HMI Reliability Dale Wolfe Reliability Engineer LMSSC*ATC*LMSAL dale.wolfe@lmco.com 650-424-3030
HMI Reliability Requirements for HMI Reliability are derived from the SDO HMI Product Assurance Implementation Plan, 2H00021 The following HMI reliability analyses are SDO MAR related deliverables covered by DID 4.2 EEE Parts Stress Analysis (PAIP 4.3.2) Reliability Prediction & Reliability Block Diagram (PAIP 4.3.3) Failure Mode and Effects Analysis & Critical Items List (PAIP 4.3.1) Limited Life Items (PAIP 4.3.4)
EEE Parts Stress Analysis The stress analysis was performed at the most stressful part parameters that can result from the specified performance and environmental requirements. Stress analysis results are compared to EEE-INST-002 derating guidelines and documented in 2H00233, Rev A, “EEE Parts Stress and Derating Analysis Those parts that were determined to exceed their derating limits were resized, redesigned, or removed from the system Currently no parts exist in the HMI Instrument that exceed the derating limits of EEE-INST-002
Reliability Block Diagram HMI Reliability Block Diagram (full instrument)
Reliability Block Diagram HMI Reliability Block Diagram (degraded instrument) Not required
Reliability Prediction The reliability prediction calculates the probability of success for the HMI instrument over the 5-year mission. The HMI Reliability Prediction and Reliability Block Diagrams are documented in 2H00032, Rev A. Failure rate calculations are primarily derived from MIL-HDBK-217F Mechanism failure rates are derived from similar mechanisms on-orbit experience and life testing Changes from the PDR reliability calculation include the incorporation of RAL CEB reliability numbers, update in mechanism cycling and use of vendor failure rates for Actel FPGAs. This resulted overall in a slightly higher HMI reliability calculation from PDR Subsystem Full Instrument Degraded Instrument Camera and Camera Electronics (Includes Camera I/F electronics) 0.8651 0.9951 HMI Electronics 0.9590 0.9926 Mechanisms & Mech. Controllers 0.9737 0.9955 Oven/Optics 0.9990 Total (5 years) 0.8070 0.9823
FMEA and Critical Items List An FMEA is a procedure by which the ways an item or function can fail (failure modes) are identified and the effects of the failures on performance (failure effects) and mission objectives (severity) are evaluated. The following severity categories are used in the FMEA for each failure mode. Category Severity Description 1 Catastrophic Failure modes that could result in serious injury, loss of life, or total loss of mission. 1R Failure modes of identical or equivalent redundant hardware items that, if all failed, could result in category 1 effects. 1S Failure in a safety or hazard monitoring system that could cause the system to fail to detect a hazardous condition or fail to operate during such condition and lead to Sev. Cat. 1 consequences. 2 Critical Failure modes that could result in loss of one or more minimum mission objectives as defined by the GSFC project office. 2R Failure modes of identical or equivalent redundant hardware items that could result in Category 2 effects if all failed. 3 Significant Failure modes that could cause degradation to full mission objectives and still meet a minimum mission. 4 Minor Failure modes that could result in insignificant or no loss to mission objectives.
FMEA and Critical Items List Failure modes that affect the SDO or HMI mission adversely, category 1, 1R, 1S and 2 are identified on a Critical Items List. The critical items list is maintained within the FMEA where a risk mitigation approach is listed for each item. The FMEA and Critical Items list is documented in HMI document 2H00229, Rev A.
Critical Items List Critical Item Mitigation approach Power Converter subsystem Relay Select circuitry: CAMERAS 1 & 2 CCD DECONTAMINATION HEATERS OVEN CONTROLLERS 1 & 2 Affected components: SN54154J decoder 54HC14 inverter HCPL523 optocoupler resistor Design is currently under review to possibly remove this category 2 single point failure Optics/Optics signal path: Lens, mirror, beam splitter The optics are set up, aligned and tested on an optical bench prior to being installed in the optics package. Environmental testing will include vibration testing and thermal cycling at qualification temperatures. Testing, handling and operation to be contamination and environmentally controlled.
Limited Life Items Limited Life items are defined as those items that are time or cycling sensitive in nature and whose expected useful life is less than twice the required life The limited life items are maintained in the HMI FMEA, document 2H00229 Mitigation actions are identified in the limited life items list to minimize potential risk in meeting mission requirements and provide confidence in their use for the duration of the HMI mission.
Limited Life Items Subsystem Limited Life Item Expected life Required life Failure Impact Risk Mitigation Mechanisms Polarization Selector mechanism hollow core motor 160 million operations 80 million operations Modulator does not rotate resulting in a loss of instrument data due to inability to make spectro-polarimetric measurements and produce 3-dimensional vector magnetographs. Redundancy (2 of 3 motors required) has been incorporated. Life test is in progress. Testing will include vibration and thermal testing. No history of failure with similar mechanisms used in life tests and on orbit for prior programs. Michelson Interferometer (Tunable Filter) mechanism hollow core motor 40 million operations 20 million operations Filter does not rotate resulting in the loss of ability to orient filter and capture images at very specific wavelengths of light: degradation of instrument data Redundancy (3 of 4 motors required) has been incorporated. Life test is in progress. Testing will include vibration and thermal testing. No history of failure with similar mechanisms used in life tests and on orbit for prior programs. Shutter Motor and Bearings 80 million exposures 40 million exposures Shutter fails: loss of instrument data from one camera. Life test is in progress. Similar shutter mechanisms are qualified, including life testing. Similar shutters used on the MDI and TRACE with no problems after many millions of operations.
Summary All EEE components meet the derating requirements of EEE-INST-002 Reliability calculations and Reliability Block Diagram are prepared based on the latest HMI design and are documented No category 1 single point failures exist in the HMI instrument Category 2 single point failures are documented in the Critical Items List The Power Subsystem single point failure will be addressed prior to the build of the flight model HMI Limited Life items are identified and risk mitigation is documented