Risk Analysis

Download Report

Transcript Risk Analysis 

SHU – The Running
Companion
Dan Strauss
Kyle Anderson
Katie Klacik
Brian Baumgartner
Project Overview

GPS, exercise, etc.
Definitions

Criticality
– Low – inconvenient, fairly easy to fix
– Medium – device is completely unusable,
or the component can’t be easily replaced
– High – the user’s safety could be at risk

Environment
– Ground, mobile
Components




Microcontroller
Boost converter
Inductor
Schottky Diode
Microcontroller




16 bits
80 pins
1.336 failures per 10^6 hours (low?)
MTTF – 7.49E5 hours
Boost




Simple CMOS device
8 pins
0.172 failure per 10^6 hours
MTTF – 5.81E6 hours
Inductor





Failure based on temperature
Ambient temperature – 40 degrees
Temperature rise – 55 degrees
0.06 failures per 10^6 hours
MTTF – 1.6E7 hours
Diode




Based on type and junction
temperature
Otherwise, pretty generic
5.4 failures per 10^6 hours
MTTF – 1.9E5 hours
Failure
Failure
Mode
Possible Causes
Failure Effects
Method of
Detection
Criticality
Remarks
Microcontroller
Signals stop
going
between
components
Power circuit
failure, poor
heat dissipation
Unpredictable;
depends on
state of signals
and other
components
when MCU failed
Device stops
working
completely
Medium
Poses no health risks,
but will be very
difficult to replace the
part
Boost
No power or
low power to
most
components
Any failure in
boost’s
supporting
circuit
No damage;
many parts
simply cease to
function
Most
components
will stop
working; LCD
turns off
Medium
No health risks, but
will be difficult to
replace
Inductor
The boost
will stop
working; it
might take
damage
from current
spikes
Ridiculous
power surges;
highly unlikely
Same as above:
most
components will
stop working
correctly or at all
Components
don’t work,
LCD turns off
Low to
Medium
If the boost is
destroyed, same as
above; otherwise, the
inductor would be
easy to replace
Diode (short)
Low voltage
entering PLD
when SD
R/W is
enabled
High current or
voltage, both
unlikely;
general device
failure (low
lambda)
Potential
damage to
voltage
converter or SD
Reader
SD card can’t
be read from;
may not work
at all
Low
Only part of the
device will cease to
function and
replacement will
usually be simple
Battery


High risk device
Relies on resistors and capacitors
– Relatively high reliability



Failure could result in user injury
Too late for safety features in
hardware
Fuses might have been a good idea
Questions, comments,
and whatnot

Now!