve quality problems
– Brombacher from Philips applied these techniques to consumer products
3 2/13/2017
Design
ProcessMaterial
Problems can occur due to one of three major reasons
–Design
–Material
– Process
This study considers only the design process
Problem Illustration & Tolerance Analysis
4 2/13/2017
Small sample size
Components from similar batches introduce statistical bias
Tolerance analysis generally not done by designer or safety engineer
Protection Circuit Problem
5 2/13/2017
This illustration is about an over voltage protection circuit
Tolerance Analysis Methods
There are three well known methods for tolerance analysis:
– Root Sum Square Analysis (RSS)
– Extreme Value Analysis (EVA)
–Monte Carlo Analysis (MCA)
6 2/13/2017
Root Sum Square Analysis (RSS)
It is “commonly used” and simple form of tolerance analysis
𝐕𝐚𝐫 𝑽𝒐 = σ𝐢=𝟏𝑵 𝝏𝑽𝒐
𝛛𝒙𝒊
𝟐∙ 𝑽𝒂𝒓 𝑿𝒊
– Where:
– Vo - output voltage (but voltage can be replaced by current, power, impedance etc.)
– Xi - the dependent variable that cause the variance (e.g. resistor, capacitor etc.)
works well for DC circuits, but not for AC circuits or semiconductors due to their non-linear properties
7 2/13/2017
Extreme Value Analysis (EVA)
This method is based of on RSS, except that only the worst case tolerances are used
This results in very stringent designs, that are generally too expensive for consumer applications
The main application for this method is safety critical applications
The probability that all components would be at extreme tolerance is unlikely, thus this method is not widely used
8 2/13/2017
It is a simulation model that algebraically adds component tolerances.
The component tolerances are determined by a random number generator.
The simulation provides data that can be used to estimate design yield of a protection circuit
Monte Carlo Analysis (MCA)
9 2/13/2017
Results of over 100 simulations
Determining Sample Size for MCA
MCA provides an estimate of the expected value of a random variable, and it predicts what the error of the estimate is.
𝜀 =3𝜎
𝑁
Where,
𝜀 = error estimate
σ= standard deviation
N= number of samples
From the above we get
𝑁 =3σ
𝜀
2
10 2/13/2017
Comparison of Tolerance Analysis Methods
11 2/13/2017
Method Mean Minimum Maximum # of STDEV
ConfidenceInterval
EVA 5.013 4.423 5.604 4.414 99.999 %
RSS 5.023 4.583 5.463 3.048 99.770 %
MCA 5.032 4.416 5.648 4.265 99.998 %
Extract from Sandler’s paper
Process Capability Analysis
Process capability Analysis is a very powerful tool for engineering design.
It can use the data generated by MCA, as each simulation is equivalent to doing one set of measurement. The complete simulation corresponds to collecting the results from a batch of circuits
There are two very useful process capability parameters:
1. Process Capability
2. Process Capability Index
12 2/13/2017
Cp measures the design capability in relation to the design limits
In order to see how well the data fits within the specs Cpk is used. It shows how well the design is centered within the design specifications.
𝐶𝑃 =(𝑈𝑆𝐿−𝐿𝑆𝐿)
6𝜎
𝐶𝑃𝐾 = 𝑀𝑖𝑛
𝑈𝑆𝐿− ҧ𝑥
3𝜎
ҧ𝑥−𝐿𝑆𝐿
3𝜎
– Where
– CP – Process Capability
– CPK – Process capability Index
– USL - Upper Side Limit
– LSL – Lower Side Limit
Process Capability Index
13 2/13/2017
Normal Distribution
14 2/13/2017
Quality Levels CPK values
Super CPK > 2.0
Excellent 1.67 < CPK < 2.0
Satisfactory 1.33 < CPK < 1.67
Capable 1.00 < CPK < 1.33
Inadequate 0.67 < CPK < 1.00
Poor CPK < 0.67
CPK 0.67 1.00 1.33 1.67 2.00ppm 45500 2700 66 0.54 0.002
Interpreting Process (Design) Capability
15 2/13/2017
• The goal is to achieve Cp and Cpk of 2 or better.
• Cpk can also help make decisions about the robustness of the design.
Solving Robustness Problems
The method described here is known as Design of Experiments (DOE), or Parameter Design.
This method is used to identify parameters (components) that affect the design performance.
DOE is based on identifying the variables that affect the circuits performance, and are divided into two types.
They are design parameters and signal-to-noise ratios
Design parameters are specified by the designer and include specs such as trigger voltage level.
SNRs are either external or internal, and include items such as temperature, humidity, vibration and so on.
16 2/13/2017
The variables are put into design and noise matrices. The columns of the design matrix represent the design variables and their test results. Each row in the design matrix represents a circuit.
The columns in the noise matrix represent the noise factors, and the rows represent different levels of noise.
Solving Robustness Problems
17 2/13/2017
This is illustrated with an example of a protection circuit of a high voltage generator.
The wave forms of the trigger circuit on the left is its nominal value. That on right is the result from a MCA.
The data from the MCA was used to calculate the robustness of the circuit.
An example
18 2/13/2017
Example continued
The result obtained was :
Cpk= 0.5
This provides a yield of 96%
The trigger circuit needs to design centered
The results of a parameter design are shown in the table below
C5 is shown as the most
Significant factor. It will be used
for design centering.
19 2/13/2017
Top 5 significant parameters
1 C5 *************
2 R6 *********
3 R7 ********
4 C10 ********
5 R1 *******
The scatter diagram shows the trigger voltage vs C5. It conforms that C5 has an influence on the trigger voltage.
After modifying the circuit (increase in value of C5), the circuit was analyzed with another MCA run.
20 2/13/2017
The result were that a Cpk of 1.3 was achieved with a design yield of about 100%.
Conclusion
To prevent a hazardous situation a probabilistic evaluation of protection circuits should be done for high volume products.
The data gather from this evaluation can be used to estimate design yields.
The data can also be used for a quantitative based risk assessment of potential safety hazards
It should be understood that this method does NOT replace traditional methods of safety evaluation, but rather compliments it.
21 2/13/2017
Questions
22 2/13/2017
Thank You for Your Attention!
23 2/13/2017